{"id":47265331,"url":"https://github.com/aureliolo/synthorg","last_synced_at":"2026-06-17T15:01:22.312Z","repository":{"id":340952531,"uuid":"1168268477","full_name":"Aureliolo/synthorg","owner":"Aureliolo","description":"SynthOrg - Framework for building synthetic organizations with autonomous AI agents","archived":false,"fork":false,"pushed_at":"2026-06-13T09:19:09.000Z","size":52576,"stargazers_count":8,"open_issues_count":26,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-13T09:23:17.886Z","etag":null,"topics":["agent-framework","ai-agents","ai-orchestration","autonomous-agents","litellm","litestar","llm","mcp","multi-agent","pydantic","python","react-dashboard","synthetic-organization"],"latest_commit_sha":null,"homepage":"https://synthorg.io","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Aureliolo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":".github/SECURITY.md","support":null,"governance":null,"roadmap":"docs/roadmap/future-vision.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":".github/CLA.md"}},"created_at":"2026-02-27T07:34:13.000Z","updated_at":"2026-06-13T09:18:25.000Z","dependencies_parsed_at":"2026-03-22T14:14:53.653Z","dependency_job_id":"7fff0d59-b7fc-42e6-8e8d-0d7c8a5e3aee","html_url":"https://github.com/Aureliolo/synthorg","commit_stats":null,"previous_names":["aureliolo/ai-company","aureliolo/synthorg"],"tags_count":323,"template":false,"template_full_name":null,"purl":"pkg:github/Aureliolo/synthorg","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aureliolo%2Fsynthorg","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aureliolo%2Fsynthorg/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aureliolo%2Fsynthorg/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aureliolo%2Fsynthorg/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Aureliolo","download_url":"https://codeload.github.com/Aureliolo/synthorg/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aureliolo%2Fsynthorg/sbom","scorecard":{"id":1245126,"data":{"date":"2026-03-22T22:45:06Z","repo":{"name":"github.com/Aureliolo/synthorg","commit":"f53da9f708f391eb4cb45dbd45a9ce553739fc3b"},"scorecard":{"version":"v5.3.0","commit":"c22063e786c11f9dd714d777a687ff7c4599b600"},"score":8.1,"checks":[{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: .github/SECURITY.md:1","Info: Found linked content: .github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: .github/SECURITY.md:1","Info: Found text in security policy: .github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#security-policy"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dependency-update-tool"}},{"name":"Maintained","score":0,"reason":"project was created within the last 90 days. Please review its contents carefully","details":["Warn: Repository was created within the last 90 days."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":5,"reason":"Found 14/25 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:23","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:56","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:153","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:171","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:200","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:269","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:293","Info: found token with 'none' permissions: .github/workflows/ci.yml:1","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:77","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:96","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:223","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:246","Info: jobLevel 'actions' permission set to 'read': .github/workflows/cla.yml:21","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/cla.yml:19","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cli.yml:146","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cli.yml:171","Info: found token with 'none' permissions: .github/workflows/cli.yml:1","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cli.yml:31","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cli.yml:54","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cli.yml:82","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cli.yml:116","Info: jobLevel 'contents' permission set to 'read': .github/workflows/dast.yml:19","Info: jobLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:14","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/dev-release.yml:32","Info: jobLevel 'contents' permission set to 'read': .github/workflows/docker.yml:252","Info: jobLevel 'contents' permission set