ALWAYS ON · ANY MODEL · OPEN SOURCE

Prompt it.
Ship it.

Iris is your always-on AI orchestrator — managing agents, running workflows, and executing tasks while you focus on what matters. Any model. Any tool. Fully yours.

iris cloud — Coming Soon

Skip the VM setup, Terraform configs, and infra babysitting. Deploy a fully managed, hardware-isolated agent operator in minutes — not infrastructure sprints.

Open GitHub ↗
No setup requiredMIT licensedOpen source
irisprod
Agents/3 running
ORCHESTRATOR
Agents3
Skills14
Logs
History
INFRASTRUCTURE
MicroVMs
Terraform
🔑Secrets
AGENTSTATUSBOOT
public-sandbox
slot-04172.20.1.1
running
118ms
#eng-infra
slot-05172.20.8.2
active
124ms
#general
slot-06172.20.3.6
active
131ms
newsletter
slot-07172.20.7.2
idle
data-pipeline
slot-08unprovisioned
stopped
live
15:41:14OKslot-$$ boosted
15:41:11spawn #eng-infra
15:41:09OKskill terraform reload
15:40:58OKconstitution injected
15:40:51slot-07 TTL 1m
15:40:46OKmemory.md written
15:40:36OKslack msg routed
15:40:25model Kimi-K2.5
15:40:21OKwatchdog pass
15:40:14rootfs copy clean
iris
prodfoundryKimi-K2.5
agents5
skills14
uptime99.8%
Runs on any model
Kimi K2.5
GPT-5
Grok-4
Claude
GPT-4o
Codex
Set IRIS_MODEL and restart.
THE PROBLEM

Running agents in production
is still mostly duct tape.

X

Agents die when your session ends.

No persistent runtime means every agent restart is manual. Context is lost. State lives in terminal history.

No one knows what agents are allowed to do.

You can't audit what your agent accessed, what it changed, or what rules it was following. No chain of custody.

Every model switch is a migration.

Lock-in to one provider breaks your entire agent infrastructure when pricing changes, rate limits hit, or a better model ships.

Iris is the answer to all three.

HOW IT WORKS

From zero to a running agent fleet in minutes.

01

Prepare the environment.

Set up an Ubuntu 22.04 VM, install dependencies, create a Slack app, and gather your API keys for the LLM provider, Slack, GitHub, and optionally Azure.

ENVIRONMENT_SETUP
Ubuntu 22.04 LTS VM
Host
KVM Virtualization
KVM Enabled
Slack App Tokens
xapp / xoxb
Slack Bot OAuth Scopes
12 Scopes
API Keys (LLM, GitHub, Azure)
Pending Setup
02

Clone and bootstrap.

Clone the irisflow repository, run bootstrap.sh, and let it automatically install Docker, Node.js, Terraform, the GitHub CLI, and configure the runtime service.

BOOTSTRAP.SH
$ ./bootstrap.sh --setup
> Cloning repository into /iris/repo...
Installing Docker engine... [OK]
Installing Node.js v22 & npm... [OK]
Installing Terraform CLI... [OK]
Installing GitHub CLI (gh)... [OK]
> Building @iris-core/runtime package...
Configuring systemd service... [OK]
iris.service initialized successfully.
03

Configure runtime and secrets.

Choose your secrets backend, a local .env file or Azure Key Vault, configure the model and provider settings, and verify that iris.service starts successfully.

SECRETS & RUNTIME
SECRETS_BACKENDazure-key-vault
LLM_PROVIDERopenai
IRIS_MODELgpt-4o
IRIS_ENVprod
iris.service active (running)
04

Enable Firecracker isolation.

Optional advanced setup — requires a KVM-capable VM (Azure Ddsv5 series). Run bootstrap.sh --firecracker to install Firecracker, build the VM root filesystem, provision sandbox VMs via Terraform, and connect Iris to a static VM or dynamic pool.

