Inspiration
Every engineering team has two realities.
The official reality, architecture diagrams, ADRs, CODEOWNERS files, documentation that says "auth/ and payments/ must never be directly coupled."
The actual reality, what the code graph, MR history, and pipeline patterns reveal about how the system truly works, who truly owns what, and where architectural boundaries have quietly shifted over 28 consecutive merges.
These two realities always diverge. The older the codebase, the wider the gap. And even experienced architects and long-tenured engineers often struggle to see both simultaneously.
We asked: what if Orbit could?
Orbit is not just a record of your SDLC. It is a traversable graph of every human decision ever made through code, who changed what, when, why, reviewed by whom, resulting in what outcome, across years of history. That's not a search index. That's organizational memory made queryable.
STRATA is what we built when we asked what becomes possible when you give an AI agent access to that memory.
What It Does?
STRATA is an architectural intelligence agent on GitLab Duo Agent Platform with 9 specialized skills, all powered by GitLab Orbit. It operates across four lifecycle phases:
1. Reactive Mode: MR Analysis
When an MR opens, five chained agents analyze it:
| Agent | Orbit Traversal | Output |
|---|---|---|
| CARTOGRAPHER | file → function definitions → importers → downstream dependents |
Mermaid dependency diagram + risk score |
| HISTORIAN | function nodes → historical MRs touching same nodes → outcomes |
Top 3 graph-matched precedents with lessons |
| SENTINEL | temporal: has this boundary ever been crossed across N prior MRs? |
Inline comment at exact violation line |
| COUNSEL | person → MR → file → function → relevance score |
Orbit-justified reviewer suggestions |
| SCRIBE | Synthesizes all outputs | Complete MR brief, labels, Slack alert, Confluence ADR |
2. Predictive Mode: Sprint Intelligence
Every Monday, ORACLE analyzes open issues, developer assignment history, and boundary pressure patterns to predict which architectural boundaries will be violated this sprint, before a single line of code is written.
"payments/ ↔ auth/ boundary: 73% violation probability this sprint. Issues #234 and #241 both touch adjacent nodes. Developer history shows this coupling has been attempted twice before, both times reverted."
3. Execution Mode: Smart Tests
Comment @strata run-smart-tests on any MR. HERMES uses Orbit to find which test files historically tested the changed functions and which are safe to skip. Triggers a pipeline with exact TESTS= variables.
$$\text{CI Savings} = 1 - \frac{\text{tests selected by Orbit}}{\text{total test suite}} = 1 - \frac{2}{4} = 87\%$$
Reduced our demo project's estimated CI runtime from 47 minutes to 6 minutes.
4. Post-Merge Mode: Release Notes
HERALD generates structured release notes using Orbit to understand what actually changed and what it affects downstream. Updates CHANGELOG.md automatically. Posts to Slack #strata-releases.
5. INQUEST: The Post-Mortem That Writes Itself
This is STRATA's most novel capability.
Give STRATA a function name, file path, or CVE. It traverses Orbit backwards through time to reconstruct the complete causal chain of every decision that led to this moment:
ValidateTokenAndCheckPayment()
↓ (Orbit: when was this introduced?)
MR !29 — 2026-06-20 — author: @alice
↓ (Orbit: what was the review context?)
0 reviewers assigned. No approval required.
↓ (Orbit: what pipeline ran?)
No pipeline on this branch at time of merge
↓ (Orbit: were there prior attempts?)
MRs !9 and !14 closed with conflicts — no ADR written
↓ (Orbit: blast radius?)
3 downstream services implicitly affected
Produces a complete post-mortem in 30 seconds that would normally take 3-5 engineers 2-3 days. Creates a GitLab issue with action checklist, publishes an HTML page to Confluence, and alerts the team in Slack.
How We Built It?
The Agent
One STRATA agent published to the GitLab AI Catalog with 9 specialized SKILL.md files that the agent loads automatically based on conversational context.
The Orbit Integration
Every skill is designed around a specific Orbit traversal pattern. We never use Orbit as a search engine, instead we use it as a graph walker:
- Backward traversals for INQUEST (origin → decision chain)
- Forward traversals for CARTOGRAPHER (function → dependents)
- Temporal traversals for SENTINEL (has this boundary ever been crossed?)
- Predictive traversals for ORACLE (issues → files → boundaries → probability)
The CI Pipeline
.gitlab-ci.yml with staged jobs:
build → test (4 parallel) → lint → security:trivy → notify (5 jobs) → pages
The notify stage contains jobs that trigger on specific commit message keywords:
slack:violations:
rules:
- if: '$CI_COMMIT_MESSAGE =~ /strata-alert-violation/'
STRATA's skills write commit messages containing these keywords when committing alert payloads to .strata/. The CI picks them up and fires the right webhook.
