An operational decision intelligence system architected with deterministic agents, real-time health monitoring, and multi-domain alerting. Not a chatbot β a trusted multi-agent council that observes, analyzes, decides, and learns.
Each agent is a specialized decision-maker with bounded authority, durable memory, and explicit trust governance.
βββββββββββββββββββββββββββ
β FOUNDER (Feedback Loop) β
β Final authority for β
β irreversible decisions β
ββββββββ¬ββββββββββββββββββ
β
ββββββββββββββΌβββββββββββββ
β β β
ββββββββββΌβββ βββββββΌβββββββ ββββΌβββββββββββ
β ALERT GATEβ β COUNCIL β β CONFLICT β
β 7-stage β β AlertCouncilβ β RESOLVER β
β quality β β synthesis β β Agent β
β + businessβ β + priorityβ β Arbiter β
β guardrailsβ β + recommendβ β β
βββββββββββββ βββββββ¬βββββββ βββββββββββββββ
β
ββββββββββββββββββΌβββββββββββββββββ
β β β
ββββββββΌββββββ ββββββββΌβββββββ ββββββββΌβββββββ
β FINANCE β β BI ANALYSTβ β OPS WATCH β
β Guardian β β (leading β β (operationalβ
β + Finance β β indicators)β β heartbeat) β
β Rules Engineβ β β β β
ββββββββ¬ββββββ ββββββββ¬βββββββ ββββββββ¬βββββββ
β β β
ββββββββββββββββββΌβββββββββββββββββ
β
βββββββββββββΌββββββββββββ
β BUSINESS PIPELINE β
β Finance Rules β β
β Guardrails β HITL β β
β MissionState β Slack β
βββββββββββββ¬ββββββββββββ
β
βββββββββββββΌββββββββββββ
β PREDICTIVE GUARDIAN β
β Trend extrapolation β
β Runway projection β
β Churn acceleration β
β Threshold alerts β
βββββββββββββ¬ββββββββββββ
β
βββββββββββββΌββββββββββββ
β ANOMALY DETECTOR β
β Cross-domain anomaly β
β inconsistency check β
β β wandering scout β
ββββββββββββββββββββββββ
β
βββββββββββββΌββββββββββββ
β MISSION STATE + β
β ALERT DISPATCH β
β Treasury (Kosha) + β
β Enforcement (Danda) β
ββββββββββββββββββββββββ
β
βββββββββββββΌββββββββββββ
β KNOWLEDGE GRAPH β
β Graphiti temporal β
β institutional memory β
β β connection (Mitra) β
ββββββββββββββββββββββββ
New in V4: MBA Integration Layer. Three new deterministic layers sit between the guardians and the founder:
- Finance Rules β 17 detection functions + 7 MBA primitives (WACC, NPV, IRR, burn multiple, etc.)
- Guardrails Engine β 7-stage policy evaluation (investor-facing, authority, reversibility, risk, privacy, approval tier, blocking)
- Predictive Guardian β trend forecasting, runway depletion projection, churn acceleration detection
17 detection functions extracted from guardian watchlist lambdas + 7 MBA finance primitives. Pure Python, zero LLM calls.
Detections: silent churn death, burn multiple creep, customer concentration risk, runway compression, failed payment clusters, payroll/revenue breach, leaky bucket activation, power user MRR masking, feature adoption drop, cohort retention degradation, NRR < 100%, trial activation wall, error segment correlation, support outpacing growth, cross-channel bug convergence, deploy frequency collapse, infra unit economics divergence.
MBA Primitives: compute_burn_multiple, compute_runway_days, compute_effective_runway_days, compute_npv, compute_irr, compute_wacc, compute_working_capital_pressure.
Canonical typed contract composing 5 existing schemas (EventEnvelope, AlertDecision, GuardianMessage, DecisionResult, AlertEvidenceChain) with FinancialSnapshot + GuardrailResult. Composition, not inheritance β zero source file modifications.
