Self-hosted control room for AI agents. Definitions live in Git, every change is a PR, runs and audits stay inside your environment.
Tembo Agent Studio (TAS) is a self-hosted control plane for AI agents. Agent definitions live as files in a Git repository you own. Every change — whether an engineer typed it, a PM described it in chat, or an end user clicked "this is wrong" — flows through the same PR review your team already uses for code. Runs, audit logs, and identity stay inside your environment.
Agents are software. Most teams treat them as something else: prompts edited in vendor consoles, no diff, no review, no rewind. TAS lets agents inherit the discipline you already use for production code — version control, code review, audit logs, identity, RBAC.
Principles
- Git is the system of record. Agent definitions live in your repo.
- Every change is a PR. Human or AI author — the artifact is always a reviewable diff.
- Adaptation is allowed; drift is governed. Agents may evolve; they may not evolve in ways you can't explain.
- Self-hostable first. Identity, data, and runtime stay inside your environment.
TAS is the control plane. Authoring — turning a chat message into a diff — is delegated to the Tembo Coding Agent Platform. Plug in a Tembo API key in workspace settings and TAS uses it to open PRs against your repo: new agents from chat, and "improve the agent" submissions from any run.
TAS calls out to Tembo coding agents the way a CI system calls out to compilers.
Today (v0.2 shipped May 2026 on top of the v0.1 foundation from earlier in the month) you can:
- Self-host the whole stack via
docker compose up. - Sign in with Google and connect a GitHub repository as the workspace's source of truth.
- List, create, edit (via chat-to-PR), and run agents in two frameworks — Pydantic AgentSpec and Cargo AI. Both run as passthrough subprocess calls into the upstream tool, so you get the full power of each.
- Chat with an agent to probe its behavior, then submit a change request that opens a PR via Tembo.
- Submit "Improve the Agent" feedback from any run — TAS hands it to Tembo, opens a PR, and correlates the merged PR back to your submission so you can see the status from the dashboard.
- Schedule agents to run on a cron via Automations, with each scheduled run linked back to the automation that fired it.
- Inspect token usage and approximate cost on every run.
See CHANGELOG.md for the full list of what's landed,
and ROADMAP.md for where it's headed.
agent-studio/
├── web/ Next.js 16 + Tailwind v4 + shadcn/ui + better-auth (control plane UI)
├── api/ Rust (axum + sqlx) — runtime + orchestration, owns Postgres migrations
├── agents/ Seed agent fixtures (see context/0.1/AGENT_FORMAT.md)
├── context/ Phase docs (PRFAQ, blog, user stories, demo script per phase)
└── docker-compose.yml
Requires Docker (or OrbStack), Node 22+, and Rust 1.93+.
cp .env.example .env
# Required: set BETTER_AUTH_SECRET. Generate one with:
# openssl rand -base64 32
docker compose up --buildOnce healthy:
- Web: http://localhost:3000
- API: http://localhost:8080/health
- Postgres: localhost:5432 (user/db:
tas, password from.env)
Database migrations live in api/migrations/ and are applied by the Rust
API on boot via sqlx::migrate!(). The first migration
(0001_better_auth.sql) creates the user, session, account, and
verification tables that better-auth expects.
# Postgres only via Docker, app code on host
docker compose up -d postgres
# Terminal 1 — API
cd api && cargo run
# Terminal 2 — web
cd web && pnpm install && pnpm devMIT — see LICENSE for the full text.