Self-hosted control plane for AI agents. Definitions live in Git, every change is a commit (PR by default, or direct commit in YOLO mode), and runs, audit logs, and identity stay in your environment.
Tembo Agent Studio (TAS) treats agents like production software, not editable prompts in a vendor console. Agents are spec files in a GitHub repository you own. New agents, edits, and run feedback produce reviewable Git diffs. Runs, identity, audit history, secrets, and approvals stay in your deployment.
| Area | What TAS provides |
|---|---|
| Source of truth | Agent definitions in your GitHub repository |
| Authoring | Pull requests by default, direct commits in YOLO mode |
| Runtime | Self-hosted web app, Rust API, and Postgres |
| Agent frameworks | Pydantic AgentSpec and Cargo AI |
| Triggers | Manual runs, schedules, external events, webhooks, and Slack apps |
| Tools | Composio integrations, native MCP servers, and reusable Skills |
| Governance | Tasks Inbox, roles, audit log, draft/stable versions, agent locks |
Tembo's hosted Coding Agent Platform is optional. TAS can run hand-authored agent specs without it. Add a Tembo API key when you want natural-language authoring, chat-to-edit, and "Improve" flows that open PRs for review.
Fastest path on any Docker host:
./scripts/dev-up.shThe script is safe to rerun. On first run it:
- writes
.envwith random development secrets, - enables email/password sign-in by leaving OAuth unset,
- boots Postgres, the API, and the web app with Docker Compose,
- waits for the web app,
- seeds an admin account and prints the login details.
When it finishes, open http://localhost:3000, sign in, and create a workspace.
The bundled sample agents under agents/ appear automatically until
you connect your own GitHub repository.
cp .env.example .envAt minimum, set these required secrets:
BETTER_AUTH_SECRETTAS_ENCRYPTION_KEYINTERNAL_API_TOKEN
Generate each with:
openssl rand -base64 32Set INSTANCE_ADMIN_EMAILS to one or more comma-separated emails. These users
can create the first workspace and reach instance-level settings. Without this
value, the instance is invite-only and nobody can bootstrap administration.
By default, when no OAuth provider is configured, the login screen offers email/password sign-in. This is useful for local development and sandbox evaluation.
For production or multi-user deployments, configure one OAuth provider instead. Email/password turns off automatically when any provider is set:
GOOGLE_CLIENT_IDandGOOGLE_CLIENT_SECRET, orMICROSOFT_CLIENT_ID,MICROSOFT_CLIENT_SECRET, andMICROSOFT_TENANT_ID, orOIDC_DISCOVERY_URL,OIDC_CLIENT_ID, andOIDC_CLIENT_SECRET
Build from source with the default compose file:
docker compose up --buildOr run published GHCR images:
docker compose -f compose.release.yaml pull
docker compose -f compose.release.yaml up -dOnce healthy:
- Web:
http://localhost:3000 - API health:
http://localhost:8080/health - Postgres:
localhost:5432
The API applies database migrations automatically on boot via sqlx::migrate!().
After the first admin signs in:
- Create a workspace.
- Connect the GitHub repository that stores agent definitions.
- Add an Anthropic and/or OpenAI API key so agents can run.
- Add a Composio key if agents need external app connections.
- Optionally add a Tembo API key to enable chat-to-PR authoring and run improvement requests.
The full zero-to-running checklist lives in Customer setup.
- Workspaces group agents, runs, members, secrets, connections, and audit history.
- Agents are versioned files in Git. TAS tracks draft and stable versions, the backing commit, and the run history for each agent.
- Runs execute an agent once and record model output, tool use, cost, and operational status.
- Connections let agents act through user-authorized external systems such as Slack, Gmail, Sheets, Attio, Linear, HubSpot, and native MCP providers.
- Tasks Inbox is the human-review surface for agent output that needs a decision before acting in the source system.
- Automations and webhooks run agents on schedules, external events, or signed inbound requests.
- Local or self-managed host:
docker-compose.ymlbuilds from source. - Prebuilt images from GHCR:
compose.release.yamlpullsghcr.io/tembo/tas-apiandghcr.io/tembo/tas-web. - Managed platforms: see the deployment guides for Railway, AWS, and Vercel.
Pin TAS_VERSION in .env when using compose.release.yaml so upgrades are
intentional and reproducible.
Prerequisites:
- Docker or OrbStack
- Node
22+ pnpm10.24+- Rust
1.93+
Run everything with Docker:
docker compose up --buildOr run only Postgres in Docker and develop services on the host:
docker compose up -d postgresAPI:
cd api
cargo runWeb:
cd web
pnpm install
pnpm devUseful verification commands:
# web
cd web
pnpm lint
pnpm test
# api
cd api
cargo testWhen you change product behavior, update the user manual under docs/
in the same change. If you edit markdown under docs/src/content/docs/, run
cd web && pnpm gen:docs so the in-app docs bundle stays in sync.
agent-studio/
|-- web/ Next.js control plane UI
|-- api/ Rust API, runner orchestration, migrations
|-- docs/ Astro Starlight user manual
|-- agents/ Bundled sample agent specs
|-- context/ Planning, phase notes, demos, user stories
|-- scripts/dev-up.sh One-command local/sandbox bootstrap
|-- docker-compose.yml Source-build compose stack
`-- compose.release.yaml Published-image compose stack
Repo-specific contributor guidance lives in AGENTS.md. If you
change product behavior, update the user docs under docs/ in the
same change.
The product manual is published at
tembo.github.io/agent-studio. Source
files live under docs/.
Recommended entry points:
- Introduction
- Getting started
- Customer setup
- Authoring agents
- Running agents
- Connections
- Model Context Protocol (MCP)
- Slack Apps
- Skills
- Tasks Inbox
- Automations & triggers
- Example Agents
- API Reference
See CHANGELOG.md for shipped work and
ROADMAP.md for what is next.