The Integrations
| Surface | What STRATA Posts | Trigger |
|---|---|---|
| MR comment | Mermaid diagram + full analysis brief | Orbit traversal complete |
| Inline code comment | Violation at exact line | SENTINEL detection |
| Slack #strata-violations | Critical boundary alerts + INQUEST summaries | CI webhook |
| Slack #strata-reviews | Orbit-justified reviewer requests | CI webhook |
| Slack #strata-releases | Post-merge release notes | CI webhook |
| Slack #strata-intel | Monday sprint risk briefs | CI webhook |
| Confluence | Full HTML post-mortem pages | CI REST API call |
| GitLab Pages | Live D3.js architecture dashboard | CI pages deploy |
| CHANGELOG.md | Auto-appended release entries | HERALD commit |
| POST-MORTEMS/ | Permanent markdown post-mortem records | INQUEST commit |
The Demo Project
A Go REST API with four packages (auth/, payments/, users/, db/) with 28 manufactured MRs across four fictitious authors establishing clear ownership patterns, giving Orbit rich graph data to traverse. One open MR (!29) deliberately crosses the auth/payments boundary as the demo target.
Challenges
Orbit Graph Latency
Orbit indexes periodically, not in real-time. Our first test queries returned empty graphs on a freshly provisioned project. We learned to seed project history early and build patience into the development loop.
Skill Consistency
LLM agents are non-deterministic. Skills would sometimes run partially, skipping the commit step that triggers CI. We solved this by making descriptions explicitly mandatory and converting each skill to step-by-step procedures with specific tool calls.
CI Trigger Architecture Without MCP
Triggering Slack and Confluence from agents requires calling external webhooks. MCP server registration requires Owner role, which hackathon participants don't have.
Our solution: agents commit JSON payloads to .strata/ with specific commit message keywords. CI rules match those keywords and fire the corresponding jobs. Zero external server needed.
YAML + JSON Collision
Inline JSON with colons inside CI script lines breaks YAML parsing at the mapping character. Solved by extracting Confluence publish logic to scripts/publish-confluence.sh and calling it from the job.
Accomplishments We're Proud Of
The INQUEST finding that wasn't programmed:
When we ran @strata inquest demo-app/auth/token.go:ValidateTokenAndCheckPayment, STRATA produced this line from pure Orbit graph traversal:
"The auth/ ↔ payments/ boundary was an implicit architectural rule respected across 28 consecutive MRs but never explicitly documented. Any new team member would have no way to know this boundary existed."
Nobody told STRATA that. It reasoned about institutional memory gaps from graph structure alone.
The SENTINEL inline comment:
STRATA posted an inline review comment at the exact line (token.go:62) introducing the violation with a suggested code change showing the fix. Like a senior architect who has memorized every MR in the project's history, reviewing in real time.
The ORACLE prediction:
Before anyone had written a single line of code, ORACLE posted: "This isn't a prediction, it's a confirmed breach. MR !29 is sitting open in the merge queue right now, crossing a boundary that held clean across all 28 prior MRs." Caught a live violation while predicting future ones.
What We Learned
Orbit is a predictor, not just a record. The same graph that shows which boundaries were respected for 28 consecutive MRs can predict which boundaries are statistically likely to be violated next sprint. We built ORACLE around this insight and it's the most surprising capability STRATA has.
Backward traversals are underexplored. Every Orbit use case in the documentation goes forward, "what will this change affect?" INQUEST goes backward, "how did this happen?" That's a completely different query pattern that unlocks post-mortem automation as a use case.
Skill files are precision instruments. The quality of STRATA's analysis is directly proportional to the specificity of the SKILL.md instructions. Vague skill descriptions produce vague outputs. Step-by-step tool-level instructions produce surgical analysis with Orbit-provable evidence at every claim.
What's Next
Custom flow automation: Wire the 5-agent reactive chain as a GitLab custom flow triggered automatically on MR open, without requiring manual invocation.
ORACLE scheduling: Automated Monday morning sprint briefs via GitLab pipeline schedules.
Multi-project support: Extend STRATA to analyze cross-project architectural drift across an entire GitLab group.
ADR auto-generation: When SENTINEL detects an implicit boundary that has never been documented, automatically draft an Architecture Decision Record and open it for team review.
INQUEST for CVEs: Given any CVE ID, trace which pipeline introduced the vulnerable dependency, which MR, which issue drove that MR, and what the full remediation chain looks like
Built With
gitlab-duo-agent-platform gitlab-orbit gitlab-ci-cd go slack confluence d3js trivy yaml
Try It
- GitLab Project: https://gitlab.com/gitlab-ai-hackathon/transcend/7423230
- Live Dashboard: https://7423230-ede4a3.gitlab.io
- Confluence Space: https://thestrata.atlassian.net/wiki/spaces/strata
- Demo Video: https://youtu.be/_7vWgvSfgUY?si=ENAgE6Hn7ID06fZr
Built With
- agent
- anthropic
- ci/cd
- claude
- confluence
- duo
- gitlab
- go
- orbit
- platform
- slack
- wiki
Log in or sign up for Devpost to join the conversation.