-
Notifications
You must be signed in to change notification settings - Fork 2
architecture ai agent pipeline
Note
👋 Hey there! Siyarix is a personal passion project built by a single developer that is growing and under active development. Some of the architectural components and features described on this page might currently be Planned, Work in Progress, or basic implementations. Stay tuned as it evolves! 🚀
Welcome to the heart of Siyarix! The AI agent pipeline is the central nervous system that takes user inputs and transforms them into intelligent, goal-driven actions.
Orchestrated by the AgentCore, this pipeline processes every request through a structured, highly secure lifecycle: Plan → Execute → Observe-Reason-Act. It supports four different operational modes and features an autonomous feedback loop, budget checking, and multi-wave execution to ensure your goals are met safely and efficiently.
Think of the lifecycle as a well-oiled factory assembly line. Each request goes through a series of checkpoints to ensure it is understood, planned, validated, and executed correctly.
flowchart TD
User([User Input]) --> Router[IntentRouter]
Router --> CM[Context Manager]
CM --> PR[Planner Router]
PR -->|Heuristic| RP[Registry Planner]
PR -->|Dynamic| AP[Autonomous Planner LLM]
RP --> Gate[PermissionGate + DLP Engine]
AP --> Gate
Gate -->|Allow/Review| Exec[ExecutionEngine]
Exec --> ORA[Observe-Reason-Act Loop]
ORA -->|Autonomous| ORA
Note
The diagram above simplifies the flow, but in reality, the PermissionGate and DLP Engine act as a unified security checkpoint, not sequential steps.
The very first step is understanding what the user wants. The IntentRouter classifies the input by looking for specific keywords to determine the operational mode, risk tier, and latency expectations.
| Keyword | Mode | Risk Tier | Latency |
|---|---|---|---|
scan, nmap, port scan
|
scan | MEDIUM | ~0ms |
recon, enumerate, discover
|
recon | LOW | ~0ms |
web, http, nikto, nuclei
|
web | MEDIUM | ~0ms |
brute, crack, password
|
brute | HIGH | ~0ms |
exploit, metasploit, attack
|
exploit | HIGH | ~0ms |
Once classified, the router produces an IntentRoute that specifies the mode, risk tier, and whether human confirmation is required before proceeding.
Before the AI can plan, it needs to understand the current situation. The Context Manager gathers all necessary background information to create the LLM's context window.
Here's what goes into the context:
- Conversation History: A rolling window of up to 300 recent messages.
- Knowledge Graph Summaries: Information about known entities (e.g., target IPs, domains).
- Current Phase: Where we are in the operation.
- Tool Availability: What tools can be used right now.
- Session Metadata: Information about the target, mode, and previous findings.
Tip
To keep things fast and within token limits, the CompactionEngine actively compresses and optimizes this context before it reaches the planner.
Once the context is set, the system needs a plan of action. The Planner Router decides which planning strategy to use based on the current mode.
Used in registry or offline modes.
- How it works: Maps intents directly to pre-defined plan templates using a keyword index.
- Why it's great: With over 500 multi-word intent patterns, it's fast, deterministic, and requires no AI. It acts as a bulletproof fallback in air-gapped or offline environments.
Used in autonomous mode.
- How it works: Feeds the intent, compressed context, and available tools to an AI model.
-
Why it's great: It returns a structured
ExecutionPlandetailing exactly which tools to run, in what order, and with what arguments. It even includes self-healing capabilities (ToolCallRepair) if the LLM makes a syntax mistake!
Security is our top priority. Before any plan is executed, every single step must pass through our unified security layer.
- Syntax Validation: Checks for dangerous patterns like shell injections, null bytes, or invalid target formats.
- Danger Analysis: Scans against 38+ signatures for destructive or high-risk behaviors.
- Data Leak Prevention (DLP): Inspects the plan using 24+ signatures to ensure sensitive data isn't accidentally leaked or transmitted improperly.
Possible Outcomes:
- 🟢 ALLOW: The action is safe and proceeds immediately.
- 🟡 REVIEW: The action is risky and requires manual user confirmation.
- 🔴 BLOCK: The action violates core safety rules and is permanently denied and logged.
Important
If you are running in strict safety mode, many actions will default to REVIEW or BLOCK to ensure maximum safety.
Now it's time to turn the plan into reality! The execution subsystem handles the heavy lifting:
-
Validate:
BaseExecutordouble-checks the plan structure and ensures you have enough budget left. -
Check Integrity: The
Validatorensures all tools are installed and arguments are correct. -
Dispatch: The
AsyncWorkerPoolruns the steps concurrently (but within safe limits). - Parse Output: Results are routed through tool-specific parsers.
