WELES ENTERPRISE BRIEFING →
Open-source agent control plane PRIVATE SYSTEMS · POLICY FIRST

Run open-source agents.
Keep corporate control.

Weles Enterprise is the governed execution layer for companies that want open-source agents inside real systems: identity, permissions, tool brokering, sandboxing, approvals, and replayable audit.

OPEN CONTROL PLANE → READ PROTOCOL
[ local agents ] [ brokered tools ] [ full audit ]
Weles Enterprise command center
REC
WLS-ENT-0001 / AGENT GOVERNANCE FEED
[ 01 ] Protocol

The agent is not the security boundary.

The model may plan, reason, and request action. It never decides what it is allowed to do. Authority lives in Weles: policy, scoped secrets, tool execution, approvals, and audit.

01 // IDENTITY

Real actors

User, agent, tenant, project, environment, task, approval chain. No anonymous automation.

02 // POLICY

External authority

Permissions are evaluated outside the model by role, data class, tool risk, and resource.

03 // BROKER

Mediated tools

Agents see a reduced tool surface. Every call is checked, scoped, logged, and returned as evidence.

04 // AUDIT

Replayable work

Prompts, retrieved docs, denied calls, approvals, tool I/O, artifacts, cost, and errors are reconstructable.

[ 02 ] Why

Open-source agents are inevitable. Ungoverned agents are not.

// companies want local control // teams want open tools // security wants hard boundaries

Enterprises will not standardize on one hosted black-box agent. Teams will bring their own open-source agents, frameworks, models, and tools. Weles gives those agents a controlled operating layer before they touch company systems.

This is not a chatbot with SSO. It is infrastructure for autonomous work: a tool firewall, a policy engine, an approval system, a sandbox broker, and an audit trail built for internal systems.

Use the agent you trust. Run it where your data is allowed to live. Let Weles decide what it may see and do.

[ 03 ] Runtime

Every task runs like a controlled operation.

One task. One scoped runtime. One explicit policy envelope. Credentials are temporary, network access is bounded, and the final artifact has a trail.

weles@control — protocol
$ weles run agent://sre --project payments-api
> LOAD IDENTITY: kacper / sre-oncall
> FILTER TOOLS: metrics.read, logs.read, k8s.staging.exec
> BLOCK: k8s.production.mutate
> REQUEST APPROVAL: production diagnostic command
> STORE TRACE: WLS-AUDIT-8F31
STATUS: CONTAINED ✓
[ 04 ] Control Plane

Admin UX for agent permissions, not chatbot settings.

Security and platform teams need a matrix: who can run which agent, what it can read, what tools it can call, which actions need approval, and what model boundary applies.

Tool Permissions Matrix

Configure each open-source agent by role, project, environment, risk class, and resource.

Tool
Eng
SRE
Sec
Ops
GitHub: open pull request
ALLOW
ALLOW
ALLOW
DENY
Kubernetes: production mutate
DENY
APPROVE
APPROVE
DENY
CRM: update account notes
DENY
DENY
DENY
ALLOW
Restricted data export
DENY
DENY
APPROVE
DENY
Prompt User delegates incident triage for payments-api.
Retrieval Runbooks filtered before model context.
Tool Call Metrics allowed; production command escalated.
Artifact Diagnosis and approval trail stored for replay.
[ 05 ] Agent Profiles

Bring the agents. Weles supplies the operating discipline.

Engineering, SRE, security, data, and operations teams can run different open-source agents under the same enterprise control plane.

Engineering

Code Agent

Reads repos, explains code, creates patches, opens PRs, and observes CI without production authority.

Reliability

SRE Agent

Reads logs, metrics, and runbooks, then proposes remediation behind approval gates.

Security

Security Agent

Enriches alerts, triages vulnerabilities, creates tickets, and preserves suppression controls.

Analytics

Data Agent

Queries approved datasets, respects row-level security, and blocks restricted exports by default.

Operations

Ops Agent

Reads CRM context, drafts external communication, updates notes, and requires confirmation to send.

[ 06 ] Deployment

Packaged for teams that cannot leak the boundary.

Weles is strongest where agent work meets regulated data, internal systems, private infrastructure, and audit obligations.

// 01

Team Server

Shared gateway, SSO, basic policy, central logs, and brokered connectors.

// 02

Self-Hosted

Kubernetes, customer VPC, customer database, customer secrets manager.

// 03

Private Models

Azure OpenAI, Bedrock, local Qwen/Llama, or classification-based routing.

// 04

Regulated Mode

CMK, private endpoints, strict retention, SIEM export, and replay reports.

// 05

Air-Gapped

No external telemetry, explicit model boundary, egress control, offline operation.

Open-source agent power. Enterprise containment.

Weles gives companies a hard operating layer between agent autonomy and internal systems: policy, brokered tools, scoped credentials, approvals, isolation, and audit.

START BRIEFING →