The open-source control plane for AI coding agents. Run Claude Code, Codex CLI, Gemini CLI, and more side by side — with a complete audit trail of every interaction. One governance layer for all your agents. Local-first. Zero data leakage.
Early alpha. Features may be incomplete or unstable. AI agents generate content that may be inaccurate — always review outputs. Report issues
Supports every major coding CLI
80% of employees use unauthorized AI tools. 86% of organizations are blind to their AI data flows. The EU AI Act takes full effect August 2026. The governance gap is a liability.
Other tools bolt governance on after the fact — scanning networks, blocking domains, discovering shadow AI after it's already leaked your data. AgentMux is the routing layer itself. Every AI interaction passes through it. If it doesn't go through the mux, it doesn't run. That's not a policy. That's an architecture.
Define which agents run, what tools they access, and what data they touch
Every interaction logged with full chain of custody — human to agent to outcome
Policies enforced inline at the routing layer — not after the fact
Multi-provider agent panes, interpane communication, regression detection, and a subagent watcher — built on a Rust backend light enough to run alongside 10+ agents on modest hardware.
Native pane type for Claude, Codex, Gemini, and more. Structured view of tool calls, reasoning steps, and file diffs. Not a terminal wrapper — a purpose-built agent UI with streaming parser, OAuth flow, and state machine. Vendor-neutral by design.
Every tool call streamed in real time. Visual diff overlay shows file changes as they happen. Regression detection highlights when an agent reverts correct work. One-click interrupt to redirect mid-task.
Panes talk to each other via Tokio channels. An agent's output streams into another pane's input. Build reactive pipelines — agent A's result triggers agent B. Visual connection indicators show active data flows.
Track every agent delegation chain for complete decision traceability. JSONL stream parsing surfaces every subagent's activity in a dedicated pane view. See multi-level agent hierarchies — no autonomous chain goes unmonitored.
Policy-driven agent configuration manager. Define approved working directories, tools, MCP configs, skills, and environment variables per agent. SQLite-backed with auto-start, crash-restart, and one-click launch. Only approved agents run.
Your agents run on your machine. Zero telemetry, zero phone-home, zero cloud dependency. Full visibility into every tool call, file write, and network request. Air-gap ready — no internet connection required to operate.
Every interaction logged with tamper-evident integrity. Full chain: human request, agent action, sub-agent delegation, tool call, data access, outcome. Structured JSONL export for SIEM integration. The evidence regulators demand.
Architectural enforcement, not after-the-fact detection. When all AI agents route through AgentMux, unauthorized tools have no path to execute. Shadow AI isn't detected — it's structurally eliminated.
Your agents configure the app for you. They spawn panes, set titles, build dashboards, rearrange the workspace, and update their own status — all through a typed API with sub-millisecond IPC to the Rust backend.
Real-time compliance monitoring and resource accountability. Dedicated sysinfo pane with CPU, memory, and network graphs. Live status bar with uptime counter, per-pane stats, and agent activity indicators.
Syntax-highlighted code preview pane. Authentic terminal emulation via xterm.js + portable-pty. Per-pane zoom, font size, transparency, and theme. Shell integration across bash, zsh, fish, pwsh.
150-350MB memory footprint — comparable to Warp or VS Code, but backed by a pure Rust engine with zero GC pauses and no heap growth over time. Runs comfortably alongside 10+ agent processes on modest hardware.
Native builds for Windows, macOS, and Linux. Code-signed and notarized on macOS. NSIS installer + portable ZIP on Windows. AppImage + .deb on Linux.
Apache 2.0 licensed. No telemetry, no tracking, no phone-home. Audit every line of the source. Verify the binary. Extend it for your compliance needs. Trust through transparency.
Whether you're running one agent or twenty, AgentMux gives you the visibility to stay in control.
Every tool call, file write, and data access captured with full context. Chain of custody logging at every handoff. Immutable audit trail satisfies EU AI Act (Aug 2026), NIST AI RMF, and ISO/IEC 42001. Shadow AI eliminated by architecture.
See every tool call, file write, and network request an agent makes. Full interaction graph from human request through agent delegation chains to final outcome. SIEM-ready structured logs. The CISO's single pane of glass for AI risk.
Air-gapped operation with zero internet dependency. Local-first data sovereignty for FISMA, CMMC, and ITAR environments. ATO evidence generation from immutable audit logs. Every agent action attributable to an authenticated session.
Assign agents to separate research tracks — case law, contracts, regulatory compliance. They verify each other's findings through interpane communication. Full audit trail for malpractice protection and regulatory evidence.