to 'read': .github/workflows/docker.yml:437","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/docker.yml:624","Info: jobLevel 'contents' permission set to 'read': .github/workflows/docker.yml:32","Info: jobLevel 'contents' permission set to 'read': .github/workflows/docker.yml:63","Info: jobLevel 'actions' permission set to 'read': .github/workflows/finalize-release.yml:32","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/finalize-release.yml:33","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pages-preview.yml:38","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/pages-preview.yml:39","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pages-preview.yml:225","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pages-preview.yml:317","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pages.yml:32","Info: jobLevel 'contents' permission set to 'read': .github/workflows/python-audit.yml:15","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:15","Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:19","Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecard.yml:20","Info: jobLevel 'contents' permission set to 'read': .github/workflows/secret-scan.yml:18","Info: jobLevel 'contents' permission set to 'read': .github/workflows/zizmor.yml:26","Info: jobLevel 'actions' permission set to 'read': .github/workflows/zizmor.yml:27","Info: found token with 'none' permissions: .github/workflows/ci.yml:1","Info: found token with 'none' permissions: .github/workflows/cla.yml:1","Info: found token with 'none' permissions: .github/workflows/cli.yml:1","Info: found token with 'none' permissions: .github/workflows/dast.yml:1","Info: found token with 'none' permissions: .github/workflows/dependency-review.yml:1","Info: found token with 'none' permissions: .github/workflows/dev-release.yml:1","Info: found token with 'none' permissions: .github/workflows/docker.yml:1","Info: found token with 'none' permissions: .github/workflows/finalize-release.yml:1","Info: found token with 'none' permissions: .github/workflows/pages-preview.yml:1","Info: found token with 'none' permissions: .github/workflows/pages.yml:1","Info: found token with 'none' permissions: .github/workflows/python-audit.yml:1","Info: found token with 'none' permissions: .github/workflows/release.yml:1","Info: found token with 'none' permissions: .github/workflows/scorecard.yml:1","Info: found token with 'none' permissions: .github/workflows/secret-scan.yml:1","Info: found token with 'none' permissions: .github/workflows/zizmor.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#token-permissions"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:  72 out of  72 GitHub-owned GitHubAction dependencies pinned","Info:  45 out of  45 third-party GitHubAction dependencies pinned","Info:   7 out of   7 containerImage dependencies pinned","Info:   9 out of   9 npmCommand dependencies pinned","Info:   1 out of   1 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#cii-best-practices"}},{"name":"Signed-Releases","score":10,"reason":"5 out of the last 5 releases have a total of 10 signed artifacts.","details":["Info: signed release artifact: checksums.txt.sigstore.json: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.8","Info: signed release artifact: checksums.txt.sigstore.json: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.7","Info: signed release artifact: checksums.txt.sigstore.json: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.6","Info: signed release artifact: checksums.txt.sigstore.json: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.5","Info: signed release artifact: checksums.txt.sigstore.json: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.4","Info: provenance for release artifact: checksums.txt.intoto.jsonl: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.8","Info: provenance for release artifact: checksums.txt.intoto.jsonl: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.7","Info: provenance for release artifact: checksums.txt.intoto.jsonl: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.6","Info: provenance for release artifact: checksums.txt.intoto.jsonl: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.5","Info: provenance for release artifact: checksums.txt.intoto.jsonl: https://github.com/Aureliolo/synthorg/releases/tag/v0.4.4"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#signed-releases"}},{"name":"SAST","score":10,"reason":"SAST tool detected","details":["Info: SAST configuration detected: Hadolint","Info: SAST configuration detected: Hadolint","Info: SAST configuration detected: Hadolint","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#sast"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/api/client.