MERIDIAN

Inspiration

We've all lived the same frustrating cycle: a feature request gets filed, then it sits. Someone triages it days later. An architect sketches a design in a meeting that nobody documents properly. A developer picks it up, loses half a day rebuilding context. Code review takes another two days. Security finds a vulnerability after the PR is approved. Compliance is a spreadsheet someone fills out the night before an audit. The whole process takes weeks, and only a fraction of that time is actual engineering work.

We asked ourselves: what if the moment a developer files an issue, the entire lifecycle just... happens? Not one AI assistant trying to do everything, but a team of specialists — each focused on what they do best — handing off context seamlessly, the way a well-run engineering org should work but rarely does.

That's where MERIDIAN was born.

What it does

MERIDIAN is an autonomous SDLC orchestration system built on GitLab Duo Agent Platform. It chains 8 specialized AI agents into a single flow that handles the full software development lifecycle:

1. Planner decomposes an issue into sub-tasks with estimates and acceptance criteria
2. Architect analyzes the codebase and produces an Architecture Decision Record with file maps and interface contracts
3. Coder implements the feature, commits code, and opens a merge request
4. Tester generates unit and integration tests and pushes them to the MR branch
5. Security scans for vulnerabilities (OWASP Top 10, secrets, dependency risks) and auto-patches what it can
6. Compliance checks changes against GDPR, SOC2, and HIPAA frameworks and generates audit evidence
7. Deployer validates CI/CD configuration and proposes a rollout strategy with rollback plans
8. GreenOps estimates the carbon footprint of CI/CD pipelines and provides an eco-score with optimization recommendations

A developer mentions the flow in an issue comment. Everything else is automatic.

How we built it

Each agent is a standalone GitLab Duo custom agent defined in YAML, with its own system prompt and a curated set of GitLab-native tools. The Planner uses create_issue and update_issue. The Coder uses create_commit and create_merge_request. Security uses list_vulnerabilities and confirm_vulnerability. Every agent takes real actions — not just chat responses.

The orchestration layer is a GitLab Flow that chains all 8 agents sequentially, passing context from each stage to the next through the flow's component input system. The flow's router defines the pipeline: Planner → Architect → Coder → Tester → Security → Compliance → Deployer → GreenOps → end.

We designed each agent's prompt to produce structured, consistent output (tables, checklists, labeled sections) so that downstream agents can parse and build on previous work reliably.

No external infrastructure. No third-party APIs. Everything runs natively on GitLab's platform, powered by Anthropic Claude through GitLab Duo.

Challenges we ran into

The biggest challenge was designing agent prompts that produce output structured enough for the next agent to consume, while still being flexible enough to handle diverse codebases and languages. An Architect's design comment needs to be detailed enough for the Coder to implement from, but not so rigid that it breaks on unexpected project structures.

Scoping the tools for each agent was another balancing act. Give an agent too many tools and it gets confused about which to use. Give it too few and it can't complete its job. We iterated on each agent's toolset to find the minimal set that covers its responsibilities.

We also had to think carefully about the handoff protocol — what information each agent needs from the previous one, and how to structure that context passing within GitLab Flow's component system.

Accomplishments that we're proud of

We built a system where filing a single issue can trigger a complete, end-to-end development lifecycle — planning, architecture, implementation, testing, security, compliance, deployment readiness, and sustainability analysis — without a single manual handoff.

Each agent uses real GitLab tools that take real actions. This isn't a chatbot that gives advice. The Planner creates actual issues. The Coder opens actual merge requests. Security patches actual vulnerabilities. That distinction matters.

We're also proud of the GreenOps agent. Sustainability in software development is usually an afterthought. Making it a first-class citizen in every development cycle — with concrete metrics and actionable recommendations — feels like the right direction for the industry.

What we learned

Prompt engineering for multi-agent systems is fundamentally different from single-agent prompting. Each agent needs to be aware of its role in a larger chain — what it receives, what it produces, and what the next agent expects. It's more like designing an API contract than writing a chatbot prompt.

We also learned that the GitLab Duo Agent Platform is remarkably capable. The breadth of native tools available — from issue management to vulnerability scanning to CI/CD validation — means you can build sophisticated automation without leaving the platform.

The most surprising lesson: constraints make better agents. Agents with narrow, well-defined responsibilities and limited tool sets consistently outperform "do everything" agents with access to every tool.

What's next for MERIDIAN

Parallel execution. Right now the agents run sequentially. The Tester, Security, and Compliance agents could run in parallel on the same MR, cutting total cycle time significantly.

Learning from feedback. When a developer modifies the Coder's output or rejects the Architect's design, that feedback should improve future runs. We want to add a feedback loop that refines agent behavior per-project over time.

Configurable pipelines. Not every team needs all 8 agents. We want to make the flow composable — pick the agents you need, skip the ones you don't, add custom agents for your domain.

Deeper GreenOps. Integration with cloud provider carbon APIs for real (not estimated) emissions data, and tracking sustainability trends across releases.

Community agents. Open the architecture so teams can contribute their own specialized agents — a "Docs Writer" agent, a "Performance Profiler" agent, a "Migration Planner" agent — and plug them into the MERIDIAN flow.

Built With

• duo
• gitlab