- Extract Knowledge: Important findings are saved directly into the Knowledge Graph.
-
Handle Errors: If something breaks, the system can gracefully
RETRY,SKIP, or try anALTERNATIVE.
We use two main executors:
-
RegistryExecutor: For deterministic, template-driven execution. -
AutonomousExecutor: For full autonomy, capable of looping until the objective is met.
When running in AUTONOMOUS mode, the agent doesn't just run a script and stop. It thinks, adapts, and reacts using the Observe-Reason-Act loop.
Note
Unlike traditional architectures, reflection and learning are built natively into this loop rather than existing as a separate stage.
- 👁️ Observe: Collects environment state, tool outputs, scan results, and any errors.
- 🧠 Reason: Analyzes these findings, updates the Knowledge Graph, and uses the LLM to decide the absolute best next move.
- ⚡ Act: Executes the chosen commands, runs tools, or even delegates tasks to specialized sub-agents.
When does the loop end? The agent will keep working until:
- The objective is successfully achieved (verified by the LLM).
- It hits the maximum iteration limit (default is 10 loops).
- The session budget (tokens or cost) runs out.
- The user manually interrupts the process (e.g., hitting
Ctrl+C). - The Permission Gate blocks a critical action.
Some tasks require deep, progressive exploration. The AgentCore.execute_multi_wave() method handles this brilliantly.
Each "wave" executes the goal using the context and findings from the previous waves. It continuously feeds newly discovered intelligence back into the next wave, stopping only when no new findings are uncovered.
To prevent runaway costs or endless loops, the pipeline enforces strict session-level limits. Before any major action, _check_budget() ensures we are within safe operating bounds.
| Limit | Default | Environment Variable |
|---|---|---|
| Max tokens per session | 100,000 | SIYARIX_MAX_TOKENS |
| Max cost per session | $2.00 | SIYARIX_MAX_COST_USD |
Warning
If the limit is reached, the agent will throw a BudgetExceededError and immediately pause operations. You can adjust these limits via your environment variables.
As the pipeline runs, you're never left in the dark. All stages emit real-time events through the EventBus.
Some key events include:
-
AGENT_START: The agent has woken up. -
PLAN_CREATED: A plan of attack has been formulated. -
PLAN_STEP_START: A specific tool or command is starting. -
PLAN_STEP_FAILED: Something went wrong (the agent will try to recover!). -
AGENT_COMPLETE: The mission is over.
Once the pipeline finishes its work, it doesn't just dump raw text. It produces beautifully structured, highly useful artifacts:
| Output | Destination | Format |
|---|---|---|
| Findings | KnowledgeGraph | In-memory directed graph |
| Report | ReportEngine | Markdown, HTML, JSON (with CVSS scoring) |
| Audit Trail | AuditLogger | Tamper-evident SHA-256 chain |
| Session Log | ChatSession | JSONL tree format |
| Metrics | MetricsCollector | Execution metrics & statistics |
| Offline Backup | OfflineStore | SQLite WAL mode |
| Learned Skills | Continuous Learning | SQLite + anonymized patterns |
Note
👋 Welcome to Siyarix! This is a personal passion project built by a single developer. It's currently under active development and growing fast. Expect rough edges, but lots of love! ❤️
Welcome to the Siyarix Documentation Map! This page serves as your master compass for navigating the extensive documentation we have built for the platform.
Whether you are a brand new user, a seasoned security operator, or a developer looking to contribute to the core engine, you can find exactly what you need here.
Not sure where to start? Pick the path that best describes you:
Just getting started? We highly recommend following these guides in order:
- Installation Guide — Get Siyarix running on your machine.
- Onboarding Wizard — Let our interactive wizard help you set up your API keys and environment.
- Setup & Configuration — A deeper dive into customizing your setup.
- Your First Run — A gentle walkthrough of your very first Siyarix command.
Ready to put Siyarix to work? Dive into our operational guides:
- Interactive Chat (REPL) — Learn how to use the powerful interactive terminal.
- Security Workflows — Best practices for recon, vulnerability assessment, and incident response.
- Cloud & IaC Scanning — How to secure your cloud environments and infrastructure code.
- Compliance Frameworks — Map your scans to SOC 2, HIPAA, ISO 27001, and more.
Looking under the hood or wanting to write some code? Start here:
- Contribution Guide — Our workflow, standards, and how you can help!
- Codebase Overview — A comprehensive map of our 82+ source modules.
- Testing Standards — How we ensure reliability with pytest and CI/CD.
- Module Architecture — Component design and responsibilities.
