Workflow designer + cross-platform evidence verifier for multi-agent AI systems.
![]()
![]()
![]()
Depone generates safe workflow contracts and verifies agent-session execution evidence. It does not execute agents - it makes runs from other frameworks and agent sessions (Codex, Claude, Conductor, LangGraph) trustworthy.
# Installation from source. PyPI publishing is not active yet.
git clone https://github.com/Moonweave-Systems/Depone
cd Depone
python -m pip install --no-deps .
# Check the agent-safe tool surface.
depone doctor --json
# Run the offline design -> compile -> verify demo.
depone demo --json --out depone-quickstart
# Or step by step:
depone design "audit all API routes for authentication" --surface . --out plan.json
depone validate plan.json
depone compile plan.json --target conductor --out workflow.yaml
depone verify plan.json --evidence ./evidence/ --out report.json --operator-view-out operator-view.md
# MCP stdio server for MCP-capable agents: python -m depone mcpTo independently smoke-test source installation in a clean virtualenv, run:
python scripts/install_smoke.py --jsonThe smoke installs Depone from the local source tree with --no-deps, runs the
installed depone doctor, and re-validates a committed team-ledger artifact.
It does not publish a package or claim PyPI readiness. The latest checked-in
machine artifact is
docs/install-readiness/install-smoke.json.
Agent-session evidence loop:
depone run --runner-sandbox ./runner-worktree \
--source-fixture depone/fixtures/agent_fabric/reference_adapter_shell.json \
--out ../observer/evidence-run --allow-touched-file sample.txt \
--verify-plan plan.json --verify-evidence ./evidence \
--json -- python -m unittestdepone run is the small native runner-facing entrypoint for the same
evidence loop as depone evidence-run. It does not add a scheduler or execute
agents by itself; it preserves the existing observe -> substrate -> ingest ->
verify boundary.
Depone ships the stdlib-only CLI, a strict plan validator, a Conductor YAML
emitter, a generic evidence adapter, and the bounded verification engine.
Run model: a slice is one atomic worker task, a wave is a gated group of
one or more slices, and a run is one or more waves verified by receipts and
evidence gates.
| Command | Description |
|---|---|
depone doctor |
Check package-local readiness for agent-session use |
depone design |
Generate a safe workflow contract from a broad objective |
depone validate |
Validate a plan.json against the schema v0.5 |
depone compile |
Translate a plan into a target framework format (Conductor YAML) |
depone verify |
Verify execution evidence against a plan |
depone observe |
Capture observer-owned evidence for a runner sandbox |
depone evidence-substrate |
Emit in-toto/DSSE and OTel GenAI-shaped evidence |
depone evidence-ingest |
Verify external evidence subject digests as untrusted input |
depone evidence-chain |
Verify an ordered append-only capture manifest chain |
depone evidence-run |
Run the common observe -> substrate -> ingest -> verify loop |
depone run |
Native-runner convenience alias for evidence-run; not a scheduler |
depone team-launch-preflight |
Non-executing gate for planned team lanes |
depone team-worktree-prep |
Create/select local lane worktrees without launching agents |
depone next |
Re-validate an evidence-run directory and recommend the next safe action without executing it |
depone advance |
Re-validate with next, then run exactly one existing evidence-run continuation when unblocked |
depone mcp |
Serve the same evidence/verify capabilities over MCP stdio |
depone demo |
Run a complete design -> compile -> verify cycle |
Internal compatibility commands remain available for existing automation:
validate-contracts and the agent-fabric-* command family.
Agent sessions perform work in a runner sandbox, then call depone run --json.
Depone writes observer-owned evidence such as observer-capture.json,
capture-manifest.json, evidence-bundle.json, ingest-verdict.json, and
verify-report.json, then returns one JSON verdict.
Depone designs multi-agent workflows and verifies their execution evidence. It does not execute agents. It makes runs from other frameworks trustworthy.
design makes safe workflow contracts, compile emits target artifacts, and
verify checks execution evidence against the plan. run is the evidence-native
entrypoint for the existing local evidence loop: a compatibility alias over
evidence-run, not a general-purpose agent-team scheduler. next is the
non-executing revalidation gate. advance is the explicit one-step operator
gate: it refuses unless next returns continue with zero blockers, then runs
exactly one evidence-run continuation and writes advance-decision.json.
Depone treats artifacts, not model claims, as the source of truth.
Generated out/ directories are verification evidence, not source of truth.
Destructive actions, network access, dependency installation, secret access,
production deployment, and history rewrite require explicit gates.
Depone is moving from agent-safe CLI and evidence substrate toward stronger
session receipt adapters, operator signing policy, and A2 isolation paths. The
team-runtime bridge now has a non-executing launch preflight and a local
worktree preparation receipt. The committed fixture directories are
docs/team-launch-preflight/ and
docs/team-worktree-prep/. These artifacts do not
launch agents or prove task completion; they bind the next local team-runtime
rung to machine JSON.
Depone claims no direct-agent superiority - it is a design + verification layer, not an agent runtime.
It does not claim upward performance. It is not a public benchmark graph.
public trend promotion requires real release history and measured improvements
over established baselines; it is blocked until release history supports it.
Trend promotion is blocked until release history supports the claim.
The skill is named depone.
python scripts/dwm.py doctor
python scripts/dwm.py commands --kind product
python scripts/check_readme_quality.py README.mdLegacy diagnostics: python scripts/dwm_demo.py run --out out/demo/quickstart, python scripts/dwm_demo.py inspect --demo out/demo/quickstart, python scripts/dwm.py status --run out/v9/v32-semantic-dogfood, python scripts/dwm.py next --run out/v9/v32-semantic-dogfood, python scripts/dwm.py commands --kind release.
Dogfood benchmark progression across attempts.
Live benchmark history - not a public benchmark graph. Benchmark visuals are source-bound.
Core CLI commands include built-in --self-test, including verify,
observe, evidence-substrate, evidence-ingest, run/evidence-run,
next/evidence-next, advance, and demo.
python scripts/install_smoke.py --json
python scripts/check_contract.py --tier changedDepone is not a prompt-only workflow router and not a clone of any one runtime. It is a design + verification layer above existing execution engines. DWM Core keeps agentic work inspectable, reproducible, resumable, and honest about what has actually been executed.
docs/agent-tool-contract.md: agent-facing CLI and evidence contract.docs/command-reference.md,docs/spec.md, anddocs/release-history.md: command, product, and release references.references/workflow-plan-schema.mdandSKILL.md: plan schema and installed Codex skill.
MIT. See LICENSE.