Silas isn't a thin wrapper around a language model. It's a purpose-built architecture where specialized components work in concert to solve real infrastructure problems.
Four interconnected layers, each optimized for its purpose. Flexibility where it matters, performance where it counts.
Meet users where they work. The desktop app provides a rich GUI for visual workflows. The CLI offers scriptable automation. Slack integration brings Silas directly into team workflows.
The brain of Silas. Multiple specialized AI agents collaborate on complex tasks. Problems decompose into parallelizable work. Knowledge persists across sessions via semantic memory.
Direct connections to your infrastructure. Platform-specific MCP modules speak native APIs to F5, AVI, ServiceNow, Splunk, Grafana, and more. The job manager tracks execution with full audit trails.
Performance at the foundation. High-speed async I/O with connection pooling for rapid device access. NATS messaging with NKey authentication and TLS. Time-series storage for telemetry. Semantic search via Gandalf.
Traditional AI assistants are single-threaded thinkers. Silas Hive is a team of specialists that break down complex problems, work in parallel, and aggregate results.
Problem Decomposition
The Coordinator analyzes your request and breaks it into a directed acyclic graph (DAG) of subtasks.
Expert Routing
Tasks route to domain experts based on capabilities. Discovery tasks go to the Discovery Expert, configuration changes to Change Management.
Parallel Execution
Independent tasks execute simultaneously. Dependent tasks wait for prerequisites. Throughput scales with problem complexity.
Result Aggregation
Results flow back to the Coordinator, which synthesizes a coherent response and stores learnings in shared memory.
Decomposes prompts, routes to MCPs, aggregates results, streams traces
Splunk (28 tools), Grafana / Prometheus (14 tools), ServiceNow (9 tools)
BIG-IP MCP (15 tools), AVI migration suite, LB Ops desktop panel
Plan / policy / apply / drift / canary — vendor-agnostic core
Ephemeral GHCR containers — connectivity testing, browser checks, safe probes
Encrypted capsule store, local semantic retrieval, hub-distributed
Gandalf is Silas's portable knowledge system — age-encrypted capsules of vendor documentation, deployment patterns, and distilled operational experience. Capsules are compiled centrally, distributed over the hub, and queried locally at runtime with semantic search. Content access is gated by license tier.
Encrypted Knowledge Capsules
Silas isn't a single agent — it's a hierarchy of specialized agents that spawn, coordinate, and collaborate autonomously. Complex problems decompose into parallel workstreams, each handled by the right expert with the right tools.
The Coordinator agent receives complex tasks and decomposes them into a directed acyclic graph (DAG) of subtasks. Each subtask routes to the best-fit specialist based on capabilities and current load.
A2A Protocol • DAG Scheduling • Load-Balanced Routing • Model Escalation
The main MCP server acts as a parent that spawns and manages child MCP servers — each a specialized sub-agent for a specific platform or service. Tools are auto-discovered and proxied transparently.
Auto-Discovery • Dynamic Proxy • Health Checks • Auto-Reconnect
Complex tasks break into dependency graphs. Independent subtasks execute in parallel. Dependent tasks wait for prerequisites.
Tasks start with efficient models and automatically escalate to more powerful ones when complexity demands it. Right-size every operation.
Child MCP servers register tools at startup. The parent dynamically generates forwarding wrappers with retry, reconnection, and tracing built in.
Sensitive operations pause for human approval. Priority-based queues with Slack notifications and expiration timeouts. Full audit trail.
Agents declare capabilities via Agent Cards. The Coordinator reads these cards to make routing decisions. Tasks dispatch via HTTP or WebSocket with streaming response support.
Event-driven task dispatch and result processing through NATS pub/sub. Topics for tasks, results, and logs. NKey authentication and TLS encryption on every connection.
Agents share context through a semantic memory store backed by Gandalf. Patterns, errors, solutions, and learnings persist across sessions and agents. Sanitized before storage.
Silas is built for speed where it matters most — managing hundreds of devices without breaking a sweat.
Non-blocking I/O throughout. Thousands of concurrent operations without thread explosion.
Connection pooling per-host and global limits. No reconnection overhead on repeated operations.
Memory-safe architecture eliminates entire classes of bugs. No null pointers. No data races.
Batch operations fan out to multiple devices simultaneously. Results stream back in real-time.
Silas handles credentials, configurations, and network access. Security isn't an afterthought.
Every piece of data passes through a sanitization layer before leaving your environment. 30+ regex patterns catch API keys, tokens, private keys, and internal IPs.
Credentials encrypted at rest using age encryption. NATS messaging secured with NKey (Ed25519) challenge-response authentication and TLS. 1Password integration and BYOK support.
Every job, every command, every change is logged. Hierarchical job IDs enable tracing from user request through execution. Time-series storage retains 90 days of telemetry.
API Keys
Tokens
Private Keys
Network
Silas speaks the native language of your infrastructure. Deep integrations, not screen scraping.
Full iControl REST API support. Virtual servers, pools, monitors, iRules, ASM policies. TMOS shell access for advanced operations.