7-stage deterministic policy evaluation β no LLM calls:
- Investor-facing β flag decisions visible to investors
- Authority β map severity to approval tier (auto/review/blocking)
- Reversibility β detect irreversible decisions (payouts, contracts, public comms)
- Risk classification β financial / legal / reputational / operational
- Privacy β PII detection via regex
- Approval tier final β deterministic tier assignment
- Blocking override β block when multiple critical conditions met
Expanded from 4 to 7 stages: schema β trust β dedup β tone β authority β risk β privacy.
4 new guardrail fields added to AgentTrustProfile: authority_limit, max_auto_approve_severity, investor_update_requires_approval, irreversible_decision_threshold.
Chains 7 stages: finance rules β envelope β guardrails β HITL routing β MissionState update β events β Slack alert. Wrapped as Temporal activities.
10 pure forecasting functions using standard library only (math, statistics):
- Linear trend β OLS regression for any metric
- Predict next β single/multi-step forecast via trend extrapolation
- Days to threshold β when will a metric breach a critical value
- Moving average β sliding window smoother
- Confidence intervals β normal approximation bounds
- Volatility β coefficient of variation
- Runway depletion β trend-adjusted cash runway projection
- Churn acceleration β detects if churn rate is accelerating
- Forecast summary β complete metric forecast with trend, CI, volatility
Synchronous snapshot engine that queries ERPNext, HubSpot, and QuickBooks β assembles MissionStateV2 (Support, Execution, Team, Finance, Revenue) β runs 8 watchlists + 5 cross-domain correlations β computes overall health.
Connectors:
- ERPNext β
src/integrations/erpnext_client.py(pure-stdlib Frappe REST client) +erpnext.py(mock/real mode, 4 snapshot sections) - HubSpot β
src/integrations/hubspot.py(mock mode + SDK fallback) - QuickBooks β
src/integrations/quickbooks.py(mock mode + httpx real, float-to-cents, DSO calculation)
Assembly: 5 domain assemblers in src/guardian/assemblers/ transform flat snapshot dicts β Pydantic domain states + computed health enums.
Detection: 8 watchlist rules + 5 cross-domain correlations β run_startup_detector(). All deterministic, zero LLM calls.
Orchestration: src/orchestration/run_startup_guardian.py runs 3 connectors via asyncio.to_thread, assembles 5 domain states, computes overall_health = worst(health).
Testing: 54 unit tests + 2 E2E tests against Mockoon containers (docker-compose.startup-guardian.yml). Mockoon fixtures with query-param routing for ERPNext doctypes. All monetary values in integer cents.
287+ deterministic tests that verify agent behavior without LLM calls:
- Trajectory Tests (87) β exact tool call order verification against 15 golden scenarios
- State Machine Tests (17) β orchestrator transitions, health computation, connector failures
- Edge Case Tests (47) β empty DB, boundary conditions, special characters, concurrent execution
- Behavioral Contracts (68) β MUST ALWAYS/NEVER invariants (MissionStateV2 validity, no LLM in connectors, no secrets in logs)
- Mockoon Integration (17) β real HTTP to Mockoon containers (ERPNext + QuickBooks), HubSpot SDK mocked
All tests use unittest.mock.patch for LLM and external APIs. Mockoon containers provide deterministic fixture data. Zero real API calls.
3 new admin panels in apps/core/internal/web/:
- Decision Queue β pending business decisions with approve/reject buttons (auto-refresh 10s)
- Guardrail Status β 2x2 grid of current guardrail states (auto-refresh 15s)
- Finance Risk β burn multiple, runway, working capital, WACC with color-coded risk (auto-refresh 15s)
Every agent has a dynamic trust profile with score (0.0β1.0), route priority, degraded mode, and full event audit history. Degraded agents (trust < 0.4) are hard-blocked at the relevance gate. Extended in V4 with guardrail authority limits and auto-approve thresholds.
The MissionState is the single source of ground truth β shared context that every guardian reads and writes. Extended with 12 finance + guardrail fields in V4.
When 2+ guardians fire in the same session, the council synthesizes them into one alert with unified root cause, cross-domain severity, and a single recommended action. Prevents alert fatigue.
