TruStacks

Product · The crew

A crew, not a copilot.

Each agent has a role, a scope, and a set of things it explicitly does not do. The Coordinator routes work to specialists in chat; you see a multi-speaker conversation, not a single monolithic assistant.

Baseline crew

On every subscription, including the Developer tier.

Conversational lead

Coordinator

The conversational agent the engineer talks to. Reads your repo, your declared stack, and the signed policy bundle, then routes work to specialists when their domain is in scope.

  • Reads repo + EnvironmentProfile + policy bundle on every request
  • Routes work to specialist agents (Security, SOC2, etc.) when in scope
  • Mediates disagreement between specialists in chat
  • Never writes code itself
  • Never merges a pull request

Platform configuration

DevOps Engineer

Emits CI workflow YAML, Dockerfiles, Helm charts, and Argo Application manifests. Reads the platform repo first to preserve customer customizations — never overwrites them silently.

  • Emits CI workflows, Dockerfiles, Helm charts, Argo manifests
  • Reads the platform repo first; preserves customer customizations
  • Surfaces preservation notes in every PR body
  • Does not deploy — ArgoCD or Flux does, after a human merges
  • Does not hold production credentials

Application review

Code Reviewer

Reviews application-repo changes against the constitution and customer overlay. Detects framework + runtime version automatically. New frameworks ship via community packs.

  • Reviews application PRs against signed policy
  • Detects framework + runtime (Python FastAPI, Java Spring Boot, Go, .NET 8)
  • Cites the policy rule that justifies every finding
  • Does not approve or merge — humans do

Security specialist

Baseline Security

The first specialist. Consults on image scanning, SAST/SCA, secret scanning, and SBOM signing. Returns findings with severity and tool candidates that fit your declared stack.

  • Consults on image_scanning, sast_sca, secret_scanning, sbom_signing categories
  • Returns severity-ranked findings with stack-aware tool recommendations

Specialist add-ons

Paid · Enterprise tier and above.

Compliance specialist · paid add-on

Paid

SOC2 Specialist

Auditor-relevant findings spanning the CC1–CC9 control families with evidence hints grounded in your stack. Shipped May 2026.

  • Findings across CC1–CC9 control families
  • Evidence hints tied to the customer's actual stack

Roadmap · Phase 5.4

Roadmap

HIPAA Specialist

PHI handling, access controls, and audit logging across HIPAA Security and Privacy rules. Queued behind the founders' regulated-industry pedigree.

  • PHI handling, access controls, breach-notification posture
  • Ships as a paid Practice Pack + a Specialist agent

Roadmap · Phase 5.4

Roadmap

FedRAMP Specialist

FedRAMP Moderate and High control families. Pairs with the Federal tier (on-premises inference + dedicated success engineering).

  • FedRAMP Moderate / High control coverage
  • Pairs with on-premises inference for Federal tier

Roadmap · Phase 5.4

Roadmap

PCI Specialist

PCI DSS controls for payment-handling systems. Ships as a paid Practice Pack alongside the Specialist agent.

  • PCI DSS coverage for payment-handling systems

Roadmap · Phase 5.4

Roadmap

ITIL Specialist

Change-management, incident-management, and service-management practices for organizations standardized on ITIL.

  • Change / incident / service management coverage

Roadmap · Phase 5.4

Roadmap

SRE Specialist

Reliability practices: SLO definition, error-budget policy, runbook scaffolding, and on-call ergonomics.

  • SLO + error-budget guidance
  • Runbook + on-call ergonomics review

Want to see the crew on your stack?

We’ll walk you through a crew run on a representative repo from your codebase, end to end.

Talk to salesHow policy works