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/stores/providers.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/stores/settings.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/utils/errors.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/utils/format.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/utils/sanitizeForLog.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/api/client.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/stores/providers.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/stores/settings.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/utils/errors.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/utils/format.property.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: web/src/__tests__/utils/sanitizeForLog.property.test.ts:2","Info: GoBuiltInFuzzer integration found: cli/cmd/config_test.go:203","Info: GoBuiltInFuzzer integration found: cli/cmd/config_test.go:355","Info: GoBuiltInFuzzer integration found: cli/cmd/update_cleanup_test.go:71","Info: GoBuiltInFuzzer integration found: cli/cmd/update_cleanup_test.go:261","Info: GoBuiltInFuzzer integration found: cli/cmd/update_cleanup_test.go:307","Info: GoBuiltInFuzzer integration found: cli/cmd/update_cleanup_test.go:323","Info: GoBuiltInFuzzer integration found: cli/cmd/update_test.go:113","Info: GoBuiltInFuzzer integration found: cli/cmd/update_test.go:531","Info: GoBuiltInFuzzer integration found: cli/internal/compose/generate_fuzz_test.go:8","Info: GoBuiltInFuzzer integration found: cli/internal/compose/generate_fuzz_test.go:72","Info: GoBuiltInFuzzer integration found: cli/internal/compose/generate_fuzz_test.go:116","Info: GoBuiltInFuzzer integration found: cli/internal/config/paths_fuzz_test.go:8","Info: GoBuiltInFuzzer integration found: cli/internal/config/state_fuzz_test.go:9","Info: GoBuiltInFuzzer integration found: cli/internal/config/state_test.go:389","Info: GoBuiltInFuzzer integration found: cli/internal/docker/client_fuzz_test.go:7","Info: GoBuiltInFuzzer integration found: cli/internal/images/images_test.go:238","Info: GoBuiltInFuzzer integration found: cli/internal/images/images_test.go:272","Info: GoBuiltInFuzzer integration found: cli/internal/selfupdate/updater_fuzz_test.go:15","Info: GoBuiltInFuzzer integration found: cli/internal/selfupdate/updater_fuzz_test.go:67","Info: GoBuiltInFuzzer integration found: cli/internal/selfupdate/updater_fuzz_test.go:107","Info: GoBuiltInFuzzer integration found: cli/internal/selfupdate/updater_fuzz_test.go:155","Info: GoBuiltInFuzzer integration found: cli/internal/verify/fuzz_test.go:10","Info: GoBuiltInFuzzer integration found: cli/internal/verify/fuzz_test.go:34","Info: GoBuiltInFuzzer integration found: cli/internal/verify/fuzz_test.go:56"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#vulnerabilities"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/cli.yml:258"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":5,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Warn: codeowners review is not required on branch 'main'","Warn: 'last push approval' is disabled on branch 'main'","Info: 'up-to-date branches' is required to merge on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#branch-protection"}},{"name":"Contributors","score":0,"reason":"project has 0 contributing companies or organizations -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#contributors"}},{"name":"CI-Tests","score":10,"reason":"30 out of 30 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#ci-tests"}}]},"last_synced_at":"2026-03-23T02:50:34.708Z","repository_id":340952531,"created_at":"2026-03-23T02:50:34.708Z","updated_at":"2026-03-23T02:50:34.708Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34453438,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-17T02:00:05.408Z","response_time":127,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-framework","ai-agents","ai-orchestration","autonomous-agents","litellm","litestar","llm","mcp","multi-agent","pydantic","python","react-dashboard","synthetic-organization"],"created_at":"2026-03-15T04:29:20.541Z","updated_at":"2026-06-17T15:01:22.305Z","avatar_url":"https://github.com/Aureliolo.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eSynthOrg\u003c/strong\u003e\u003cbr\u003e\n  \u003cem\u003eAn autonomous product studio you operate: describe what to build, a synthetic organisation of AI agents plans and delivers it.