Autonomous Enterprise Agent — Search Strategy & Landscape Analysis
Date: 2026-02-19 Author: Claude (Opus 4.6) Project: PILOT Goal: Build an autonomous bot that extends coditect-core beyond business/development into enterprise system integration (Gmail, calendars, desktop publishing, document management, etc.)
1. Strategic Intent
CODITECT currently operates as a development and business platform. The next evolution is an autonomous enterprise agent that can:
- Discover enterprise systems (Google Workspace, Microsoft 365, desktop apps)
- Operate them autonomously (read/send email, schedule meetings, create documents)
- Integrate data flows back into coditect-core (session logs, analytics, project management)
- Secure all operations with audit trails, sandboxing, and permission models
License Compatibility Requirements
| License | Compatible | Notes |
|---|---|---|
| MIT | Yes | Maximum freedom, preferred |
| Apache 2.0 | Yes | Patent grant included, excellent for enterprise |
| BSD (2/3-clause) | Yes | Minimal restrictions |
| ISC | Yes | Equivalent to MIT |
| MPL-2.0 | Yes | File-level copyleft only, acceptable |
| LGPL-2.1/3.0 | Conditional | OK if used as library, not modified |
| AGPL-3.0 | No | Network copyleft — process boundary separation required |
| GPL-2.0/3.0 | No | Full copyleft — cannot integrate into proprietary |
| Fair-code (n8n) | Conditional | Self-host OK, redistribution restricted |
| BSL/SSPL | No | Not truly open source |
2. Search System Prompts
Wave 1: Core Agent Frameworks
PROMPT 1 - General Agent Frameworks
"open source autonomous AI agent framework enterprise integration 2025 2026 MIT Apache license github"
PROMPT 2 - Multi-Agent Orchestration
"open source multi-agent AI framework tool use MCP model context protocol 2026 comparison"
PROMPT 3 - Enterprise Workflow Agents
"open source AI agent Gmail calendar Slack enterprise system integration agentic automation framework"
PROMPT 4 - Framework Comparison
"best open source AI agent frameworks 2026 comparison autonomous tools MCP LangGraph CrewAI AutoGen"
Wave 2: Desktop & Browser Automation
PROMPT 5 - Desktop Agents
"open source computer use agent desktop automation browser agent 2025 2026 github MIT Apache"
PROMPT 6 - GUI Automation
"open source AI GUI agent screenshot automation desktop Linux macOS enterprise 2026"
PROMPT 7 - Browser Agents
"browser-use Playwright autonomous web agent open source MIT license Python automation"
PROMPT 8 - Containerized Desktop
"containerized AI desktop agent Docker Linux virtual desktop automation open source self-hosted"
Wave 3: Specific Projects Deep-Dive
PROMPT 9 - OpenClaw
"OpenClaw open source AI assistant MCP integration license 2026 enterprise automation architecture"
PROMPT 10 - Accomplish AI
"accomplish-ai accomplish github open source desktop agent framework Electron MIT license"
PROMPT 11 - Bytebot
"Bytebot open source desktop agent Apache license containerized Linux automation Docker 2026"
PROMPT 12 - Agent S2
"Agent S2 simular-ai GUI agent open source license enterprise desktop automation framework"
PROMPT 13 - Browser Use
"browser-use browser agent open source MIT license Python autonomous web 60k stars"
PROMPT 14 - Skyvern
"Skyvern AI browser automation open source AGPL license enterprise workflow 2026"
PROMPT 15 - IBM CUGA
"IBM CUGA configurable generalist agent open source Apache license enterprise workflow MCP"
Wave 4: Security & Architecture Patterns
PROMPT 16 - Agent Security
"AI agent security best practices enterprise sandboxing permission model 2025 2026 autonomous OWASP"
PROMPT 17 - Agent Isolation
"AI agent sandboxing microVM gVisor container isolation security production 2026"
PROMPT 18 - Permission Models
"autonomous AI agent permission model human-in-the-loop approval gate enterprise security"
PROMPT 19 - MCP Security
"MCP model context protocol security authentication authorization enterprise tool integration"
PROMPT 20 - Audit & Compliance
"AI agent audit trail compliance logging enterprise autonomous action tracking immutable"
Wave 5: Ecosystem & Integration Patterns
PROMPT 21 - Google Workspace
"AI agent Google Workspace Gmail Calendar Drive integration open source API automation"
PROMPT 22 - Microsoft 365
"AI agent Microsoft 365 Outlook Teams SharePoint integration open source Graph API"
PROMPT 23 - Desktop Publishing
