I am Luke, an open source developer. I originally worked a lot in security (I created a software supply chain project called sigstore). Over the past couple of months, I spent some time building AI agents alongside chatting with other developers attempting the same , and there seemed to be a fair amount of fog in the air around how to do auth, middleware, and all the normal trappings.
AgentUp came out of that. I started to make the agents I was building into reproducible things, so I could then easily spin up other agents. From there I started to add more and it became a framework eventually.
I also noticed a lot of folks were building their own Tools / Function calls over and over, and i thought, it would be nice if these were pluggable, which is where the AgentUp plugin system came from.
So there is what I have started calling 'Core' agentUp, and then plugins (tools) are entry points with their own dedicated interfaces, yet they can inherit all of the cores middleware. Plugins are also limited by scopes, so the core can enforce fine grained access control to each plugin, using the familiar style of domain:type:capability (e.g system:admin: ["system:write", "system:read"]), this way systems can scope policy within token scopes (jwt, oauth2) and AgentUp will enforce for each user. I am yet to really dig into the isolation capabilities in python, but will try to spend some more time there if the project gets momentum.
Last but not least, the Agents are A2A compatible. JSON RPC, streaming / non streaming, Tasks, Parts, Artifacts etc. MCP servers exposed via the Agents are streamable HTTP.
At the moment, I am self funded so not a startup as such, but I am previous founder and my last gig was a distinguished engineer at Red Hat.
Let me know if this interests you, there will be a bucket load of bugs, so lots of fun to be had if anyone wants in!
https://github.com/RedDotRocket/AgentUp
I believe its quite unique as far as agents go. Runtime is config driven, so you can get caching, state management, security (oauth2, jwt) , Tools and MCP capabilities are granted based on scope allocation (file:read, api:write, map:generate) etc, retry handlers, push notifications / webhooks (for long running tasks). This means you can get a fully baked agent built in minutes, using just the CLI.
From there, when you need to customize and write you own business logic, you can code whatever you want and inherit all of AgentUps middleware, and have it as a plugin to the core. This is pretty neat, as it means you're plugins can be pinned as dependencies.
Plugin Example: https://github.com/RedDotRocket/AgentUp-systools
You then end up with a portable agent, where anyone can clone the repo, `agentup run` and like docker, it pulls in all it needs and is serving.
Its currently aligned with the A2A specification, so it will talk to Pydantic, Langchain and Google Agent SDK developed agents.
Its early days, but getting traction.
Previous to this , I created sigstore and have been building OpenSource for many years.
The docs also give a good overview: https://docs.agentup.dev