When one person solves a problem, everyone benefits. Multi-tenant. Three-tier memory. Enterprise-ready. Built in Go.
Astonish is a multi-tenant AI agent platform for teams and organizations. It solves problems dynamically using LLM-driven tool-use loops, distills successful interactions into reusable flows, and builds live interactive apps from plain English descriptions. Knowledge compounds across every conversation, every team member, every day — when someone solves a tricky problem, the solution flows into team memory and everyone benefits.
Run it as a shared platform backed by PostgreSQL for your organization, or standalone with SQLite for personal use. Same binary, same features, your choice.
Personal mode — zero config, single user, SQLite:
brew install schardosin/astonish/astonish # or: curl -fsSL https://raw.githubusercontent.com/schardosin/astonish/refs/heads/main/install.sh | sh
astonish setup # Configure your AI provider
astonish chat # Start chattingPlatform mode — multi-tenant, PostgreSQL, teams:
export ASTONISH_PLATFORM_DSN="postgres://user:pass@host:5432/astonish"
astonish platform init # Initialize database, create first org
astonish platform org invite admin@co.com # Invite team members
# Team members connect remotely:
astonish login https://your-astonish-server.com
astonish chatAstonish turns from a personal AI assistant into your team's collective intelligence. Everyone keeps their private workspace, but hard-won knowledge flows to everyone who needs it.
Imagine someone on your team spends an hour debugging a tricky Kubernetes networking issue. The solution goes into team memory. Next week, when another teammate hits the same problem, Astonish already knows the answer — no wasted time, no repeated work. Knowledge compounds across every conversation, every team member, every day.
Teams & Organizations. Create orgs, invite members, assign roles (owner, admin, member). Each person gets a private workspace while sharing team-level resources. Multiple teams within one organization, each with their own scope and configuration.
astonish platform org create engineering
astonish platform org invite --role admin alice@company.com
astonish platform org invite --team backend bob@company.comPrivate-First Data Ownership. Sessions, flows, apps, and credentials are personal by default. Share to the team with one-click Publish. Fork team resources into your personal space to customize. You control what's shared and what stays private.
Three-Tier Memory. Personal, team, and org-level knowledge searched together with intelligent weighting. Hybrid search powered by pgvector + keyword matching. When someone on your team documents a solution, it surfaces automatically for anyone who hits the same problem — no manual knowledge-base maintenance needed.
| Tier | Scope | Weight | Examples |
|---|---|---|---|
| Personal | Your sessions only | 1.2x | Your debugging notes, personal preferences |
| Team | Shared within team | 1.0x | Team runbooks, shared solutions, conventions |
| Organization | All teams in org | 0.8x | Company-wide policies, architecture decisions |
Cascading Defaults. AI providers, MCP server configurations, skills, and sandbox templates cascade from platform to org to team to personal. Teams get sensible defaults from day one while individuals can override anything. Admins set guardrails without limiting flexibility.
Team-Scoped MCP Servers & Skills. Admins configure integrations at the org or team level. Six enforcement points guarantee full tenant isolation — no data leaks between teams. New team members get instant access to the tools they need.
Built for organizations that take security seriously. Every layer is designed for multi-tenant isolation.
Authentication. JWT-based auth with secure HTTP-only cookies, bcrypt passwords, OIDC/SSO federation (any OpenID Connect provider), refresh token revocation, and CSRF protection. OIDC group claims auto-map to Astonish team memberships — connect your identity provider and team structure syncs automatically.
Envelope Encryption. A master KEK protects per-organization data encryption keys (DEKs). Credentials are encrypted with AES-256-GCM using the org's DEK. Secrets resolve personal-first with team fallback — isolation is structural, not just policy.
Master Key (KEK) → Per-Org DEK → Credential Data (AES-256-GCM)
(stored encrypted)
Per-Team Sandboxes. Each organization gets network-isolated execution environments. Two backends supported:
| Backend | Isolation | Use Case |
|---|---|---|
| Incus | Per-org bridge networks, LXC containers | Self-hosted, bare metal |
| Kubernetes | NetworkPolicies, org/team pod labels | Cloud-native, scalable |
Team admins customize container templates and get terminal access for configuration. Sandbox templates cascade: personal > team > org > global.
