// architecture
Harness, intelligence, connectors
The operator works in Narya Command. WAIS retrieves the right knowledge, captures lessons from corrections, and grows your site's chronicle. Connectors extend the command core — CygNet first — with governed actions, safety contracts, and audit regardless of vendor.
// architecture
App, intelligence, connectors
The operator works in Narya Command, an automation application for workflows and scheduled runs. WAIS retrieves knowledge and grows your site's chronicle. Connector plugins reach email, Azure DevOps, CygNet, and more.
One safety model. One audit trail. Connectors talk to external systems; for CygNet, CygNet ACS stays the authority for permissions and audit — we don't replace it.
// inside the harness
Connector actions · Workflows · Strategies
Inside Narya Command there are three sub-layers. The strategy layer is where most of the engineering work goes — and where the long-term advantage compounds.
Connector actions
Versioned entry points per plugin — stable contracts with JSON Schema. CygNet ships deep coverage across 13 services; Email, ProdOps, and Teams extend the catalog.
Workflows
Deterministic multi-step orchestration on the canvas. Connector actions, loops, and validation run the same way every time; AI prompt steps are explicit, scoped, and optional.
Strategies
The seam between rule-based logic today and LLM-backed inference tomorrow. Returns evidence and confidence levels — the product, not just plumbing.
// why this matters
A strategy doesn't return answers. It returns evidence and confidence levels. The LLM (Claude today, on-prem model tomorrow) makes the judgment call. When we move from cloud to on-prem inference, the strategy interfaces don't change — workflows and tools don't change. Only the model behind them does.
// deployment topologies
Three modes, one architecture
Same connector actions, same WAIS schema, same write-safety model. The difference between modes is where the knowledge store lives and how Windows identity reaches CygNet ACS.
01 · Local
Single workstation — eval / single-admin sites
Narya installer provisions the WAIS knowledge store locally. The intelligence layer runs as a local service. Everything stays on one machine.
02 · Centralized
Multi-admin — the strategic moat
One Westmarch server — bring your existing managed database, or one we help you stand up. Every Narya instance points to it. All learned knowledge is shared instantly.
03 · Remote / hosted
Intranet rollout with SSO and CygNet ACS preserved
Enterprise SSO → Command core → Connector gateway → Internal API → Windows Identity Bridge → CygNet. ACS stays the authority for permissions and audit.
Preview → confirm → changeset → rollback
- Preview before execute. Every write tool supports a dry-run that shows before/after for every affected entity.
- Run changeset journal. Independent of CygNet's native audit. Full before/after state, operator identity from CygNet ACS context, tool + action metadata. 30-day retention by default.
- Guided rollback with conflict detection. Reads the changeset, checks the current value of each attribute, flags conflicts. No silent overwrites of other operators' changes.
- CygNet ACS stays the authority. We don't duplicate the permission model. The SDK runs under the local Windows user's identity; ACS controls what operations are allowed.
Same command core, swap the model
For operators who can't use cloud AI at all, swappable LLM backends — managed cloud inference for cloud-friendly customers, self-hosted models on infrastructure you control for restricted environments. Swapping the model backend requires zero changes to workflows and connector actions. See on-prem AI options →
On-Premises Triage Agent
An asynchronous on-premises agent that ingests operational issues from email, ADO, or ticket queues, investigates with CygNet-aware tooling, and prepares recommended actions for human review or bounded automated execution. Three customer-selectable autonomy modes: read-only triage, human-approved remediation, bounded autonomous remediation. Same run engine, same connector actions, same write safety, same changesets. Read the roadmap →
80% resolvable from accumulated knowledge
The long-term goal is a coverage-driven triage layer: 80% of incoming operational problems at a mature site resolvable from your accumulated CygNet knowledge alone — without fresh learning every time. WAIS is the substrate. The Triage Agent is the surface — shipping in Narya Command today.
// the metric
coverage_ratio — distinct (device_type × action × outcome) tuples observed at your site, divided by the known-possible surface. A measurable quantity, not a vibe.
Higher coverage never means looser safety. Preview, confirm, changeset, rollback, and human-in-the-loop approval remain the default at every autonomy level — including scheduled triage workflows.
// optional adapter
MCP as adapter, not the product
Model Context Protocol can optionally expose a subset of connector actions to external developer workflows. Narya Command is the governed run workbench; MCP is plumbing, not the product boundary.
// in summary
Why this architecture earns the work
One safety model, every run
Whether the operator uses Prompt, a saved workflow, or the future Triage Agent, every write goes through preview → confirm → changeset. We don't maintain two versions of the safety story.
Knowledge that compounds
WAIS captures lessons, conventions, and aliases per site. Centralized, every admin's corrections benefit every other admin instantly. This is what we cannot be cloned out of in a weekend.
Connectors, not ad hoc glue
Each connector declares capabilities and safety semantics. Workflows compose actions; the run engine owns pause/resume, human gates, and audit — regardless of whether the target is CygNet, a ticket system, or email.
OT-grade authorization
CygNet ACS stays the final authority. We don't reinvent permissions. The Identity Bridge in remote/hosted deployments preserves the human user identity all the way through to ACS.