{"data":{"slug":"tracecathq-tracecat","name":"tracecat","tagline":"Open-source security automation platform for teams and AI agents","github_url":"https://github.com/TracecatHQ/tracecat","owner":"TracecatHQ","repo":"tracecat","owner_avatar_url":"https://avatars.githubusercontent.com/u/137193901?v=4","primary_language":"Python","stars":3730,"forks":389,"topics":["agents","automation","event-driven","fastapi","llm","low-code","monitoring","nextjs","openapi","orchestration","pydantic","security","temporalio","workflow-engine"],"archived":false,"github_pushed_at":"2026-07-14T21:11:50+00:00","maintenance_label":"Very active","url":"https://www.graphcanon.com/tools/tracecathq-tracecat","markdown_url":"https://www.graphcanon.com/tools/tracecathq-tracecat.md","api_url":"https://www.graphcanon.com/api/graphcanon/tools/tracecathq-tracecat","graph_url":"https://www.graphcanon.com/api/graphcanon/graph?tool=tracecathq-tracecat","description":"Open-source security automation platform for teams and AI agents","homepage_url":"https://tracecat.com","license":"AGPL-3.0","open_issues":117,"watchers":22,"ai_summary":null,"readme_excerpt":"<div align=\"center\">\n  <picture>\n    <source media=\"(prefers-color-scheme: dark)\" srcset=\"img/banner-dark.svg\">\n    <source media=\"(prefers-color-scheme: light)\" srcset=\"img/banner-light.svg\">\n    <img src=\"img/banner-light.svg\" alt=\"The AI-native security automation platform.\">\n  </picture>\n  <p align=\"center\">\n    The agentic security automation platform.\n  </p>\n\n  <br>\n</div>\n\n<div align=\"center\">\n\n\n\n\n\n</div>\n\n## Introduction\n\n[Tracecat](https://tracecat.com) is the open source security automation platform for teams and AI agents.\n\n- **Prompt-to-automations**: build end-to-end automations with agents, workflows, cases, and tables from your own agent harness (e.g. Claude code, Codex, OpenCode).\n- **Code-native**: sync custom Python scripts from your Git repo into Tracecat.\n- **All-in-one**: agents, workflows, lookup tables, and case management. Everything security teams need to automate work in one place.\n- **Deployment options**: sign up for Tracecat managed Cloud, or self-host with Docker, AWS Fargate, or Kubernetes Helm.\n\nSandboxed-by-default with [`nsjail`](https://github.com/google/nsjail) and run on [Temporal](https://temporal.io) for security, reliability, and scale.\n\n## Features\n\n> [!IMPORTANT]\n> Tracecat is in active development. Review the release [changelog](https://github.com/TracecatHQ/tracecat/releases) before updating.\n\n### Key Capabilities\n\n- **Agents**: build custom agents with prompts, tools, and chat\n- **Workflows**: low-code builder with complex control flow (if-conditions, loops) and durable execution (Temporal)\n- **Case management**: track, automate, and resolve work items with agents and workflows\n- **Integrations**: over 100+ pre-built connectors to enterprise tools via HTTP, SMTP, gRPC, OAuth, and more\n- **Tracecat MCP**: turns prompts into automations through Claude Code, Codex, Copilot, etc.\n- **MCP client**: connect custom agents any MCP server (remote HTTP / OAuth or local via `npx` / `uvx` commands)\n- **Custom registry**: turn custom Python scripts into agent tools and workflow steps\n\n### Other OSS Highlights\n\n- **Sandboxed**: run untrusted code and agents within `nsjail` sandboxes or `pid` runtimes.\n- **Lookup tables**: store and query structured data\n- **Variables**: reuse values across workflows and agents\n- **No SSO tax**: SAML / OIDC support\n- **Audit logs**: exportable into your SIEM\n\n### Enterprise Edition\n\n- **Pre-built MCP servers**: over 100+ Tracecat hosted MCP servers for security operations\n- **Fine-grained access control**: RBAC, ABAC, OAuth2.0 scopes for humans and agents\n- **Human-in-the-loop**: review and approve sensitive tools calls from a unified inbox, Slack, or email\n- **Workspace version control**: sync workflows, agents, and table schemas to GitHub, GitLab, Bitbucket, etc.