declaragent ·d9t

v0.7.1 · shipped 2026-04-23 · release notes ↗

Stop shipping agent prototypes.
Ship an agent.yaml.

The declarative runtime for AI agent fleets. Write agent.yaml. Commit it. Run declaragent up. Prometheus, OpenTelemetry, audit chain, circuit breakers, canary deploys — in the box.

$ npm i -g @declaragent/cli Star on GitHub
  • 13 npm packages
  • 8 built-in tools
  • 12/12 enterprise items shipped

tip short-form CLI — d9t up runs the same as declaragent up.

~/my-agent — declaragent

Install in one command.

npm i -g @declaragent/cli

Then — converse your fleet into existence:

declaragent init --fleet acme
cd acme
DECLARAGENT_BUILDER=on declaragent     # short: d9t

New to Declaragent? Take the 15-minute conversational tour →

Read the docs → Source on GitHub

Converse → fleet

Describe what you need. Review the plan. Apply.

Start the REPL with DECLARAGENT_BUILDER=on declaragent. Tell it what the fleet should do. It proposes a complete change-set — agent.yaml, skills, event sources, channel bindings, peer entries. You review, /yes to apply or /edit to adjust. Every apply is git-rollback-safe and recorded to the hash-chained audit log.

01 Describe "Triage new GitHub issues, hand severe ones to a reviewer agent, notify #oncall."
02 Propose Two agents + peer wiring + webhook source + Slack channel — diff shown, no secrets written.
03 Apply & deploy /yes → files written · declaragent fleet run → online.

14 builder tools · fleet-e2e test · git-rollback Not a wizard. Not a template gallery. A conversation with an agent that understands the runtime it's authoring for — because it runs on the same core.

Take the 15-minute tour → Builder reference

Honest status · receipts-first

Five pillars. ✓ single-machine ✓ enterprise · v0.7.1

Single-machine production was shipped in 0.6.0. The 12-item enterprise integration plan — multi-host RPC, OIDC/OAuth2, managed control plane, SIEM export, GitOps fleet render, per-tool rate limits, MCP auto-recovery, typed capability schemas — shipped in 0.7.1. Every ✓ below links to the PR. The only open receipt: Pillar 3's 7-consecutive-green weekly soak proof.

01

Define agents

agent.yaml identity + Markdown skills + tool allowlists + inbound/outbound channels + typed peers. v1.1 Agent Graph typed capabilities shipped in 0.7.1 (PR #23).

✓ single-machine ✓ enterprise · typed · v0.7.1 AGENTS.md →
02

Deploy + monitor

up / ps / logs / down, Prometheus, OTel, circuit breakers, canary deploys. Managed control plane aggregator, GitOps fleet render, SIEM audit export — all shipped in 0.7.1.

03

Independent agents + delegation

Memory + Kafka + NATS RPC transports, pending-registry correlation, version-skew detection, OIDC/OAuth2 on envelopes, fleet-e2e tests, nightly CI on Redpanda.

04

Tools + MCP

8 built-ins (Read, Write, Edit, Bash, Glob, Grep, Agent, SendMessage) + MCP stdio/HTTP/SSE/streamable-HTTP + OAuth 2.1 PKCE + per-tool rate limits + auto-recovery for crashed MCP servers (0.7.1).

05

Conversational builder

14 builder tools, plan-confirm-execute, git-backed rollback, scope + secret guards, fleet-e2e test, recorded-conversation regression suite (0.7.1).

The honesty clause

Every ✓ has a test. Every ◐ names the gap and the tracked doc. Read the full audit — file:line evidence for every claim on this page.

Capabilities · declarative

What you can add to an agent.

Every block below is declarative in agent.yaml and installable through the CLI. No hidden console, no vendor dashboard, no "contact sales."

tools

Built-in tools

Read, Write, Edit, Bash, Glob, Grep, Agent, SendMessage. File-system grounded. MCP server tools load on top. 

tools:
  defaults: [Read, Glob, Grep, Bash]
Tools reference →
skills

Markdown skills

Prompts + input schema in one Markdown file with frontmatter. {{var}} interpolation. Tiered discovery (user / project / plugin). 

skills:
  - skills/review-pr.md
Skills reference →
plugins

npm plugins

Bundle skills, tools, channels, sources. Consent-gated permission grants on install. Versioned via changesets. 

$ declaragent plugin install \
    @declaragent/plugin-github
Plugin system →
mcp

MCP servers

First-class Model Context Protocol support — stdio + HTTP. Tools, resources, prompts. One-command registration. 

$ declaragent mcp add postgres \
    --command psql-mcp
MCP reference →
sources

Event sources

Cron, webhook, file-watch, Kafka , NATS · SQS · AMQP · MQTT . DLQ + replay + idempotency + rate limiting — declaratively. 

$ declaragent source add webhook \
    gh-events --config-file ./hook.yaml
Source adapters →
channels

Chat channels

Slack, Telegram, Discord, WhatsApp. Outbound rate limits, send idempotency, per-user session context, BlockKit / Markdown rendering. 

channels:
  - id: slack-prod
    type: slack
Channel registry →
tenancy

Multi-tenant isolation

One daemon, many tenants. Per-tenant quotas, extension scopes, residency tags, tenant-stamped buses. 