\u003c/em\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://securityscorecards.dev/viewer/?uri=github.com/Aureliolo/synthorg\"\u003e\u003cimg src=\"https://api.securityscorecards.dev/projects/github.com/Aureliolo/synthorg/badge\" alt=\"OpenSSF Scorecard\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://slsa.dev\"\u003e\u003cimg src=\"https://slsa.dev/images/gh-badge-level3.svg\" alt=\"SLSA 3\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://codecov.io/gh/Aureliolo/synthorg\"\u003e\u003cimg src=\"https://codecov.io/gh/Aureliolo/synthorg/branch/main/graph/badge.svg\" alt=\"Coverage\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://codspeed.io/Aureliolo/synthorg?utm_source=badge\"\u003e\u003cimg src=\"https://img.shields.io/endpoint?url=https://codspeed.io/badge.json\" alt=\"CodSpeed Badge\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/Aureliolo/synthorg/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/license-BSL_1.1_(source_available)-blue\" alt=\"License\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.python.org/downloads/\"\u003e\u003cimg src=\"https://img.shields.io/badge/python-3.14%2B-blue\" alt=\"Python\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://synthorg.io/docs\"\u003e\u003cimg src=\"https://img.shields.io/badge/docs-synthorg.io-purple\" alt=\"Docs\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\nSynthOrg is a self-contained, self-hostable platform for **synthetic organisations**: role-based AI agents modelled as an actual company (roles, departments, hierarchies, persistent memory, budgets, governance, structured communication) rather than a task queue or a DAG of function calls. The goal is an autonomous product studio you operate: you describe a product or service to build, or hand it an existing codebase, and the organisation plans, executes, and delivers it under budgets and your steering.\n\nIt is provider-agnostic (\u003c!--RS:providers_via_litellm--\u003e90+\u003c!--/RS--\u003e LLM providers via [LiteLLM](https://github.com/BerriAI/litellm)), configuration-driven ([Pydantic v2](https://docs.pydantic.dev/) models), and licensed BUSL-1.1 (converts to Apache 2.0 at the Change Date).\n\n\u003e **Project status (read this).** SynthOrg is **pre-alpha**. The framework, infrastructure, and runtime are built and tested (\u003c!--RS:tests--\u003e36,000+\u003c!--/RS--\u003e tests, 80%+ coverage): API, dashboard, CLI, dual-backend persistence, the provider layer, the agent runtime, the multi-agent coordinator, the work pipeline spine, the intake engine, sandbox lifecycle dispatch, and the distributed-path consumers are all wired and exercised by deterministic e2e harnesses with a scripted provider (no real LLM spend). Operator-facing onboarding (real provider, real workloads, dashboard polish) has not been exercised end to end by a human. Expect bugs, rough edges, and missing polish; use it for research and contribution, not for production workloads. Progress is tracked openly on the [roadmap](https://synthorg.io/docs/roadmap/) and the [issue tracker](https://github.com/Aureliolo/synthorg/issues).\n\n## What is available now\n\nA tested platform you can run, inspect, and build on:\n\n- **REST + WebSocket API** (Litestar) and a **React 19 dashboard** (org chart, task board, agent detail, budget tracking, provider management, workflow editor, ceremony settings, setup wizard) with live WebSocket / SSE updates.\n- **Go CLI** for Docker orchestration: `init`, `start`, `stop`, `status`, `doctor`, `config`, `wipe`, `cleanup`, `worker`, `backup`, with cosign signature and SLSA provenance verification at pull time.\n- **Dual-backend persistence**: SQLite (single-node default) and PostgreSQL (multi-instance), conformance-tested for parity, with in-process yoyo schema migrations and ISO 4217 currency stamping on every cost-bearing row.\n- **Provider layer**: any LLM via LiteLLM with built-in retry and rate-limit handling; local model management for Ollama and LM Studio.\n- **Configuration and templates**: define a company in YAML; importable/shareable agent, department, and company templates with personality presets.\n- **Agent runtime**: a configured provider boots a real agent runtime that executes tasks (LLM + sandboxed tools) under a minimal safety spine (autonomy/trust verdict on tool actions, approval-queue producer for sensitive actions). An empty company (no provider) cleanly rejects task submission. Exercised by a deterministic e2e simulation harness (synthetic clients, scripted provider, zero LLM spend).