Complete AVI REST API coverage. Virtual services, pools, health monitors, WAF, analytics. Multi-cloud awareness.
Native Socket Mode integration. Ask questions, run commands, receive alerts directly in Slack. Intent classification routes to the right tool.
High-performance Rust SSH engine (silas-ssh). Async I/O with per-host and global connection pooling. Batch operations, file transfers, SOCKS5 proxy and jump host support.
Built on the open MCP standard. Extensible module architecture. Easy to add new integrations that inherit Silas's context and capabilities.
Version control integration for configuration-as-code workflows. Track changes, manage branches, and maintain audit history through Git.
ACI fabric management, Nexus switching, IOS-XE routing. RESTCONF and CLI support for comprehensive Cisco infrastructure automation.
Junos automation via NETCONF and REST APIs. SRX firewalls, EX/QFX switching, MX routing platforms with configuration management.
Panorama and NGFW management. Security policies, NAT rules, threat prevention, and GlobalProtect VPN configuration automation.
Issue tracking and project management integration. Create tickets from alerts, link changes to stories, and track automation workflows.
9 purpose-built tools for ITSM and CMDB via Table API. Change management workflows, configuration item sync, incident tracking, and compliance automation with ServiceNow.
Deep observability integration with 28 specialized tools. Query Splunk indexes, correlate events, manage alerts, and surface insights from your security and infrastructure telemetry.
14 specialized tools for metrics and monitoring. Query dashboards, retrieve time-series data, manage alerts, and correlate infrastructure metrics with operational events.
Portable encrypted vector store for persistent semantic memory. On-demand capsule creation for environment-specific knowledge that persists across sessions.
Cisco (IOS-XE, NX-OS, ACI), Juniper (Junos, SRX, Mist), and Palo Alto (Panorama, NGFW, GlobalProtect) MCPs are scaffolded with Phase 1 epics in flight — read-only tool surfaces first, Intent-gated apply in Phase 2.
Citrix ADC, Zscaler, VeloCloud, Versa SASE, Fortinet, and Check Point adapters will plug into the same Intent provider interface once the Phase 1 vendors land.
Validate changes before they hit production. Silas includes a fully ephemeral testing environment for end-to-end validation of your automation workflows.
Test environments spin up on demand and tear down automatically. No persistent test infrastructure to maintain or secure.
Test complete workflows from discovery through deployment. Validate API calls, configuration syntax, and expected outcomes.
Catch errors before production. Syntax validation, dependency checking, and impact analysis built into every test run.
Results in seconds, not hours. Parallel test execution and intelligent caching accelerate your validation cycles.
Purpose-built capabilities for real-world infrastructure work — from safe remote execution to full-stack platform migrations.
Ephemeral containerized environments for safe remote execution. Spin up purpose-built GHCR containers with the exact tools you need, execute operations, capture results, and tear down. Nothing persists. Nothing leaks.
Full-stack migration engine for moving workloads from AVI/NSX ALB to F5 BIG-IP. Object mapping, configuration translation, health monitor conversion, and validation at every step. Not a config converter — a migration partner.
Flexible credential management with three resolution tiers: bring your own API keys (BYOK), 1Password vault integration for provisioned secrets, or local encrypted storage. Your keys, your control.
macOS
Apple Silicon native. Primary platform.
Windows
Desktop and CLI. Full feature parity.
Linux
Desktop and CLI. Ubuntu, Fedora, Arch.
Silas ships with a layered governance model and a prompt ecosystem that lets organizations customize, extend, and share agent behaviors — without touching code.
A curated library of agent prompts, workflows, and domain-specific instructions. Browse, install, and combine prompt packs for your environment — from vendor-specific runbooks to compliance templates.
A three-tier merge system: core bundled prompts, organization overlays, and user customizations. Package updates never overwrite your customizations. Your rules layer cleanly on top of ours.
Approval queues gate sensitive operations — deployments, infrastructure changes, security actions. Priority-based workflows with Slack notifications, expiration timeouts, and full audit history.
Core Prompts (bundled)
Agent role definitions, tool instructions, and safety guardrails shipped with every release.
Organization Layer (~/.silas/)
Company-specific rules, naming conventions, compliance requirements, and domain knowledge overlays.
User Customizations (personal)
Individual preferences, workflow shortcuts, and personal agent behavior tuning.
Each layer merges cleanly. Updates to core prompts never overwrite your customizations.
Prompt-Level
Define what agents can and cannot do through natural language rules. Agent behaviors are constrained by their prompt definitions.
Execution-Level
Approval queues for sensitive operations. Deployments, security changes, and infrastructure modifications require human sign-off.
Permission-Level
Filesystem paths, shell commands, and network access controlled via preferences.toml. Allowlists and blocklists for fine-grained control.
Silas Intent is the declarative substrate that runs through every vendor integration — think Argo CD or Pulumi, but for network and security devices. Declare desired state in YAML, Silas watches your Git, computes a plan, runs policy checks, validates with a synthetic canary, and only then applies. Drift is detected continuously and surfaced back to the same plan-and-apply loop.
14-day free trial. No credit card required. Full access to all features.