If you prefer to browse the raw structure, here is a complete layout of the docs/ folder:
docs/
├── 🚀 getting-started/ # Installation, onboarding, and configuration
│ ├── installation.md # Multi-platform install (pip, brew, winget, docker)
│ ├── onboarding.md # The interactive 11-step setup wizard
│ ├── setup.md # Managing API keys, credentials, and settings
│ ├── first-run.md # A walkthrough of your first session
│ ├── configuration.md # A deep-dive into advanced settings
│ └── troubleshooting.md # Common issues and how to fix them instantly
│
├── 📖 user/ # Daily operations and workflows
│ ├── cli-commands.md # Reference for 50+ CLI commands across 12 groups
│ ├── interactive-chat.md # Mastering the AI REPL and 54+ slash commands
│ ├── security-workflows.md # Recon, vulnerability assessment, incident response
│ ├── cloud-scanning.md # Multi-cloud security scanning (under development)
│ ├── compliance.md # Framework mapping (SOC 2, NIST, GDPR, PCI-DSS)
│ ├── threat-intelligence.md# Integrations with OTX, NVD, and MITRE ATT&CK
│ ├── playbooks.md # Building automated YAML-based IR playbooks
│ ├── workflow-files.md # DAG workflow reference (programmatic API)
│ ├── reporting.md # Multi-format report generation
│ ├── offline-registry.md # Running without AI (Offline/Registry execution mode)
│ └── ai-workflows.md # Advanced AI-driven autonomous operations
│
├── 💻 developer/ # Building, testing, and extending Siyarix
│ ├── codebase-overview.md # Full module structure mapping
│ ├── contribution-guide.md # How to submit PRs and our coding standards
│ ├── module-architecture.md# Component design and responsibilities
│ ├── testing.md # Writing tests (pytest), coverage, and CI/CD
│ └── building.md # Packaging, distribution, and Docker builds
│
├── 🏗️ architecture/ # System design and core internals
│ ├── overview.md # High-level data flow and layered orchestration
│ ├── ai-agent-pipeline.md # The AgentCore reasoning and execution pipeline
│ ├── provider-abstraction.md# How we unify 26 different AI providers
│ ├── execution-engine.md # Plan-based step orchestration
│ ├── memory-and-state.md # Knowledge graph, session persistence, and learning
│ ├── security-model.md # The Permission Gate, DLP, audit logging, and OPSEC
│ └── intent-routing.md # Semantic intent classification and routing
│
├── 🧠 ai/ # Deep dive into the AI provider & agent systems
│ ├── routing.md # Managing 26 providers, failovers, and circuit breakers
│ ├── persona-system.md # Overview of our 10 security personas
│ ├── agent-reasoning.md # The Observe-Reason-Act loop and tool call repair
│ ├── tool-execution.md # The tool registry, capability graph, and parsers
│ ├── ensemble.md # Parallel LLM voting strategies
│ ├── multi-wave.md # Iterative goal execution with context carry-over
│ ├── prompt-architecture.md# System prompt design and management
│ └── safety.md # Our rigorous 8-layer hallucination mitigation system
│
├── 🛡️ security/ # Safety, ethics, and threat models
│ ├── reporting.md # How to safely report vulnerabilities to us
│ ├── threat-model.md # System threat model and our mitigations
│ ├── operational-security.md# TOR routing, stealth modes, and OPSEC controls
│ ├── ethical-policy.md # Mandatory rules of engagement for all users
│ └── abuse-prevention.md # How we prevent misuse of the AI engine
│
└── ⚖️ legal/ # Licensing and governance
├── agpl-guide.md # A plain-English overview of the AGPL-3.0-or-later license
├── why-agpl.md # The philosophy behind our license choice
├── trademark-policy.md # Branding and trademark guidelines
├── responsible-ai.md # Our framework for ethical AI usage
├── disclaimer.md # Important legal disclaimers
└── plugin-exception.md # The license exception for building custom plugins
As you read through the documentation, you might encounter some specific terms. Here is a quick cheat sheet:
| Term | What It Means |
|---|---|
| Provider | The backend AI engine powering Siyarix (e.g., OpenAI, Anthropic, Ollama). |
| Tool | A traditional security executable installed on your system (e.g., nmap, nuclei). |
| Plan | A step-by-step sequence of tool commands intelligently generated by the AI. |
| Workflow | A hardcoded, predefined execution path (usually defined in YAML/JSON) that doesn't require AI generation. |
| Persona | A specialized behavioral profile given to the AI (e.g., instructing it to act specifically as a "Network Recon Specialist"). |
| Knowledge Graph | Siyarix's internal memory where it stores findings (like IP addresses, open ports) to contextually inform future steps. |
Need help finding something specific? Feel free to use the search bar at the top of the documentation site, or open a discussion on our GitHub!