\n- **Multi-agent coordinator + work pipeline spine**: `/coordinate` runs decompose, route, parallel execution, then rollup end to end behind the provider-present switch. The shared work pipeline (intake to projects to decompose to solo/team to execute to coordination metrics) is the single integration point every entry adapter feeds, with solo-vs-team decided internally by decomposition.\n- **Entry adapters**: real work-entry paths for the intake engine (`POST /requests/{id}/approve`), the task board (`POST /tasks`), and stated objectives (`POST /objectives`), all driving the pipeline spine.\n- **Sandbox lifecycle dispatch**: `DockerSandbox.execute()` honours `owner_id` and dispatches to the configured per-call / per-agent / per-task lifecycle strategy, with grace-period teardown.\n- **Operations**: structured logging with redaction and correlation, Prometheus metrics and OTLP, HttpOnly-cookie multi-user sessions with CSRF protection, Chainguard distroless images with Trivy + Grype scanning, cosign signatures, and SLSA L3 provenance.\n- **Distributed dispatch**: NATS JetStream queue, worker pool, dead-letter consumer, dedup pruner, and heartbeat subscriber, validated under multi-worker synthetic load (no loss, no duplication).\n- **Conversational org interface**: talk to the company in natural language. Clarify-and-propose against the Chief of Staff (clarifies an underspecified request, then parks concrete `WorkItem`s in the human approval queue; on approval they run through the work pipeline), per-turn concern-routing to the best-fit role agent, multi-agent group chat, human-consented agent-initiated invites, and direct MCP acting under trust (sensitive actions approval-gated; fail-closed when security governance is inactive). All modes opt-in, default off; exercised by deterministic e2e harnesses with a scripted provider.\n\n## In active development\n\nThe runtime, coordinator, intake, work pipeline, sandbox dispatch, and distributed-path consumers are wired and exercised by deterministic harnesses. What remains in flight is the operator-facing maturity that turns the wired runtime into a polished autonomous studio:\n\n- **Autonomous product studio substrate**: persistent project workspace with pluggable git, brownfield codebase intake, living documentation, and a deep requirements interview.\n- **Best-in-class operate tier**: a golden-company benchmark, mission control with run replay, a cost forecast / kill-switch dial, a measurable learning curve, deterministic replay, run narratives, and an adversarial red-team.\n- **Agent capability layer**: knowledge and provenance retrieval substrate, research mode, continual improvement, governed external API access, headless-browser and virtual-desktop testing.\n- **Self-improvement loop**: company-wide signals from existing subsystems producing deployment and product-level improvement proposals through a rule-first hybrid pipeline with mandatory human approval. Components built and unit-tested; live end-to-end run pending.\n- **Real-provider acceptance**: the e2e harness drives the runtime against a deterministic scripted provider, not a real LLM. A real-provider golden-company benchmark and run narrative arrive with the operate tier.\n\nThe design for each lives in the [Design Specification](https://synthorg.io/docs/design/).\n\n## Quick Start\n\n### Install\n\n```bash\n# Linux / macOS\ncurl -sSfL https://synthorg.io/get/install.sh | bash\n```\n\n```powershell\n# Windows (PowerShell)\nirm https://synthorg.io/get/install.ps1 | iex\n```\n\n### Run\n\n```bash\nsynthorg init                                   # interactive setup wizard (SQLite default)\nsynthorg init --persistence-backend postgres    # auto-provision a Postgres container\nsynthorg start                                  # pull images + start containers\n```\n\nOpen [localhost:3000](http://localhost:3000); the **setup wizard** covers LLM providers, company config, agent setup with personality presets, and theme selection. Choose **Guided Setup** for the full experience or **Quick Setup** (provider + company name only). This brings up the platform and dashboard. Configuring a provider stores the company; running it as an autonomous organisation is the runtime work in active development, so skipping provider setup yields an empty company by design.\n\n**Persistence backends:** SQLite (default) for single-node and development, Postgres for multi-instance deployments. The CLI orchestrates both. `--persistence-backend postgres` generates a `dhi.io/postgres` DHI service (image tag pinned via `DefaultPostgresImageTag` in `cli/internal/config/state.go`), random credentials, and a named data volume. `synthorg stop` preserves the data volume unless `--volumes` is passed.