\n- **Metrics and monitoring**: for workflows, agents, and cases\n\n## Tech Stack\n\n- Backend: Python with FastAPI, SQLAlchemy, Pydantic, uv\n- Frontend: Next.js with TypeScript, React Query, Shadcn UI\n- Durable workflows and jobs: Temporal\n- Sandbox: nsjail\n- Database: PostgreSQL\n- Object store: S3-compatible\n\n## Open Source vs Enterprise\n\n> [!NOTE]\n> Tracecat Enterprise is available as managed Cloud with US or EU hosting, or as a self-hosted deployment with dedicated support.\n> [Book a demo today](https://cal.com/team/tracecat).\n\nThis repo is available under the [AGPL-3.0 license](https://github.com/TracecatHQ/tracecat/blob/main/LICENSE) with the following exceptions:\n\n- `packages/tracecat-ee` directory is under Tracecat's paid EE (Enterprise Edition) license.\n- `deployments/k8s` is a git submodule under the source available [PolyForm Shield License](https://polyformproject.org/licenses/shield/1.0.0/). It contains the Tracecat Helm chart and EKS deployment templates for internal use only. The Helm chart is distributed as a private OCI artifact hosted in AWS ECR.\n- Any code that gates `ee` features across the repo\n\nCode that fall under the above exceptions must not be redistributed, sold, or otherwise commer","github_created_at":"2024-02-27T06:48:32+00:00","created_at":"2026-07-15T10:51:07.250448+00:00","updated_at":"2026-07-15T10:51:10.231164+00:00","categories":[{"slug":"ai-agents","name":"AI Agents","url":"https://www.graphcanon.com/categories/ai-agents","markdown_url":"https://www.graphcanon.com/categories/ai-agents.md","api_url":"https://www.graphcanon.com/api/graphcanon/categories/ai-agents"},{"slug":"llm-frameworks","name":"LLM Frameworks","url":"https://www.graphcanon.com/categories/llm-frameworks","markdown_url":"https://www.graphcanon.com/categories/llm-frameworks.md","api_url":"https://www.graphcanon.com/api/graphcanon/categories/llm-frameworks"},{"slug":"vector-databases","name":"Vector Databases","url":"https://www.graphcanon.com/categories/vector-databases","markdown_url":"https://www.graphcanon.com/categories/vector-databases.md","api_url":"https://www.graphcanon.com/api/graphcanon/categories/vector-databases"}],"tags":[{"slug":"agents","name":"agents"},{"slug":"automation","name":"automation"},{"slug":"event-driven","name":"event-driven"},{"slug":"fastapi","name":"fastapi"},{"slug":"llm","name":"llm"},{"slug":"low-code","name":"low-code"},{"slug":"monitoring","name":"monitoring"},{"slug":"nextjs","name":"nextjs"}],"trust":{"provenance":{"is_fork":false,"github_id":763923484,"owner_type":"Organization","methodology":"github_public_v1","parent_repo":null,"near_duplicate_slugs":[]},"computed_at":"2026-07-15T10:51:08.259Z","maintenance":{"label":"Very active","score":96,"methodology":"github_public_v1","releases_90d":30,"days_since_push":0,"last_release_at":"2026-07-13T20:48:31Z"},"security_summary":{"status":"findings","scanner":"mcp_manifest@v1","low_count":2,"high_count":0,"last_scan_at":"2026-07-15T10:51:08.740Z","medium_count":0,"scan_profile":"mcp_manifest","critical_count":0}},"capability_facts":{"scan":{"source":"repo_scan","observed_at":"2026-07-15T10:51:08.027Z"},"deploy":{"source":"dockerfile:Dockerfile","self_host":true,"observed_at":"2026-07-15T10:51:08.027Z","managed_saas":false},"languages":{"value":["python"],"source":"github.language+pyproject.toml","observed_at":"2026-07-15T10:51:08.027Z"},"has_docker":{"value":true,"source":"dockerfile:Dockerfile","observed_at":"2026-07-15T10:51:08.027Z"},"license_spdx":{"value":"AGPL-3.0","source":"github.license","observed_at":"2026-07-15T10:51:08.027Z"}}}}