OpsPilot Lite is an open-source framework for building human-approved AI workflow systems.
It receives inbound business requests, classifies them into structured data, proposes machine-actionable next steps, keeps a human approval gate in front of side effects, and records a complete audit trail from intake to execution.
The project is intentionally small:
- FastAPI for HTTP and UI
- SQLModel + SQLite for persistence
- Pydantic for validated AI outputs
- Jinja + HTMX for an operator-facing workspace
- pluggable execution with safe dry-run defaults
OpsPilot Lite is a starting point for teams that need a framework they can fork and extend for:
- support intake
- sales and automation inquiries
- internal task routing
- meeting follow-up workflows
- approval-gated automations
- webhook-first operations tooling
It is not a full SaaS product. It does not include multi-tenant auth, RBAC, billing, or admin suites. It gives you the workflow core so your team can connect real systems and customize the business logic.
- Ingest requests from a local folder or webhook
- Normalize inbound data into
RequestItemrecords - Classify requests into a strict
TriageOutputschema - Route each request into reviewable
ProposedActionpayloads - Approve, edit, reject, or retry actions in a web workspace or API
- Execute actions through:
dry_runmode for safe demos and local developmentwebhookmode for delivery into downstream tools
- Record audit events for every important transition
- Ship with deterministic demo data and tests
incoming source ──► ingestion ──► triage ──► workflow routing ──► approval ──► execution
│ │ │ │ │ │
└────────────────┴─────────────┴──────────────┴─────────────────┴────────────┘
persisted in SQLite with audit events
RequestItem— normalized inbound requestTriageResult— validated AI interpretationProposedAction— reviewable action payloadAuditEvent— immutable event log entry
The framework separates planning from side effects:
- AI proposes actions.
- A human reviews the exact JSON payload.
- The system executes only approved actions.
- The audit trail records the result.
That separation is the main design contract of the project.
python3 -m venv .venv
. .venv/bin/activate # Windows: .venv\Scripts\activate
pip install -e .[dev]
cp .env.example .env
python -m uvicorn app.main:app --reloadOpen:
http://localhost:8000
cp .env.example .env
docker compose up --buildOpen:
http://localhost:8080
- Open the home page.
- Click
Load demo workflows. - Open the workspace.
- Review generated actions.
- Edit one payload.
- Approve or reject actions.
- Execute an approved action.
- Inspect the audit trail.
The shipped demo data lives in examples/inbox/ and examples/webhook_payloads/.
Copy .env.example to .env and set the values you need.
| Variable | Purpose | Default |
|---|---|---|
OPSPILOT_DATABASE_URL |
SQLAlchemy/SQLModel database URL | sqlite:///./opspilot.db |
OPSPILOT_LLM_PROVIDER |
fake, openai, or openai-compatible |
fake |
OPSPILOT_OPENAI_BASE_URL |
Base URL for OpenAI-compatible providers | empty |
OPSPILOT_OPENAI_API_KEY |
API key for OpenAI-compatible providers | empty |
OPSPILOT_MODEL |
Model identifier | empty |
OPSPILOT_INBOX_PATH |
Folder used by demo ingestion | examples/inbox |
OPSPILOT_EXECUTION_MODE |
dry_run or webhook |
dry_run |
OPSPILOT_WEBHOOK_SINK_URL |
Downstream execution endpoint for webhook mode |
empty |
OPSPILOT_WEBHOOK_TIMEOUT_SECONDS |
HTTP timeout for webhook execution | 10 |
fake is the default and is recommended for local development, CI, and recorded demos.
It returns deterministic structured outputs with no external dependency.
To use a real provider, set:
OPSPILOT_LLM_PROVIDER=openai-compatibleOPSPILOT_OPENAI_BASE_URL=...OPSPILOT_OPENAI_API_KEY=...OPSPILOT_MODEL=...
Any local or hosted model that exposes an OpenAI-compatible API can be plugged in this way.
The framework records what would have been executed and stores the payload in the audit trail. No external side effects occur.
The framework POSTs a normalized execution envelope to OPSPILOT_WEBHOOK_SINK_URL:
{
"request_id": 3,
"action_id": 7,
"action_type": "create_task",
"title": "Create support follow-up task",
"payload": {
"title": "Follow up on API key rotation",
"priority": "High"
}
}This is the main production extension point. Your team can point it at an internal service, queue bridge, iPaaS endpoint, or custom automation adapter.
Key endpoints:
POST /api/ingest/folderPOST /api/processPOST /api/webhook/requestGET /api/requestsGET /api/requests/{id}GET /api/actions/pendingPOST /api/actions/{id}/approvePOST /api/actions/{id}/editPOST /api/actions/{id}/rejectPOST /api/actions/{id}/executeGET /api/audit
Interactive OpenAPI docs are available at /docs.
Teams usually extend OpsPilot Lite in three places:
Add new ingestion modules that create RequestItem rows and emit request.ingested audit events.
Examples:
- email polling
- helpdesk webhooks
- CRM form submissions
- internal queue consumers
Update app/workflows/router.py and app/workflows/definitions.py to map categories into actions your business actually performs.
Examples:
- create Jira tickets
- push customer replies into a review queue
- create CRM follow-up tasks
- emit finance review packets
Keep dry_run for safe local use, or replace/extend the webhook executor for:
- Slack
- Notion
- GitHub
- Jira
- internal orchestration services
- queue-based worker systems
The framework is built around a few hard rules:
- no execution without an explicit operator action — approving an action, or editing its payload, both count; a merely proposed action can never execute
- low-confidence triage is flagged for manual review and cannot be bulk-approved
- dry-run is the default
- the AI output is validated before routing
- the exact action payload is visible before execution
- invalid action transitions are rejected
- every important state change is logged
- duplicate webhook requests are deduplicated by source reference
With the virtualenv activated:
python -m pytest -q
ruff check .app/— application codetests/— unit and integration testsexamples/— demo input payloadsdocs/architecture.md— system design notesdocs/adding-connectors.md— extension guidance for inbound/outbound integrationsAGENTS.md— repository map, commands, and contributor/agent guidance
Common next steps for a team forking this repo:
- connect a real LLM provider
- point execution at an internal webhook bridge
- add domain-specific categories and action definitions
- add SSO, user management, or RBAC if needed
- move from SQLite to PostgreSQL
- add background workers for high-volume ingestion or execution
MIT


