ShieldFlow AI: 30-Agent DevSecOps System

ShieldFlow AI is a 30-agent DevSecOps system on GitLab Duo & Anthropic Claude that automatically catches security flaws, cloud cost explosions, and CI/CD waste on every Merge Request.

Comment

Inspiration

Every day, vulnerable code gets merged, insecure infrastructure gets deployed, and pipelines waste massive amounts of compute power. Developers and security teams are overwhelmed. We wanted to build a proactive, autonomous system that catches these issues at the Merge Request level, before they ever reach production.

What it does

ShieldFlow AI is a DevSecOps system driven by a specialized 30-agent architecture. It automatically audits every Merge Request in seconds. Core capabilities include:

  • Security & Compliance (CWE): Real-time detection of SQL injections, exposed secrets, and Path Traversal.
  • Cloud FinOps (GCP): Deep Terraform analysis to prevent oversized infrastructure and network vulnerabilities.
  • GreenCI Optimizer: Refactoring of GitLab CI/CD pipelines to eliminate compute waste and reduce carbon footprint.

How we built it

We built ShieldFlow natively on the GitLab Duo Agent Platform, powered by Anthropic Claude 3.5. The orchestration is managed through LangGraph, routing requests through a Constitutional AI Guard to prevent hallucinations, and then dispatching to specialized domain agents (Security, FinOps, GreenCI).

Challenges we ran into

Orchestrating 30 different agents without overwhelming the context window or losing accuracy was tough. We solved this by implementing strict Constitutional AI guardrails and domain-specific routing.

What's next for ShieldFlow AI

Expanding the agent pool to cover Kubernetes misconfigurations automatically and adding auto-remediation commits directly into the Merge Request.

Built With

  • anthropic-claude-3.5
  • docker
  • gitlab-ci/cd
  • gitlab-duo-agent-platform
  • langgraph
  • python
  • terraform
Share this project:

Updates