I am Luke, an open source developer. I originally worked a lot in security (I created a software supply chain project called sigstore). Over the past couple of months, I spent some time building AI agents alongside chatting with other developers attempting the same , and there seemed to be a fair amount of fog in the air around how to do auth, middleware, and all the normal trappings.
AgentUp came out of that. I started to make the agents I was building into reproducible things, so I could then easily spin up other agents. From there I started to add more and it became a framework eventually.
I also noticed a lot of folks were building their own Tools / Function calls over and over, and i thought, it would be nice if these were pluggable, which is where the AgentUp plugin system came from.
So there is what I have started calling 'Core' agentUp, and then plugins (tools) are entry points with their own dedicated interfaces, yet they can inherit all of the cores middleware. Plugins are also limited by scopes, so the core can enforce fine grained access control to each plugin, using the familiar style of domain:type:capability (e.g system:admin: ["system:write", "system:read"]), this way systems can scope policy within token scopes (jwt, oauth2) and AgentUp will enforce for each user. I am yet to really dig into the isolation capabilities in python, but will try to spend some more time there if the project gets momentum.
Last but not least, the Agents are A2A compatible. JSON RPC, streaming / non streaming, Tasks, Parts, Artifacts etc. MCP servers exposed via the Agents are streamable HTTP.
At the moment, I am self funded so not a startup as such, but I am previous founder and my last gig was a distinguished engineer at Red Hat.
Let me know if this interests you, there will be a bucket load of bugs, so lots of fun to be had if anyone wants in!
I am Luke, an open source developer. I originally worked a lot in security (I created a software supply chain project called sigstore). Over the past couple of months, I spent some time building AI agents alongside chatting with other developers attempting the same , and there seemed to be a fair amount of fog in the air around how to do auth, middleware, and all the normal trappings.
AgentUp came out of that. I started to make the agents I was building into reproducible things, so I could then easily spin up other agents. From there I started to add more and it became a framework eventually.
I also noticed a lot of folks were building their own Tools / Function calls over and over, and i thought, it would be nice if these were pluggable, which is where the AgentUp plugin system came from.
So there is what I have started calling 'Core' agentUp, and then plugins (tools) are entry points with their own dedicated interfaces, yet they can inherit all of the cores middleware. Plugins are also limited by scopes, so the core can enforce fine grained access control to each plugin, using the familiar style of domain:type:capability (e.g system:admin: ["system:write", "system:read"]), this way systems can scope policy within token scopes (jwt, oauth2) and AgentUp will enforce for each user. I am yet to really dig into the isolation capabilities in python, but will try to spend some more time there if the project gets momentum.
Last but not least, the Agents are A2A compatible. JSON RPC, streaming / non streaming, Tasks, Parts, Artifacts etc. MCP servers exposed via the Agents are streamable HTTP.
At the moment, I am self funded so not a startup as such, but I am previous founder and my last gig was a distinguished engineer at Red Hat.
Let me know if this interests you, there will be a bucket load of bugs, so lots of fun to be had if anyone wants in!