Weisgnosis
online
The operating system for AI-driven work
scroll
message
Typed · auditable Temporal · durable gVisor · isolated
01 / 08
failure.modes
Trapped in 3 places

The process exists only in spreadsheets, email, and one engineer's memory. Unversioned, unobservable, never run the same way twice.

0 lines of replay

Chat-AI returns prose with no types and no log. Ask "why did it decide that?" six months later — there is nothing to inspect.

1 shared kernel

Agent frameworks run model-written tool calls on the host kernel. One bad call reaches your infrastructure, so it never ships.

02 / 08
system.model
Typed graphs
18 node types · 3 edge kinds

Versioned and hash-pinned per run. Graphs compose and nest as subflows, so one reviewed flow drops into the next.

Eval-context flow
0 manual ports · 1 immutable context

Every node receives the full EvalContext as JSON and merges its output into the next snapshot. You design logic, not plumbing.

Durable execution
crash @ hour 2 → resume hour 2

A Temporal workflow interprets the graph deterministically. It survives worker restarts, network failures, and retries.

03 / 08
telemetry.live
thinking tool-calling complete dispatch · external
LIVE · 1s SSE REPLAY · 5,000-event ring
04 / 08
runtime.contract
01 · business_analyst
internal · in-process
→ RequirementSpec — scoped tasks + acceptance criteria, typed.
02 · developer / OpenClaw
external · gVisor sandbox
→ CodeArtifact — runs untrusted, returns a typed diff + build target.
03 · reviewer / QA
internal · in-process
→ ReviewVerdict — reads the same context, returns pass / fail + findings, typed.
One contract: both classes call submit_artifact with tool_choice=required. Every output is decoded as a typed artifact by construction — never regex-parsed.
05 / 08
isolation.proof
1
gVisor user-space kernel
/proc/version = 4.19.0-gvisor · syscalls intercepted
2
Hardened securityContext
runAsUser=1000 · readOnlyRootFilesystem · cap drop ALL
3
NetworkPolicy deny-floor
egress DNS + 443 only · blocks 10/8, 169.254.169.254
4
ghostunnel mTLS
FQDN-SAN · CA-pinned · loopback-only, bare-IP rejected
5
Per-tenant secrets
SecretKeyRef · deleted on teardown · never in logs
$ echo x > /rootfs/xPermission denied
$ nc 192.168.1.10 22BLOCKED
$ nc 169.254.169.254 80BLOCKED
$ capsh --print | grep sys_admindropped
$ nc 1.1.1.1 443OK
06 / 08
evidence.runs
run db3c9e8a
Research → OpenClaw → QA

5 steps, 22,135 tokens. QA caught a real burst-formula error in the brief and returned 10 authoritative citations.

23 steps · 95 events
Multi-topic research

Parallel branches with coordination rounds, fully replayed from nodeOutputs history.

spec → shipped
SDLC reference flow

6 subflows from spec to shipped, with 1 human-in-the-loop gate.

< 10 min
idea → running process
< 5 min
50-page SOP → workflow
hour 2
crash → resume
$0.47
per run, observable
07 / 08
08 / 08
Weisgnosis OS · 2026
AI Process Runtime
Request access
Rev. A
— autonomous · auditable · isolated —
Autonomous, auditable, and human-controlled — on your own Kubernetes.
For platform teams on Kubernetes · we reply within one business day