Every alert passes through 7 stages before reaching the founder:
- Schema validation β required fields, valid types
- Trust check β agent not degraded
- Dedup check β same alert not sent in last 60 minutes
- Tone filter β basic text quality
- Authority check β agent authorized for this severity level
- Risk assessment β financial risk classification
- Privacy check β PII detection
Roams across all MissionState fields looking for inconsistencies: burn alerts without operational symptoms, revenue growth with cash burn, short runways with misplaced founder focus.
Resolves contradictions between guardians β severity mismatches (critical vs. info) and signal contradictions. Highest severity wins; majority override available.
Every alert or recommendation answers four questions:
| Question | How |
|---|---|
| What happened? | Guardian detects metric deviation |
| Why did it happen? | Narrative layer explains root cause |
| What if nothing changes? | Predictive Guardian β runway projection, churn probability, threshold crossing |
| What should be done? | Concrete recommended action with deadline |
T+0 β Raw data arrives (webhook / sync)
T+3m β Guardian cycle fires (detect β reason β decide)
T+5m β Finance Rules compute 17 detections + 7 MBA primitives
T+6m β Guardrails Engine evaluates 7-stage policy
T+7m β Predictive Guardian forecasts trend, runway, churn
T+8m β BusinessDecisionEnvelope assembled
T+9m β HITL routes (auto / review / approve / blocked)
T+10m β MissionState updated with finance + guardrail fields
T+11m β HTMX dashboard refreshes (Decision Queue, Guardrail Status, Finance Risk)
T+12m β Founder receives alert on Slack with recommendation
T+15m β Founder acknowledges / disputes via Slack button
T+20m β Trust score updated, event logged to Graphiti
T+48h β Follow-up check: was action taken? Outcome measured?
| Layer | Technology |
|---|---|
| LLM | OpenRouter (nemotron-3-super-120b via API), Gemini fallback |
| Embeddings | OpenRouter (llama-nemotron-embed-vl-1b, 2048-dim) |
| Semantic Memory | Graphiti + Neo4j 5.26 |
| Vector Store | Qdrant (episodic + compressed) |
| Relational DB | PostgreSQL (MissionState, trust events, sessions) |
| Cache | Redis (working memory, session TTL) |
| Tracing | Langfuse v4 (@observe) |
| Workflow | Temporal (activity orchestration) |
| Business Logic | Pure Python β standard library only (no numpy, no LLM) |
| Dashboard | Go 1.24 + Fiber + HTMX |
| Language | Python 3.13, Go 1.24 |
| Config | Env-only via pydantic-settings β zero hardcoded secrets |
| Suite | Tests | Status |
|---|---|---|
| Trust Battery | 28 | β |
| Session Layer | 35 | β |
| Co-founder Agent | 20 | β |
| Correlation + Avoidance | 14 | β |
| Guardian Watchlist | 69 | β |
| Finance Guardian | 25 | β |
| Memory Spine (Graphiti) | 26 | β |
| HITL | 11 | β |
| Finance Rules | 10 | β |
| Guardrails Engine | 22 | β |
| Business Pipeline | 14 | β |
| Predictive Guardian (engine) | 33 | β |
| Predictive Guardian (activity) | 10 | β |
| Go HTMX Handlers | 13 | β |
| Startup Guardian Connectors | 22 | β |
| Startup Guardian Assemblers | 13 | β |
| Startup Guardian Watchlists | 4 | β |
| Startup Guardian Correlations | 6 | β |
| Startup Guardian Detector | 3 | β |
| Startup Guardian Orchestrator | 5 | β |
| Startup Guardian E2E | 2 | β |
| Deterministic Trajectory | 87 | β |
| Deterministic State Machine | 17 | β |
| Deterministic Edge Cases | 47 | β |
| Deterministic Contracts | 68 | β |
| Mockoon Integration | 17 | β |
| All Others | 100+ | β |
