Documentation

TackOS is an operating system for AI-native companies. It turns agents, tools, budgets, approvals, and proof into a single governed control plane.

Most teams are using AI agents as isolated tools — one tab for code generation, another for research, a third for writing. Context fragments. Work duplicates. Nobody knows what got done, what it cost, or who approved what.

TackOS introduces a management layer: departments that group agents by function, missions that define outcomes, a policy gateway that controls what agents can touch, and a proof ledger that records every completed task.

This is not a chatbot. It is not a prompt manager. It is not a workflow builder. TackOS is the infrastructure layer that turns a set of agents into a governed organization.

Mission — A mission is a business outcome with a time constraint and budget envelope. Example: "Launch an open-source developer tool in 14 days." Every task, agent action, and cost is attributable to an active mission.

Department — A department is a pre-configured group of agents with a defined role, autonomy level, tool scope, and risk policy. You install departments, not individual agents. Available departments: Growth, Dev Pod, Research Desk, Support Desk, Finance Ops, Founder Office.

Autonomy Level — Five levels from Shadow (observe only) to Audited Autopilot (continuous execution with full receipt generation). Autonomy is set per department and can be changed by the operator at any time.

Proof Packet — Every completed task produces a proof packet: a verifiable receipt containing the summary, agent, cost, time spent, output snippet, evidence links, risk level, approval chain, and quality score.

Approval Gate — High-risk actions do not execute automatically. They enter an approval queue where an authorized human must approve or reject before execution proceeds.

Policy Gateway — All agent actions route through the policy layer. Policies define which tools agents can call, at what budget thresholds execution pauses, and what constitutes a high-risk action requiring human approval.

Clone the repository and start the local runtime:

git clone https://github.com/tackos/tackos
cd tackos
pnpm install
pnpm dev

Open http://localhost:3000 to see the landing page. Open http://localhost:3000/launch-soon to access the interactive Company Runtime.

The Company Runtime is pre-loaded with a sample company (Atlas Labs) running a developer tool launch mission. All data is stored in localStorage — nothing is sent to external services.

To reset the runtime to its default state, clear localStorage in your browser's developer tools:

localStorage.removeItem('tackos-runtime-v1')

Then reload the page.

TackOS is structured as a control plane that separates three concerns: governance, execution, and proof.

TackOS UI — The control room. Surfaces for mission management, department oversight, approval queues, and the proof ledger.

Mission Engine — Decomposes a mission into tasks, assigns them to departments, and tracks execution state.

Department Runtime — Each department runs a pool of agents configured for a specific function. Agents receive scoped task context, not raw secrets.

Policy Gateway — Every agent action routes through this layer. The gateway checks role, risk, budget, and environment rules before allowing execution. High-risk actions pause here for human approval.

Agent Adapters — Thin wrappers that connect the runtime to specific model providers and tools. Adapters are swappable — bring your own models.

External Tools — Git, docs, email, ticketing, CI, and any system the agent needs to interact with. Tools are accessed through the gateway, never directly.

Proof Ledger — An append-only record of completed task outputs. Every proof packet is sealed with agent identity, cost, time, output, and an approval history.

Departments are the primary unit of organization in TackOS. Each department: - Contains a set of specialized agents - Has a default autonomy level - Operates under a risk classification - Has an estimated monthly cost envelope - Requires specific tool adapters

Growth Department — Launch planning, narrative testing, channel sequencing, outreach loops. Default autonomy: Supervised. Risk: Medium.

Dev Pod — Code implementation, issue triage, release checks, pull request preparation. Default autonomy: Supervised. Risk: High.

Research Desk — Competitor scans, synthesis, customer signal mapping, evidence extraction. Default autonomy: Assist. Risk: Low.

Support Desk — Issue handling, FAQ generation, escalation routing, customer summaries. Default autonomy: Assist. Risk: Medium.

Finance Ops — Budget guardrails, spend attribution, cost-per-outcome monitoring. Default autonomy: Shadow. Risk: High.

Founder Office — Mission definition, strategic decisions, cross-department arbitration. Default autonomy: Delegated. Risk: Critical.

The autonomy ladder defines what agents can and cannot do at each trust level.

L1 — Shadow (Observe only) Can: Read context, suggest plans, build simulations. Cannot: Call tools, spend budget, write public outputs.

L2 — Assist (Human-driven execution) Can: Draft outputs, prepare pull requests, run sandbox checks. Cannot: Ship externally, modify budgets, bypass approvals.

L3 — Supervised (Guided autonomy) Can: Execute approved tasks, use scoped tools, post proof packets. Cannot: Run high-risk actions, touch production credentials, increase own budget.

L4 — Delegated (Department-level authority) Can: Sequence tasks, ship low-risk outputs, trigger adapters. Cannot: Override policy, create external access keys, ignore kill switch.

L5 — Audited Autopilot (Continuous execution with receipts) Can: Operate continuously, route escalations, generate full audit packets. Cannot: Disable audit log, change policy ownership, exceed hard budget ceiling.

Every completed task produces a proof packet — a verifiable record of what was done, by whom, at what cost, and with what outcome.

A proof packet contains: - Title — the task name - Summary — what was accomplished - Agent — which agent executed the task - Cost — actual spend for this task - Time spent — execution duration - Output snippet — the key generated output or finding - Evidence links — links to referenced documents, commits, or pages - Risk level — the risk classification of the task - Approval history — who approved what, in what order - Quality score — a 0–100 assessment of output quality

Proof packets are immutable once sealed. They cannot be edited after generation. They form the basis of the audit ledger.

The policy gateway is the enforcement layer between agents and external systems.

Every tool call an agent wants to make passes through the gateway. The gateway evaluates:

1. Role check — Is this agent authorized to call this tool in this department? 2. Scope check — Does this action fall within the agent's current autonomy level? 3. Budget check — Would this action push spend past the department's cap? 4. Risk check — Is this action classified as high-risk under current policy?

If any check fails, the action is blocked. High-risk actions do not fail silently — they generate an approval request and surface it in the human approval queue.

In the current local runtime, policy checks are simulated. In a production deployment, the gateway would enforce these checks in real time against actual tool APIs.

The local runtime requires no external services, API keys, or cloud accounts.

Prerequisites: - Node.js 18+ - pnpm 8+

Setup: ```bash git clone https://github.com/tackos/tackos cd tackos pnpm install pnpm dev ```

Environment: Copy `.env.example` to `.env.local`. In local mode, no environment variables are required. Variables listed in `.env.example` are placeholders for future real-execution adapters.

State: All interactive state is stored in localStorage under the key `tackos-runtime-v1`. No network calls are made. No data leaves the browser.

Reset: ```js localStorage.removeItem('tackos-runtime-v1') ```

V0 — Current (Local prototype) - Local runtime with mock data - Interactive dashboard (missions, approvals, proof, org, cost, logs) - Department store with install states - Autonomy ladder with live control - localStorage persistence - Full documentation

V1 — Agent Adapter SDK - Real agent adapter interface - Policy gateway enforcement layer - Hosted Postgres for state - Docker deployment configuration - GitHub adapter (issues, PRs, releases) - Slack/Discord notification adapter - MCP protocol support

V2 — Company OS Platform - Department marketplace - Multi-company workspace - Team accounts with role permissions - Cloud sync and backup - Enterprise audit controls - Cost optimization engine - Custom policy editor