One agent writes Terraform while another reviews for security and cost. Subagent watcher tracks deploy hierarchies. Sysinfo pane shows live metrics during agent-triggered deploys.
Meet FINRA recordkeeping requirements for AI-enabled workflows. Full decision traceability for SOX compliance. Track which agent accessed what data, when, and why — the evidence auditors demand.
The regulatory clock is ticking. EU AI Act high-risk rules activate August 2026 with penalties up to €35M or 7% of global revenue. Every AI interaction your employees make is a compliance event. The tooling gap between AI adoption and AI governance is a liability.
80% of employees use unauthorized AI tools. 48% say they'd continue even if banned. Enterprises average 223 sensitive data incidents per month through AI applications. Shadow AI breaches cost $4.63M on average — $670K more than standard incidents. Only 12% of companies can detect all shadow AI usage. You can't govern what you can't see.
June 2026: Colorado AI Act. August 2026: EU AI Act high-risk rules. FINRA now scrutinizes AI agent reasoning chains. DoD mandates AI governance policy by mid-2026. HIPAA requires AI-specific risk assessments. 45+ US states have proposed AI bills. Organizations must prove complete AI inventories, immutable audit trails, and human oversight to auditors.
Every major AI security startup was acquired in 2025 — Robust Intelligence by Cisco ($400M), Protect AI by Palo Alto ($500M+), Lakera by Check Point ($190M), CalypsoAI by F5 ($180M). Now enterprises face three separate product categories: runtime security, governance platforms, and agent orchestration. No single tool unifies them. AgentMux does — at the architectural level.
Only 24.4% of organizations have visibility into agent-to-agent communication. 25.5% of deployed agents can create and instruct other agents autonomously. A single session might fork five subagents for different subtasks. AgentMux's subagent watcher auto-detects every spawned sub-agent — no autonomous chain goes unmonitored.
Electron-based tools eat 500MB+ of RAM per window. When you're running five agents, that's your entire machine. AgentMux uses 150-350MB of memory — a native Rust binary with no garbage collector, no runtime bloat, and no random freezes. It's the only tool that won't become the bottleneck.
Running multiple agents in isolation creates duplicated work, merge conflicts, and cascading errors. AgentMux's interpane reactive communication lets agents share context, coordinate tasks, and respond to each other's output — all through the UI, with every handoff logged for audit.
AgentMux was rapidly developed by AI agents running inside AgentMux itself. Multiple agents working in parallel on frontend, backend, and infrastructure - coordinated through the same interpane communication and Agent App API that ships to you. The ultimate proof the tool works: we ship with it every day.
Other tools govern their own ecosystem. AgentMux is the vendor-neutral control plane — governance at the routing layer, not bolted on after the fact.
| Tool | Agent Coverage | Audit Trail | Air-Gap Ready | Price |
|---|---|---|---|---|
| AgentMux | Any provider | Full chain | Yes | Free |
| Perplexity Computer | 19 models (closed) | Enterprise only | No (Cloud) | $200-325/mo |
| Credo AI | Overlay | Policy logs | No (SaaS) | Enterprise |
| Cisco AI Defense | Cisco ecosystem | Network logs | Partial | Enterprise |
| MS Agent 365 | Microsoft only | API-level | No (Cloud) | Enterprise |
| Cursor | Cursor only | None | No | From $20/mo |
| GitHub Copilot | Copilot only | Session logs | No | Free / $10/mo |
AgentMux is building toward a complete agentic operating system: persistent agent configs, multi-agent coordination, and remote access from anywhere.
Phase 1
Define. Store. Launch. Govern.
A persistent agent configuration manager built into AgentMux. Define every detail of how an agent starts — approved tools, working directory, MCP config, skills, and environment variables. Policy-driven agent management with full audit trail.
Phase 2
Coordinate and govern fleets of agents.
Multi-agent orchestration with full governance visibility. AgentMux detects swarm worker tags from the live PTY stream, groups sessions by swarm ID, and gives you a real-time SwarmDashboard with live status for every worker — and a complete audit trail of every delegation.
Phase 3
Enterprise agent management, from anywhere.
A self-hosted remote access gateway connecting 25+ messaging channels directly to your AgentMux agents. Enterprise-grade identity, centralized management, and compliance reporting across your entire agent fleet.
Follow development on GitHub
Free and open source. Available for Windows, macOS, and Linux.
Early alpha. Your OS or app store may show a security warning — the binaries are not yet code-signed. This is expected and will be resolved in a future release.
v0.32.90
Or build from source on GitHub
Need governance, compliance reporting, or air-gapped deployment? Let's talk about your requirements.
Learn about enterprise →