ISOLATION_TIER
Iris Agent
Host Env
MicroVM
Firecracker
Boot Time~125ms
Kernelv5.10.x
vCPU / RAM2 / 512MB
Jailer LevelSeccomp L3
05

Run and manage Iris.

Message @iris in Slack, use skills and sub-agents, manage sandbox VMs, swap models and providers, and maintain the system with Terraform, hot-reloaded skills, and GitHub as the single source of truth.

SLACK_INTERFACE
U
User
@iris provision a new environment for testing
I
Iris
I've spun up a new Firecracker MicroVM (172.20.1.2) and verified the execution environment.
I
> Terraform apply complete: 1 provisioned.
ARCHITECTURE

A persistent engine.
Not a chatbot.

Iris sits between you, the LLMs, and your infrastructure. It runs as a system service, reading guidelines and coordinating a fleet of sub-agents to execute your workflows.

OPTION 1

Host mode

Runs directly on your host VM. No KVM or nested virtualization needed. Best for private, trusted instances.

Sandbox--sandbox=host
Isolationhost process
KVM requiredno
Host & DockerNo VM isolation
OPTION 2~125ms boot

Firecracker sandbox

Spawns isolated microVMs per Slack channel. Fresh state every session. Ideal for untrusted code execution.

Sandbox--sandbox=firecracker-pool
IsolationKVM hardware
Idle TTL30m destroy
KVM isolatedEphemeral rootfs
You
@iris
IRIS
constitutionread-only
injected before every prompt · CONSTITUTION.md
memorymutable
global state across sessions · MEMORY.md
skillshot-reload
no restart on edit · skills/
Your Host VM
Sub-agents (Host)
code-reviewer
incident-responder
Runs directly on host VM OS
No virtualization overhead
GitHub
Key Vault
Azure
Models
CAPABILITIES

A runtime with a heartbeat

Iris is managed by systemd, auto-restarts on failure, and executes actions directly in isolated sandboxes.

irisworks/irisflow
Select any file to preview features
Governance

CONSTITUTION.md

Hard operator rules injected read-only before every prompt. Version-controlled. Cannot be overridden at runtime.

File Preview
read-onlyversion-controlledinherited by sub-agents
CONTROL

You decide what your AI can do.

Tell Iris what you want her to do, and what it should never do. It'll follow your rules, every time.

Whether you want a co-pilot that drafts PRs for your review, or a fully autonomous agent that deploys fixes at 3 AM, Iris scales with your trust.

Your AI, your rules. No surprises.

SUPERVISED
Draft and wait for my approval.
Iris prepares. You decide.
GUIDED
Execute, but ask me about breaking changes.
Iris builds. You unblock.
INFORMED
Execute and notify me.
Iris deploys. You watch.
AUTONOMOUS
Complete the objective.
Iris operates. You sleep.
WHAT YOU CAN BUILD

Run specialized agents for any workflow.

Select any workflow to preview custom agents

Newsletter agent

Iris monitors your sources, drafts your weekly newsletter, and waits for your approval before sending. Set it and forget it.

@iris · newsletter-agent · just now
Ran scheduled draft.
Sources scanned: 14
Draft: 1,240 words
Status: awaiting approval
[ View draft ][ Approve & send ][ Edit ]
and more

If you can prompt it,
Iris can run it.

Agents for sales outreach, customer support triage, research synthesis, calendar management, contract review, any repeatable workflow you can describe, Iris can own.

SKILLS

Iris comes ready. Gaps, it fills herself.

The built-in skills cover secrets, storage, Terraform, GitHub, Azure, agent spawning, and more. Every skill hot-reloads without a restart and when Iris encounters something it can't do, it extends herself and it's live on the next turn.

Engineering

GitHub Reviews
Code Execution

Infrastructure

Azure Key Vault
Terraform

Communication

Slack Integration

Productivity

Terminal Access

What engineers are saying.

Iris is the control plane we didn't know we needed. Went from a tangle of scripts to a single orchestrator running in Slack. Night and day.