Audit Logging. Append-only, team-scoped audit trail. UPDATE and DELETE are revoked at the database level on audit tables — immutable by design. Admins see what's happening across their workspace with filtering by action, resource, and time range.
PostgreSQL Backend. Full database backbone with org-level databases and team schemas. Database-per-org isolation ensures one organization can never access another's data, even at the SQL level. Also runs on SQLite for development and personal use with the same multi-tenant semantics.
The core of Astonish is a dynamic agent that uses LLM-driven tool-use loops to solve problems. It decides which tools to call, chains them together, and works through multi-step tasks autonomously.
58+ built-in tools — shell execution (PTY-backed), file operations, web fetching, PDF reading, semantic memory, browser automation, email, credential management, sub-agent delegation, and skill lookup.
MCP native. Any MCP server works out of the box — GitHub, Slack, databases, or any other MCP-compatible tool. In platform mode, admins configure MCP servers at the team level and everyone gets access automatically.
15+ AI providers. OpenAI, Anthropic, Google Gemini, Groq, OpenRouter, xAI, Ollama, LM Studio, SAP AI Core, LiteLLM, and more. Cascading provider defaults mean teams get the right model without individual configuration.
Sub-agent delegation. For complex tasks, the agent delegates work to up to 10 parallel sub-agents with isolated sessions and filtered tool access.
astonish chat # New session
astonish chat -p anthropic -m claude-4 # Specific provider/model
astonish chat --resume # Resume last sessionDescribe any dashboard, tool, or interactive app in plain English and Astonish builds it live in the chat. Powered by React 19 and Tailwind CSS v4.
You: "Build me a project tracker with task priorities and due dates"
Agent: [Live interactive app appears in chat]
You: "Add a chart showing tasks completed per week"
Agent: [App updates with a Recharts bar chart]
You: "Save it"
Agent: Saved as "project_tracker" — open anytime from the Apps tab.
useAppData— connect to MCP tools, REST APIs (with OAuth credentials), or static configuseAppAI— embed one-shot LLM calls for summarization, classification, or analysisuseAppState— persistent database per app that survives page reloads; build CRUD apps, not just dashboards- Iterative refinement — ask for changes and the app updates in place
- Security sandboxed — isolated iframe, opaque origin, SSRF-protected server-side proxy
Save once, share with your team. No coding required, no infrastructure to manage.
The agent doesn't just solve problems — it learns from how it solved them, and the team benefits.
Solve freely. The agent works through your request dynamically, calling whatever tools it needs. The entire execution is traced.
Distill. After a successful multi-step task, run /distill. The agent analyzes its execution trace and generates a reusable YAML flow — parameterized, validated, ready to share.
Share & Reuse. Distilled flows become team knowledge. Version control them, review in PRs, schedule as recurring jobs, or edit visually in Studio. Next time anyone on the team hits a similar problem, the agent uses the saved flow as context.
You: "Check how much memory my proxmox server has"
Agent: [shell_command] ssh root@192.168.1.100 free -h
Your server has 64GB total, 42GB used, 22GB free.
You: /distill
Agent: Saved: check_server_health.yaml
Run again: astonish flows run check_server_health -p host="192.168.1.100"
# Schedule it, share it, reuse it
astonish flows run check_server_health -p host="192.168.1.100"
astonish scheduler add --cron "0 9 * * *" --flow check_server_health
astonish tap add yourteam/shared-flows # Community flow storeChannels. Telegram, Email, and Slack adapters work in platform mode with database-backed allowlists and dynamic per-message routing. Email supports plus-addressing for per-org routing (bot+orgname@domain.com). In-channel /org and /team commands switch context on the fly.
