ORCHESTRATION ENGINE

Themis

LangGraph-powered multi-agent threat analysis

An AI-driven threat analysis orchestrator that decomposes security tasks into specialist sub-tasks, executes them in parallel via Aegis skills, applies guardrails to every output, and synthesises a structured findings report. All processing is memory-ephemeral—no findings or task content persists to disk.

01

Architecture

Themis is a LangGraph StateGraph with six nodes wired as a directed acyclic graph:

specNode │ fanOutNode ── Send() ──▶ skillAgentNode (×N, parallel) │ guardrailNode │ synthesisNode │ auditNode

Fan-out uses the LangGraph Send API — fanOutNode returns one Send per sub-task, and LangGraph executes them in parallel on separate graph branches.

Node Responsibilities

  • specNode — Parse task + context, emit sub-tasks for specialist agents
  • fanOutNode — Return Send[] for parallel dispatch
  • skillAgentNode — Run createReactAgent for one sub-task; call skill phase fetch tool
  • guardrailNode — Score each output; block/flag/pass based on content integrity
  • synthesisNode — Reduce guardrailed results into structured report
  • auditNode — Write metadata-only debrief to SQLite; strip findings
02

State & Checkpointing

State is held in ThemisAnnotation (14 channels) using typed reducers:

  • append — Accumulates sub-task results and guardrail outputs
  • sum — Token counters (aggregate input/output tokens)
  • last-write-wins — Final report and thread metadata
  • dedup-union — Skill slug sets (avoid duplicates)
  • first-write-wins — Task and context (set once, never mutated)

Checkpointing uses MemorySaver — state is in-RAM only, scoped to a thread_id. No external database, no network calls for checkpointing.

03

LLM Providers

Themis supports multiple LLM providers with tiered model selection (fast/standard/power). Provider selection is determined at runtime based on available API keys:

  • Anthropic — Set ANTHROPIC_API_KEY (Claude models)
  • OpenAI — Set OPENAI_API_KEY (GPT-4, GPT-5 models)
  • Google — Set GOOGLE_API_KEY (Gemini models)
  • Mistral — Set MISTRAL_API_KEY (Mistral models)
  • DeepSeek — Set DEEPSEEK_API_KEY (DeepSeek models)
  • Qwen — Set QWEN_API_KEY (Qwen models)
  • NVIDIA — Set NVIDIA_API_KEY (Nemotron models)

All LLM provider SDKs are restricted to lib/themis/provider.ts. No provider SDK may be imported elsewhere. This is enforced at the bundle level. For detailed model specifications, see the technical documentation.

04

Security Model

Themis treats all inputs as untrusted and enforces five core security principles:

  1. Every input is untrusted — Task content, LLM outputs, skill phase content are all treated as potentially adversarial
  2. Sanitise before log — Loggers receive only metadata (hashes, token counts, durations). No user input or LLM output reaches a log line
  3. Sanitise before client — All errors pass through safeError() which returns one of three fixed strings. No stack traces, paths, or model names reach the client
  4. Memory ephemeral — No findings or task content is persisted to Redis, Supabase, or any external storage
  5. Content integrity checks — All skill phase content is validated against blocked-content patterns (script injection, eval, data URIs) before reaching agents
05

POST /api/themis

Request

{ "task": "Assess the attack surface for a hybrid cloud + OT environment", "context": { "environments": [ "enterprise", "hybrid", "ot" ], "attackSurfaceTags": [ "network", "lateral-movement" ] }, "threadId": "optional-session-id" }

Response

{ "report": "## Findings\n...", "subTaskResults": [], "guardrailSummary": { "passed": 3, "flagged": 0, "blocked": 0 }, "skillTrace": [ "mitre-attack", "deception-engineering" ], "totalInputTokens": 12400, "totalOutputTokens": 3200, "durationMs": 8400, "threadId": "abc-123" }

Supports streaming: pass Accept: text/event-stream to receive node-name events as the graph executes. Node content and findings are never included in SSE events.