\n\n### From source\n\n```bash\ngit clone https://github.com/Aureliolo/synthorg.git\ncd synthorg\nuv sync                  # install dev + test deps\nuv sync --group docs     # install docs toolchain\n```\n\nSchema migrations run in-process via [yoyo-migrations](https://ollycope.com/software/yoyo/latest/) (installed by `uv sync`); no external binary required. Building the docs site locally (for D2 diagrams) additionally requires the [D2 CLI](https://d2lang.com/tour/install) on `PATH`.\n\n### Docker Compose (manual)\n\n```bash\ncp docker/.env.example docker/.env\ndocker compose -f docker/compose.yml up -d\ncurl http://localhost:3001/api/v1/readyz\n```\n\n## Target architecture\n\nThe diagram below is the designed architecture. Components exist as code; the\nedges into and out of the agent engine are what the runtime work (above)\nbrings online.\n\n```mermaid\ngraph TB\n    Config[Config \u0026 Templates] --\u003e Engine[Agent Engine]\n    Engine --\u003e Core[Core Models]\n    Engine --\u003e Providers[LLM Providers]\n    Engine --\u003e Communication[Communication]\n    Engine --\u003e Tools[Tools \u0026 MCP]\n    Engine --\u003e Memory[Memory]\n    Engine --\u003e Security[Security \u0026 Trust]\n    Engine --\u003e Budget[Budget \u0026 Cost]\n    Engine --\u003e HR[HR Engine]\n    Meta[Meta-Loop] --\u003e Engine\n    Meta --\u003e HR\n    Meta --\u003e Budget\n    API[REST \u0026 WebSocket API] --\u003e Engine\n    API --\u003e Meta\n    Dashboard[React Dashboard] --\u003e API\n    CLI[Go CLI] --\u003e API\n    Observability[Observability] -.-\u003e Engine\n    Persistence[Persistence] -.-\u003e HR\n    Persistence -.-\u003e Security\n    Persistence -.-\u003e Engine\n```\n\n## Compare\n\nSynthOrg vs [other agent frameworks](https://synthorg.io/compare/) across organisation structure, multi-agent coordination, memory, budget tracking, security, and observability. The comparison marks SynthOrg capabilities honestly as available now versus planned, matching the status sections above. \u003c!-- lint-allow: doc-numeric-macros -- competitor count is sourced from data/competitors.yaml via generate_comparison.py, not runtime_stats --\u003e\n\n## Documentation\n\n| Section | What's there |\n|---------|-------------|\n| [User Guide](https://synthorg.io/docs/user_guide/) | Install, configure, run, customise |\n| [Guides](https://synthorg.io/docs/guides/) | Quickstart, company config, agents, budget, security, MCP tools, deployment, logging, memory |\n| [Design Specification](https://synthorg.io/docs/design/) | The designed behaviour of every subsystem (the source of truth; states current wiring status per area) |\n| [Architecture](https://synthorg.io/docs/architecture/) | System overview, tech stack, decision log |\n| [REST API](https://synthorg.io/docs/openapi/) | Scalar/OpenAPI reference |\n| [Library Reference](https://synthorg.io/docs/api/) | Auto-generated from docstrings |\n| [Security](https://synthorg.io/docs/security/) | Application security, container hardening, CI/CD security |\n| [Licensing](https://synthorg.io/docs/licensing/) | BUSL 1.1 terms, Additional Use Grant, commercial options |\n| [Roadmap](https://synthorg.io/docs/roadmap/) | Current status, what works today, what is in active development |\n\n\u003e **Contributors:** Start with the [Design Specification](https://synthorg.io/docs/design/) before implementing any feature. See [`DESIGN_SPEC.md`](docs/DESIGN_SPEC.md) for the full design set. The design pages describe intended behaviour and mark per-area current wiring status; treat any gap between a spec and `src/` as the work, not the spec.\n\u003e\n\u003e **Forking?** CI runs out of the box for code changes; the release pipeline needs setup (environments, labels, branch protection, a release-bot GitHub App). On your first push, the **CI Preflight** workflow opens a tracking issue listing exactly what is missing; see [Fork Setup](https://synthorg.io/docs/guides/fork-setup/) for the long-form walkthrough.\n\n## License\n\n[Business Source License 1.1](LICENSE): free production use for non-competing organisations with fewer than 500 employees and contractors. Converts to Apache 2.0 on the change date specified in [LICENSE](LICENSE). See [licensing details](https://synthorg.io/docs/licensing/) for the full rationale and what is permitted.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faureliolo%2Fsynthorg","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faureliolo%2Fsynthorg","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faureliolo%2Fsynthorg/lists"}