"AI agent document creation PDF Word Excel automated desktop publishing open source"
PROMPT 24 - MCP Ecosystem
"MCP server ecosystem open source tools integrations catalog 2026 model context protocol"
PROMPT 25 - Workflow Orchestration
"n8n Temporal Prefect open source workflow orchestration AI agent integration self-hosted enterprise"
Wave 6: Architecture & Patterns
PROMPT 26 - Agent Architecture Patterns
"autonomous AI agent architecture patterns tool use planning memory state management 2026"
PROMPT 27 - Agent-to-Agent Communication
"multi-agent communication protocol A2A Google agent-to-agent open source 2026"
PROMPT 28 - Agent Observability
"AI agent observability monitoring tracing LangFuse LangSmith open source 2026"
PROMPT 29 - Local-First Agents
"local first AI agent privacy enterprise on-premise self-hosted open source desktop"
PROMPT 30 - Agent Evaluation
"AI agent evaluation benchmark testing framework open source autonomous reliability"
3. Initial Landscape Analysis (Wave 1-3 Results)
Tier 1: Primary Candidates (License-Compatible, High Maturity)
| Project | License | Stars | Category | MCP | Enterprise Ready |
|---|---|---|---|---|---|
| OpenClaw | MIT | 140K+ | Personal AI Assistant | Yes (server) | Medium — moving to foundation |
| Accomplish | MIT | Active | Desktop AI Coworker | Via OpenCode | Medium — Electron + React |
| Browser Use | MIT | 60K+ | Web Automation | Planned | High — 89% WebVoyager |
| Bytebot | Apache 2.0 | Active | Containerized Desktop | Via tools | High — Docker isolated |
| CrewAI | MIT | High | Multi-Agent Orchestration | Yes (native) | High — 500+ integrations |
| LangGraph | MIT | High | Agent State Machine | Yes (adapter) | High — LangChain ecosystem |
| AutoGen | MIT | 40K+ | Multi-Agent Chat | Yes (extension) | High — Microsoft backed |
| IBM CUGA | Apache 2.0 | New | Enterprise Workflow | Yes (native) | High — IBM enterprise focus |
| Agent S2 | Apache 2.0 | Active | GUI Desktop Agent | No | Medium — research-grade |
| Semantic Kernel | MIT | Active | Enterprise Agent SDK | Via plugins | Very High — auth/audit built-in |
Tier 2: Conditional Candidates (License Concerns or Partial Fit)
| Project | License | Issue | Mitigation |
|---|---|---|---|
| Skyvern | AGPL-3.0 | Network copyleft | Process boundary separation only |
| n8n | Fair-code | Redistribution restricted | Self-host OK, cannot bundle |
| Crawl4AI | Apache 2.0 | Scraping only, not full agent | Useful as component |
Tier 3: Not Recommended (License Incompatible)
| Project | License | Reason |
|---|---|---|
| Sidecar (CodeStory) | AGPL-3.0 | Already analyzed — process boundary only (ADR-165) |
| Any GPL-3.0 project | GPL-3.0 | Cannot integrate into proprietary platform |
4. Evaluation Criteria Matrix
Rate each candidate 1-5 on these dimensions:
| Dimension | Weight | Description |
|---|---|---|
| License Compatibility | 25% | MIT/Apache > MPL > LGPL > AGPL/GPL |
| Enterprise System Coverage | 20% | Gmail, Calendar, Drive, Office, desktop apps |
| Security Architecture | 20% | Sandboxing, permissions, audit trails, HITL |
| MCP/Tool Integration | 15% | Native MCP support, extensible tool system |
| coditect-core Alignment | 10% | Architecture fit with hooks, agents, skills, commands |
| Community & Maintenance | 10% | Active development, stars, contributors, funding |
Preliminary Scoring
| Project | License (25) | Enterprise (20) | Security (20) | MCP (15) | Alignment (10) | Community (10) | Total |
|---|---|---|---|---|---|---|---|
| OpenClaw | 25 | 16 | 12 | 12 | 8 | 10 | 83 |
| Bytebot | 25 | 16 | 18 | 9 | 6 | 6 | 80 |
| CrewAI | 25 | 16 | 14 | 15 | 6 | 8 | 84 |
| Browser Use | 25 | 12 | 10 | 9 | 6 | 10 | 72 |
| Accomplish | 25 | 14 | 14 | 9 | 8 | 6 | 76 |
| Semantic Kernel | 25 | 16 | 20 | 12 | 4 | 8 | 85 |
| LangGraph | 25 | 14 | 12 | 15 | 6 | 8 | 80 |
| IBM CUGA | 25 | 14 | 16 | 15 | 6 | 4 | 80 |
| AutoGen | 25 | 12 | 14 | 12 | 6 | 8 | 77 |
| Agent S2 | 25 | 10 | 14 | 6 | 4 | 6 | 65 |
5. Security Architecture Requirements (OWASP Agent Security Top 10)
Based on current best practices (2026):
| Risk | Mitigation Required |
|---|---|
| Excessive Agency | Least-privilege permissions per tool; explicit action scoping |
| Prompt Injection | Input validation, output filtering, system prompt isolation |