Remote CLI. A rich terminal client to interact with your platform remotely. Login with password or SSO, select your org and team, then use all Astonish commands as if local — list sessions, run flows, browse traces, chat with full lipgloss styling.
astonish login https://platform.yourcompany.com # SSO or password
astonish status # Show connection info
astonish chat # Chat through the platform
astonish flows list # Browse team flowsAlways-On Daemon. Run as a system service (launchd/systemd) with a cron scheduler. Two execution modes: routine (headless flow replay) and adaptive (natural language instruction interpreted each run). Results broadcast to connected channels.
Skills System. Markdown files that teach the agent CLI tools, APIs, and workflows. 9 bundled skills, community skills via ClawHub, and in platform mode skills are scoped to teams with live-reload. Drop a SKILL.md and the agent knows how to use it.
Browser Automation. 32 browser tools in pure Go via Chrome DevTools Protocol. Navigation, interaction, screenshots, device emulation, stealth mode. No Node.js, no Playwright, zero external dependencies.
Astonish Studio. Visual flow designer with AI assistant, drag-and-drop editing, real-time execution, and the Apps tab for managing generative UI creations. Plan auto-progression shows agent execution in real-time. Token usage tracking with per-call visibility.
astonish studio # Opens at http://localhost:9393| Provider | Type | Notes |
|---|---|---|
| OpenRouter | Cloud | 100+ models with one API key |
| OpenAI | Cloud | GPT-4o, o1, o3 |
| Anthropic | Cloud | Claude Opus, Sonnet, Haiku |
| Google Gemini | Cloud | Gemini Pro, Flash |
| Groq | Cloud | Ultra-fast inference |
| xAI | Cloud | Grok models |
| LiteLLM | Cloud/Local | Unified interface for 100+ providers |
| Ollama | Local | Self-hosted open models |
| LM Studio | Local | Self-hosted with GUI |
| SAP AI Core | Cloud | SAP enterprise AI |
Configure via astonish setup or Studio Settings. In platform mode, provider defaults cascade from org to team to individual.
flowchart TB
subgraph Platform["Platform Layer"]
direction TB
P1["PostgreSQL (prod) / SQLite (dev)"]
P2["JWT + OIDC Authentication"]
P3["Envelope Encryption"]
P4["Audit Logging"]
end
subgraph Org["Organization"]
direction TB
O1["Org-level memory & settings"]
O2["Org encryption keys (DEKs)"]
O3["Network-isolated sandboxes"]
end
subgraph Team["Team"]
direction TB
T1["Team memory & flows"]
T2["Scoped MCP servers & skills"]
T3["Cascading provider defaults"]
T4["Channels & routing"]
end
subgraph Personal["Personal Workspace"]
direction TB
U1["Private sessions & credentials"]
U2["Personal memory & apps"]
U3["Publish / Fork"]
end
subgraph Agent["Agent Engine"]
direction TB
A1["LLM tool-use loops (58+ tools)"]
A2["Sub-agent delegation"]
A3["Flow distillation"]
A4["Generative UI (React apps)"]
end
Platform --> Org
Org --> Team
Team --> Personal
Personal --> Agent
Team --> Agent
Org --> Agent
Built on Google's Agent Development Kit (ADK). The platform supports database-per-org isolation with schema-per-team. Resources cascade downward; data ownership flows upward only when explicitly published.
- Team Runbooks & SOPs. One engineer solves a complex deployment issue; the distilled flow becomes a team resource anyone can run or reference.
- Onboarding Acceleration. New hires inherit months of team memory on day one. The agent already knows your infrastructure, conventions, and past solutions.
- Internal Tools & Dashboards. Describe what you need, get a live React app with charts and data connections. Share with the team — no frontend setup required.
- Enterprise DevOps. Shared knowledge across Kubernetes clusters, CI/CD pipelines, and infrastructure. Team-scoped credentials and sandboxes keep access controlled.
- Scheduled Automation. Cron jobs through conversation, results delivered to Telegram, Email, or Slack. Team-wide visibility into what's running.
- Multi-Channel Support. Interact from terminal, Studio, Telegram, Email, or Slack — all connected to the same platform with consistent context.
- Full Documentation
- Testing Guide — 1,650+ tests across 4 layers
- Submit a Pull Request
- License: Apache-2.0