06

Debrief & Audit Trail

Each orchestration writes a metadata-only row to a local SQLite database:

  • thread_id — Session correlation ID
  • task_hash — SHA-256 of the task string (not the task itself)
  • skill_slugs — JSON array of skills invoked
  • guardrail_summary — { passed, flagged, blocked }
  • total_input_tokens — Aggregated input token count
  • total_output_tokens — Aggregated output token count
  • duration_ms — Wall-clock duration
  • created_at — UTC timestamp

Findings text and task content are never written to SQLite. The audit trail captures only what is necessary for operational visibility and compliance.

07

Installation & Deployment

Themis is platform-agnostic and can be deployed as a self-hosted service, embedded in your application, or run locally. Choose the installation method that fits your architecture.

Option 1: Install as NPM Package

For JavaScript and Node.js projects:

npm install @aegis-skills/themis

Import and use:

import { orchestrate } from '@aegis-skills/themis' const result = await orchestrate({ task: 'Assess attack surface for cloud environment', context: { environments: ['cloud', 'enterprise'], attackSurfaceTags: ['network', 'api'] } })

Option 2: Docker Container

Deploy Themis as a containerized REST API:

docker run -e ANTHROPIC_API_KEY=sk-... -p 3000:3000 aegis-skills/themis

The Themis API will be available at http://localhost:3000/api/themis

Option 3: Vercel Deployment

Deploy the full Aegis platform (Themis + skills) to Vercel:

# Clone repository git clone https://github.com/drupadsachania/aegis-skills.git cd aegis-skills # Deploy to Vercel vercel # Set environment variables vercel env add ANTHROPIC_API_KEY vercel env add OPENAI_API_KEY # ... add other provider keys as needed # Deploy with secrets vercel --prod

Option 4: Self-Hosted on Linux/macOS

Run Themis locally or on your own infrastructure:

# Prerequisites: Node.js 20+, npm 10+ # Clone and setup git clone https://github.com/drupadsachania/aegis-skills.git cd aegis-skills npm install # Configure environment cp .env.local.example .env.local # Edit .env.local and add your LLM provider API keys # Run development server npm run dev # Build for production npm run build npm run start # Or run with PM2 for persistent service pm2 start npm --name themis -- start

Environment Configuration

Themis requires at least one LLM provider API key. Set environment variables for your chosen provider:

# Supported providers (choose at least one): ANTHROPIC_API_KEY=sk-ant-... # Claude models OPENAI_API_KEY=sk-... # GPT models GOOGLE_API_KEY=AIz... # Gemini models MISTRAL_API_KEY=... # Mistral models DEEPSEEK_API_KEY=... # DeepSeek models QWEN_API_KEY=... # Qwen models NVIDIA_API_KEY=... # NVIDIA NIM models # Optional: Enable LangSmith tracing LANGCHAIN_TRACING_V2=true LANGCHAIN_API_KEY=lsv2_... LANGCHAIN_PROJECT=aegis-skills

Quick Start (Local)

# 1. Clone repository git clone https://github.com/drupadsachania/aegis-skills.git cd aegis-skills # 2. Install dependencies npm install # 3. Configure LLM provider echo "ANTHROPIC_API_KEY=your-api-key-here" > .env.local # 4. Start local server (http://localhost:3000) npm run dev # 5. Test Themis API curl -X POST http://localhost:3000/api/themis \ -H "Content-Type: application/json" \ -d '{ "task": "Assess attack surface for hybrid cloud", "context": { "environments": ["cloud", "enterprise"], "attackSurfaceTags": ["network", "lateral-movement"] } }'

Deployment Best Practices

  • API keys in environment only — Never commit .env files. Always use platform-specific secret management (Vercel Secrets, AWS Secrets Manager, etc.).
  • Set ulimit for file descriptors — Themis uses LangGraph checkpointing. On Linux/macOS: ulimit -n 4096
  • Monitor memory usage — Findings are held in-memory during orchestration. For large tasks, allocate 2GB+ RAM.
  • Enable request timeouts — Set reverse proxy timeouts to 90s+ (Themis can take 30-60s per task).
  • Health check endpoint — GET /api/health returns 200 if server is ready.
08

Next Steps

See the Documentation page for getting started guides and API reference. For the complete technical specification, see TECHNICAL.md in the repository.