A
Anonymous
CTO at a Series B startup

The Firecracker isolation is what sold us. Every agent gets a fresh microVM. Nothing bleeds between sessions.

A
Anonymous
ML Lead at FAANG

We replaced three orchestration tools with Iris. One VM, one service, one place to look when something goes wrong.

A
Anonymous
Founder at an early-stage startup

Hot-reloading skills without a restart sounds small until you've shipped a fix to a live agent in 10 seconds.

A
Anonymous
AI Lead at FAANG

The GitHub-as-source-of-truth model is exactly right. The VM is disposable. The repo is everything.

A
Anonymous
Staff Engineer at a mid-sized startup

bootstrap.sh on a blank VM and Iris is running in under five minutes. That first @iris mention in Slack still feels like magic.

A
Anonymous
Co-founder at a YC-backed startup

Iris is the control plane we didn't know we needed. Went from a tangle of scripts to a single orchestrator running in Slack. Night and day.

A
Anonymous
CTO at a Series B startup

The Firecracker isolation is what sold us. Every agent gets a fresh microVM. Nothing bleeds between sessions.

A
Anonymous
ML Lead at FAANG

We replaced three orchestration tools with Iris. One VM, one service, one place to look when something goes wrong.

A
Anonymous
Founder at an early-stage startup

Hot-reloading skills without a restart sounds small until you've shipped a fix to a live agent in 10 seconds.

A
Anonymous
AI Lead at FAANG

The GitHub-as-source-of-truth model is exactly right. The VM is disposable. The repo is everything.

A
Anonymous
Staff Engineer at a mid-sized startup

bootstrap.sh on a blank VM and Iris is running in under five minutes. That first @iris mention in Slack still feels like magic.

A
Anonymous
Co-founder at a YC-backed startup

Swapping from GPT-4o to Claude mid-project with a single env var change. No redeploy, no code change. The provider abstraction is genuinely well done.

A
Anonymous
AI Architect at FAANG

The constitution model is underrated. Hard operator rules injected before every prompt, version-controlled, impossible to override. That's the right way to govern agents.

A
Anonymous
VP Engineering at Series B startup

Iris writes her own skills when it hits a gap. Watched her self-extend in production for the first time and just stared at the screen.

A
Anonymous
Product Lead at a Series A startup

MicroVMs booting in 125ms. We're running dynamic sandboxes per Slack channel and the overhead is negligible.

A
Anonymous
Director at a startup

Self-hostable, MIT licensed, no vendor lock-in. For the first time I actually trust the AI infra we're running on.

A
Anonymous
Research Lead at a dev agency

The VM is disposable and a full rebuild takes one command. Most underappreciated thing about Iris. Sleep better at night.

A
Anonymous
Founder at a Series C startup

Swapping from GPT-4o to Claude mid-project with a single env var change. No redeploy, no code change. The provider abstraction is genuinely well done.

A
Anonymous
AI Architect at FAANG

The constitution model is underrated. Hard operator rules injected before every prompt, version-controlled, impossible to override. That's the right way to govern agents.

A
Anonymous
VP Engineering at Series B startup

Iris writes her own skills when it hits a gap. Watched her self-extend in production for the first time and just stared at the screen.

A
Anonymous
Product Lead at a Series A startup

MicroVMs booting in 125ms. We're running dynamic sandboxes per Slack channel and the overhead is negligible.

A
Anonymous
Director at a startup

Self-hostable, MIT licensed, no vendor lock-in. For the first time I actually trust the AI infra we're running on.

A
Anonymous
Research Lead at a dev agency

The VM is disposable and a full rebuild takes one command. Most underappreciated thing about Iris. Sleep better at night.

A
Anonymous
Founder at a Series C startup
IRIS
BUILT BY DEVELOPERS · FOR DEVELOPERS

Stop building agents.
Start running them.

Iris is MIT licensed, lightweight, and fully open-source. We built the agent orchestration engine we always wanted to use - no bloat, no lock-in, just a runtime that works.

View GitHub Repo ↗