$ declaragent tenants show acme-prod
$ declaragent tenants diff
Multi-tenant guide →
secrets

Secrets rotation

Vault, AWS Secrets Manager, GCP Secret Manager, K8s, env. TTL cache, audit on every resolve, rotation monitor. 

$ declaragent secrets rotate \
    vault:kv/acme/gh-token
Secrets reference →
audit

Hash-chained audit

Every tool call, channel send, tenant boundary, secret access. SHA-256 chain verify. GDPR erase by user or correlationId. 

$ declaragent audit verify
$ declaragent audit erase --user U123
Audit format →
permissions

Permission gate

Four modes: default (prompt per call), plan (dry-run), bypass (trusted), auto (auto-approve allow-list). Sandboxing on file + shell. 

$ declaragent --mode plan
$ declaragent --mode auto
Permission modes →
observability

Metrics + traces

Prometheus exporter with per-tenant labels. OpenTelemetry spans for every turn + tool call. Structured logs with correlationId threading. 

observability:
  prometheus: { port: 9464 }
  otel: { endpoint: $OTEL_URL }
Grafana setup →
fleets

Multi-agent fleets

One fleet.yaml declares N agents + shared peer table. Inter-agent RPC, rolling / all-or-nothing deploy, version-skew detection. 

$ declaragent fleet new acme-fleet
$ declaragent fleet run
Fleet reference →

Lifecycle · one binary

One CLI. Every step of the agent lifecycle.

No separate tools for init vs. deploy vs. ops. The same binary you install on your laptop runs in CI and talks to the daemon in production. declaragent is the long form; d9t is the short.

01

Build

declaragent init --fleet acme
cd acme

DECLARAGENT_BUILDER=on declaragent
> build a fleet that triages GH
>   issues and hands severe ones
>   to a reviewer agent
/yes

Scaffold a fleet, then converse to shape it. Templates still work.

02

Configure

declaragent plugin install \
  @declaragent/plugin-github

declaragent source add webhook \
  gh-events --config-file ./hook.yaml

declaragent mcp add postgres \
  --command psql-mcp

Add plugins, event sources, MCP servers, channels. Consent-gated.

03

Operate

declaragent daemon
declaragent events list --last 20
declaragent dlq redrive \
  --source webhook:gh-events <id>
declaragent audit verify
declaragent tenants show acme-prod

Run locally or as a daemon. Observe, replay, audit, debug.

04

Deploy

declaragent deploy gcp-cloud-run \
  --project acme --region us-central1

declaragent fleet deploy \
  --target cloud-run
declaragent fleet deploy --rollback

Single agent or whole fleet. Rolling, health-gated, rollback-ready.

Built with itself

declaragent is an agent.

Launch the REPL, you're talking to an agent built on @declaragent/core — the same runtime, same tools, same audit chain, same permission gate you'd use to build your own. One core, many agents. No second implementation, no "CLI-only" features locked out of your production path.

core @declaragent/core engine · tools · audit · permissions
agent #1 declaragent REPL the CLI you install — itself an agent
agent #2…N your agent.yaml every agent you declare + ship

Same Tool contract. Same permission gate. Same audit sink. If your agent can do it, so can the CLI. If the CLI does it, your agent can inherit it.

Enterprise primitives · built-in

Built for the ops team, not just the prompt engineer.

Audit & compliance

Every tool call, channel send, tenant boundary, and secret resolve is recorded to a SHA-256 hash chain. audit verify detects tampering; audit erase --user tombstones in a GDPR-clean pass.

Multi-tenant isolation

One tenants.yaml declares quotas, residency, extension allow/deny, and per-tenant secret scopes. The event bus is tenant-stamped; cross-tenant writes fail closed with a typed error.

Secrets rotation

Native providers for Vault, AWS Secrets Manager, GCP Secret Manager, K8s, and env. TTL cache + rotation monitor. Every resolve writes a secret_access audit record.

Permission gate

Four runtime modes — default (prompt per call), plan, bypass, auto (allow-list). File-system sandboxing, per-tool allow/deny globs, escalation on denial.

Observability

Prometheus exporter with tenant_id constLabels baked in. OpenTelemetry spans thread through every turn, tool call, and RPC hop. Structured logs keyed on correlationId.

Deploy automation

Cloud Run deploy templates generated from agent.yaml. Fleet deploys support rolling / all-or-nothing / per-agent with health-gated rollback. Every deploy records a version; one flag reverts.

Interactive · no install

Paste a fleet.yaml. Run the production validator in your browser.

Same validation logic that ships in @declaragent/cli, ported verbatim. Dangle a peer, duplicate a capability, reference a missing deploy target — findings appear inline, offline, no network hop.

fleet.yaml
Findings
  • Click Validate to run.

If this saves you an afternoon

Star it on GitHub.

One click. No account creation, no email capture, no newsletter trap. Stars are the signal maintainers read first when prioritizing the next week of work.

Star on GitHub Join discussions

Or watch the repo — release notes, RFCs, and the nightly soak dashboard all land there first.