apps/
core/ # Go Modular Monolith
cmd/ # Entrypoints (server, worker, consumer)
internal/
web/ # HTTP handlers + HTMX templates
templates/ # 14 HTML templates (dashboard, panels)
business_handler.go # Decision Queue, Guardrail Status, Finance Risk
agents/ # Go agent definitions
workflow/ # Temporal workflows & activities
api/ # Auth, webhook handlers
migrations/ # SQL migrations
ai/ # Python AI Worker
src/
agents/ # Guardian agents (finance, bi, ops, qa, investor)
business/ # MBA integration (NEW V4)
finance_rules.py # 17 detections + 7 MBA primitives
guardrails.py # 7-stage policy engine
envelope.py # BusinessDecisionEnvelope
predictive/ # Forecasting engine (NEW V4)
engine.py # 10 pure forecasting functions
schemas.py # 6 Pydantic models
activities/ # Temporal activities
run_finance_rules.py
run_guardrails.py
run_predictive_guardian.py
orchestration/ # Pipeline orchestrators
run_business_pipeline.py
run_startup_guardian.py # Startup Guardian orchestrator
run_startup_guardian_cli.py # CLI entrypoint
services/ # Trust battery, alert gate, decision engine
session/ # MissionState, relevance gate
guardian/ # Watchlist, detector
assemblers/ # Startup Guardian domain state assemblers
startup_watchlists.py
startup_correlations.py
startup_detector.py
integrations/ # Stripe, Plaid, Slack, ERPNext, HubSpot, QuickBooks
states/ # MissionStateV2 domain state schemas
schemas/ # Pydantic models
memory/ # Graphiti, Qdrant, spine
events/ # Redis Streams event bus
tests/unit/ # 319+ tests
infrastructure/ # SQL migrations
# Start infrastructure
docker start trackguard-postgres trackguard-neo4j trackguard-qdrant trackguard-redis
# Run Python tests
cd apps/ai && uv run pytest tests/unit/ -q
# Run deterministic tests (no Docker, no LLM)
cd apps/ai && uv run pytest tests/deterministic/ -v
# Run Mockoon integration tests (real Docker, no LLM)
docker run -d --name sg-mock-erpnext -p 8099:8080 \
-v $(pwd)/apps/ai/tests/mockoon/erpnext.json:/data:ro mockoon/cli:latest -d /data -p 8080
docker run -d --name sg-mock-hubspot -p 8098:8080 \
-v $(pwd)/apps/ai/tests/mockoon/hubspot.json:/data:ro mockoon/cli:latest -d /data -p 8080
docker run -d --name sg-mock-quickbooks -p 8097:8080 \
-v $(pwd)/apps/ai/tests/mockoon/quickbooks.json:/data:ro mockoon/cli:latest -d /data -p 8080
ERPNEXT_URL=http://localhost:8099 ERPNEXT_USER=test ERPNEXT_PASSWORD=test \
QUICKBOOKS_CLIENT_ID=test QUICKBOOKS_ACCESS_TOKEN=test \
QUICKBOOKS_COMPANY_ID=123146573628384 QUICKBOOKS_API_URL=http://localhost:8097 \
HUBSPOT_ACCESS_TOKEN=test-token \
uv run pytest tests/integration/test_mockoon_pipeline.py -v
# Run Go tests
cd apps/core && go test ./internal/web/... -v
# Run worker
cd apps/ai && uv run python -m src.worker
# Run Startup Guardian CLI (mock mode, no containers needed)
cd apps/ai && uv run python -m src.orchestration.run_startup_guardian_cli my-tenant
# Run server
cd apps/core && go run cmd/server/main.go- Decision latency β every feature must shorten the time between signal and action
- Exception quality β high trust beats high volume; reduce false positives
- Founder cognition β fewer, sharper, more actionable messages
- Trust gradually β copilot β workflow assistant β semi-autonomous β autonomous
- No hardcoded secrets β env-only configuration, centralized in
config/database.py - Composition over inheritance β new packages import and nest existing schemas, never modify them
- Deterministic core β finance, guardrails, and forecasting are pure Python with zero LLM calls