Documentation Index
Fetch the complete documentation index at: https://docs.termyte.xyz/llms.txt
Use this file to discover all available pages before exploring further.
Architecture
Termyte v1.0 is built on a Split-Plane Architecture that separates the agent implementation from the high-integrity governance kernel hosted in the cloud.System Overview
The system is split into a Control Plane (Governance) and a Data Plane (Execution) to ensure that safety and performance are never compromised.The Control Plane
The Control Plane is a high-performance Rust-based runtime that acts as the source of truth for safety and causal inference. It implements a 3-Tier Governance Pipeline:-
Tier 1 Deterministic Matching
Instant blocking of known dangerous patterns such as destructive shell commands or credential exfiltration. -
Tier 2 Semantic Memory
Uses vector search to find similar past failures in project history. -
Tier 3 LLM Judge
A specialized safety model that reasons about the intent of complex commands.
The Data Plane
The Data Plane lives locally with the agent and handles the implementation details of governance.Invisible Interception
Termyte v1.0 uses an Intercept Execute pattern. When the agent calls the execute tool:-
Redaction
The local sanitizer strips API keys and secrets. -
Preparation
The bridge sends a fingerprint of the action to the cloud. -
Verdict
The bridge waits for an ALLOW or BLOCK decision. -
Sandboxed Execution
If allowed, the command runs in a secure subprocess. -
Telemetry
The outcome is reported back to the cloud.
Privacy and Safety
-
Local First Privacy
Raw data and secrets never leave the machine. -
Fail Closed
If the cloud runtime is unreachable, the system defaults to BLOCK for unknown or high-risk actions. -
Sandbox Security
Commands execute via execFile with no shell expansion.
Performance
-
Latency
Less than 12ms total overhead for the governance handshake. -
Throughput
Stateless cloud kernels handle thousands of concurrent agent actions.
Why Termyte? | Core Concepts | Privacy