Open Source · MIT · Standalone Package

AI inside your boundary.

The PURISTA AI Harness runs inside your application — not in a SaaS platform. Your data stays within your perimeter. Every decision leaves an OpenTelemetry trace. Human review gates block mutations until approved. Provider-neutral. Self-hosted. Built for production.

See how it works → Get started →

Self-hosted Your process. Your data. No SaaS in the path.

Observable OTel GenAI on every span, decision, and tool call.

Provider-neutral OpenAI · Anthropic · Bedrock · Azure.

Scroll

The challenge

AI without control is a production blocker .

Most enterprises cannot ship AI to production because they cannot answer the three questions their auditors, security teams, and regulators will ask.

Where does your data go?

SaaS AI platforms receive your prompts, internal context, and business data. In regulated industries — finance, healthcare, legal, government — sending sensitive data to external inference endpoints is often impermissible without explicit contracts, audit trails, and data residency guarantees.

What did the AI decide — and why?

Without a structured audit trail, you cannot explain or defend automated AI decisions to regulators, customers, or your own security team. Traces that say "the model responded" are not audit evidence. You need every tool call, every model decision, and every agent step on record.

Who approved the action?

AI agents that write records, send messages, or trigger workflows without human review create liability. "The model did it" is not a defensible position. Every mutation needs an owner — a named human who reviewed and approved it before execution.

SaaS dependencies 0 Runs inside your process. Your data never leaves your boundary.

Trace coverage 0% OTel GenAI conventions on every prompt, tool call, and agent decision.

LLM providers 0 OpenAI · Anthropic · AWS Bedrock · Azure AI Foundry. Swap without rewriting.

Core primitives 0 Models · tools · skills · agents · workflows · sessions — one typed API.

What changes

Control the boundary. Own the observability .

The Harness is not a wrapper or a SaaS integration. It is the runtime that owns the boundary between your TypeScript code and external models — with four guarantees that matter at enterprise scale.

Data stays in your perimeter

The Harness runs inside your application process. No third-party SaaS platform receives your prompts, context, or tool outputs. You own data residency.

Every decision is traceable

OpenTelemetry GenAI spans on every model call, tool execution, and agent decision. Full observability trail your team can actually inspect.

No mutation without approval

Workflows pause at human review gates. Write tools execute only after an explicit human decision. Approve, revise, or reject — each path is logged.

No provider lock-in

Swap OpenAI for Anthropic, Bedrock for Azure in one config line. Agents, tools, and workflows stay unchanged. Your code is never tied to one model API.

In your code

A harness in one file .

Define models, register tools, declare agents. The chain is typed end-to-end — payload schemas propagate into tool handlers, agent outputs, and session calls. Provider-neutral by construction.

harness.ts TYPESCRIPT

12345678910111213141516

import { defineHarness, openai } from '@purista/harness'const harness = defineHarness({ name: 'support' })  .models({    fast: { provider: openai({ apiKey }), model: 'gpt-4o-mini', capabilities: ['object'] }  })  .tools({    searchDocs: {      description: 'Search internal docs.',      input: z.object({ query: z.string() }),      handler: async (_ctx, { query }) => searchIndex(query),    },  })  .agents(({ agent }) => ({    answerer: agent({ model: 'fast', instructions: 'Answer briefly.' }),  }))

defineHarness().models().tools().agents() — fluent, typed, provider-neutral.

Provider-neutral

Swap the model. Keep the code .

Models, tools, sandboxes, state stores and MCP — each is a pluggable adapter. Capability-based gating means an agent that requires a feature will fail fast at startup if the bound model can't provide it, not silently at runtime.

OpenAI

GPT-4o · embeddings

Anthropic

Claude · tool use

AWS Bedrock

enterprise

Azure

AI Foundry

Six building blocks

One typed boundary. Every primitive you need .

The Harness provides six primitives that cover the entire agent lifecycle — from model calls and tool execution to multi-agent orchestration, durable workflows, and scoped session memory.

.models()

Models

OpenAI · Anthropic · Bedrock · Azure. Capability-gated.

.tools()

Tools

Typed TS functions or MCP servers. Bash · file · grep · MCP.

.skills()

Skills

SKILL.md directories mounted as reusable instruction packs.

.agents()

Agents

Typed conversation loops. Input → model → tools → typed output.

.workflows()

Workflows

Sequence · branch · parallel · durable. Multi-agent orchestration.

.sessions()

Sessions

Isolated memory, history, sandbox per user or run.

Inside PURISTA

A harness agent becomes a service primitive .

The Harness stands alone — but PURISTA services can attach a harness agent or workflow as a typed primitive. The result inherits everything: contracts, IAM, OTel tracing, retries. The agent is reviewed like any other service command.

@purista/harness STANDALONE

The Harness

Models, tools, agents, workflows, sandboxed sessions. Use it without ever installing the framework.

@purista/core + INTEGRATED

A PURISTA service

Attach via AgentQueueBuilder.setHarnessAgent(...) or AgentQueueBuilder.setHarnessWorkflow(...). The agent ships with contracts, IAM, OTel and observability — the framework adds the enterprise envelope.

↳ Same agent definition — used standalone in a script, or wrapped as a PURISTA primitive inside your enterprise system.

Try it

Build AI your reviewers can trust .

The Harness ships independently as @purista/harness. Use it standalone, or wire it into a PURISTA service for the full enterprise envelope.

Get started → Explore use cases → Security & compliance →