| Insecure Tool Use | Tool allowlisting, parameter validation, rate limiting |
| Data Exfiltration | Network sandboxing, outbound connection allowlists |
| Privilege Escalation | Role-based access, temporary scoped tokens |
| Insufficient Logging | Immutable audit trails for all agent actions |
| Uncontrolled Autonomy | Human-in-the-loop gates for high-risk actions |
| Supply Chain | Signed artifacts, dependency scanning, SBOM |
| Model Manipulation | Input/output guardrails, content safety filters |
| Denial of Service | Rate limiting, resource quotas, circuit breakers |
Recommended Security Stack
- Sandboxing: Docker containers (Bytebot pattern) or microVMs for untrusted code
- Permission Model: coditect-core hooks as approval gates (PreToolUse pattern)
- Audit Trail: Extend session logging to capture all agent actions
- Network Isolation: Allowlisted outbound connections per tool
- HITL Gates: CoditectModal approval for destructive/financial/external actions
- Token Scoping: OAuth2 scoped tokens per integration, auto-expiring
6. Recommended Architecture: Hybrid Approach
Rather than adopting a single framework, build a layered architecture:
+------------------------------------------+
| CODITECT Enterprise Agent |
| (coditect-core agents/commands/hooks) |
+------------------------------------------+
| Orchestration Layer |
| CrewAI or LangGraph (multi-agent) |
+------------------------------------------+
| Execution Engines (pluggable) |
| +----------+ +----------+ +-----------+ |
| | Browser | | Desktop | | API/MCP | |
| | Use | | Bytebot | | Direct | |
| +----------+ +----------+ +-----------+ |
+------------------------------------------+
| Security & Observability |
| Sandboxing | Audit | HITL | Monitoring |
+------------------------------------------+
| Enterprise Integrations (MCP) |
| Gmail | Calendar | Drive | Office | ... |
+------------------------------------------+
Component Selection
| Layer | Primary Choice | Rationale |
|---|---|---|
| Orchestration | CrewAI (MIT) | Highest score, native MCP, multi-agent |
| Browser Execution | Browser Use (MIT) | 60K stars, 89% accuracy, MIT |
| Desktop Execution | Bytebot (Apache 2.0) | Containerized, isolated, enterprise |
| API/MCP Tools | Semantic Kernel (MIT) | Enterprise auth/audit built-in |
| Observability | LangFuse (MIT) | Already in coditect ecosystem |
| Workflow Fallback | n8n (self-hosted) | 400+ integrations, visual builder |
7. coditect-core Integration Points
| coditect-core Component | Integration |
|---|---|
| Hooks (118) | PreToolUse/PostToolUse for agent action approval gates |
| Agents (776) | New agent type: enterprise-system-agent |
| Commands (377) | /enterprise-agent start, /enterprise-agent status |
| Skills (445) | Enterprise automation skills (Gmail, Calendar, etc.) |
| Session Logging | All agent actions logged to session log |
| MCP Servers | Extend existing semantic-search, call-graph, impact-analysis |
| Ralph Wiggum | Run enterprise agents as autonomous loops with checkpoints |
| Context DB | Store enterprise system state in org.db decisions table |
8. Next Steps
- Deep-dive top 3 candidates (CrewAI, Bytebot, Semantic Kernel) — clone repos, analyze architecture
- Add to coditect-bot — already started (Accomplish added as
b500d9a) - Prototype MCP bridge — connect coditect-core MCP servers to enterprise agent
- Security architecture ADR — draft ADR for enterprise agent sandboxing model
- Run Wave 4-6 searches — security patterns, integration specifics, architecture deep-dives
- Create TRACK tasks — formalize as H-track or new dedicated track
Sources
Agent Frameworks
- IBM CUGA — Configurable Agent Framework
- Top 7 Open Source AI Agent Frameworks
- Agentic AI Frameworks: Top 8 Options in 2026
- 8 Open-Source AI Agent Platforms for 2026
- Top 9 AI Agent Frameworks — February 2026
- Comparing Open-Source AI Agent Frameworks — Langfuse
- Top 5 Open-Source Agentic AI Frameworks 2026
Desktop & Browser Agents
- Open Computer Use — GitHub
- Agent S2 — Simular AI
- Bytebot — Self-Hosted Desktop Agent
- Browser Use — Web Automation
- Skyvern — Browser Workflow Automation
- Accomplish — Desktop AI Coworker
- Best 30+ Open Source Web Agents 2026
Enterprise Integration
- CrewAI — Multi-Agent Platform
- Microsoft Agent Framework
- OpenClaw — AI Assistant (DigitalOcean)
- OpenClaw — GitHub
- n8n — Workflow Automation