How does Orquesta work?

You connect your development tools (GitHub, Vercel, etc.) once, then your team writes prompts describing features they want to build. Our AI agent runs on your machine, reads your codebase, writes code, creates PRs, and deploys - all while you watch in real-time.

What AI models do you support?

We always support the latest Claude and GPT models, plus local models via Ollama or vLLM. With Orquesta CLI, you can configure multiple LLM endpoints and sync them across your team from the dashboard.

Yes. The AI agent runs on YOUR machine, not ours. Your code stays local. Credentials are encrypted with AES-256-GCM. We use row-level security in our database. Your secrets are never stored in plain text.

Can I use my existing GitHub workflow?

Absolutely. Orquesta creates standard git branches and pull requests. Your existing CI/CD pipelines, code review process, and GitHub Actions all work exactly as before.

What happens if the AI makes a mistake?

Every change is a git commit, so you can always revert. You review PRs before merging, just like human code. Plus, you can watch the AI work in real-time and stop it anytime.

What is Orquesta CLI?

Orquesta CLI is a standalone coding assistant that runs locally. Configure LLM endpoints (OpenAI, Anthropic, Ollama), sync configurations from the dashboard, and track prompts across your team. Install with: npm install -g orquesta-cli

Do I need to be technical to use Orquesta?

Non-technical team members can write prompts, but you'll want at least one developer to review the generated code. That's actually the point - anyone can contribute ideas, developers ensure quality.

Security by Default: Benefits of Keeping Code Local

Explore why executing code locally enhances security with AES-256 encryption, audit trails and team sign-off, avoiding cloud vulnerabilities.

In the quest for agile development, many teams rush to cloud solutions without weighing the security implications. While cloud sandboxes allow quick iteration, they expose sensitive code and data to external vulnerabilities. At Orquesta, we've taken a different approach: executing code locally, ensuring that your critical assets remain within your secure environment.

Why Local Execution Matters

Every software team aims for a balance between speed and security. Cloud sandboxes offer convenience but at a cost. The cost is often your data's security and privacy. By running code locally on your own infrastructure, you minimize the risk of exposing sensitive information to third parties. This is a core tenet of Orquesta's design philosophy.

The Security Risks of Cloud Sandboxes

Data Exposure: When using cloud-based tools, your code and data must leave your local environment. This transfer increases the chance of interception or misuse.
Third-Party Dependencies: Relying on cloud services means entrusting your sensitive data to another company. You are bound by their security practices, which may not align with your own.
Audit Challenges: Cloud services can complicate audit processes, making it difficult to track activities and ensure compliance with internal and external regulations.

Keeping Code Local with AES-256 Encryption

Orquesta's local AI agent runs directly on your machine, utilizing the Claude CLI. This setup means that your code and data never leave your trusted infrastructure.

AES-256 Encryption: All credentials used by our agents are encrypted with AES-256, a standard trusted by government entities and enterprises worldwide. This ensures that even if data is compromised, it remains unreadable to unauthorized entities.
Full Audit Trail: Every action taken by the AI agent is logged, providing a comprehensive audit trail. This logs everything from prompts to diffs, allowing you to backtrack and understand every change made by the AI.

{
  "agent": "claude",
  "actions": [
    {
      "action": "commit",
      "timestamp": "2023-10-01T12:00:00Z",
      "description": "Refactored authentication module"
    }
  ]
}

The audit trail is not just a security feature but a productivity tool, allowing teams to learn from past activities and improve future workflows.

Quality Gates and Team Sign-Off

In software development, human oversight is crucial. Orquesta embeds quality gates into the workflow, ensuring that AI-generated changes are vetted by team leads before they proceed to production.

The Role of Quality Gates

Simulated Changes: Before any real execution, the AI simulates changes. This allows the team to preview potential impacts and make informed decisions.
Team Sign-Off: Once changes are simulated, a designated team lead must review and sign off on them. This step enforces coding standards and prevents unwanted or unsafe code from being deployed.

Through this approach, teams retain control over the codebase, using AI as an assistant rather than an autonomous decision-maker.

Architectural Benefits of Local Execution

Running agents locally isn't just about security; it offers architectural advantages as well.

Performance: Local execution eliminates latency associated with cloud communication, resulting in faster feedback loops.
Resource Optimization: Since the execution occurs on your existing infrastructure, it utilizes your already available resources efficiently and cost-effectively.
Flexibility: You can run multiple agents across different environments, tailored to specific tasks or projects, without being limited by cloud service constraints.

Conclusion

By prioritizing local execution, we at Orquesta ensure that your code remains as secure as possible without sacrificing agility or flexibility. The combination of AES-256 encryption, comprehensive audit trails, and team-based quality gates provides a robust framework that safeguards your development processes. This 'security by default' philosophy is not just a technical choice; it's a way to empower teams to innovate confidently, knowing their data remains protected.