Show HN: MeshFlow — Production-Safe Agent & Multi-Agent Orchestration¶
Title: Show HN: MeshFlow — The code-first framework to make LLM agents safe to ship to production
Hi HN,
We are the creators of MeshFlow.
Over the last year, we've built dozens of LLM agent systems. What we noticed is a glaring gap: while libraries like LangChain, AutoGen, and CrewAI make it incredibly easy to build a prototype agent in 15 minutes, getting them to run safely and reliably in production is a nightmare.
When you deploy agents in an enterprise environment, you immediately hit four walls: 1. Security & Sandbox Escape: How do you allow agents to write and execute code (like python_repl) without exposing your servers to Remote Code Execution (RCE) or outbound network scanning? 2. runaway Token Spend: How do you prevent recursive loops from burning thousands of dollars in OpenAI/Anthropic API fees overnight? 3. Durable Execution & Human-in-the-Loop (HITL): If a multi-agent run takes 5 minutes or requires legal approval on step 4, how do you pause, persist, and resume it without losing state or memory? 4. Auditability & Compliance: Can you prove to your security team exactly what system prompt and context was sent to an LLM at 3 AM last Tuesday, and verify that the data wasn't tampered with?
We built MeshFlow to be the robust infrastructure layer for serious production deployments—regardless of which LLM or base model you run on.
The 7-Line Promise (API Contract)¶
MeshFlow is designed to be code-first and frictionless. You can build, configure, and execute a governed multi-agent workflow in exactly 7 lines of Python:
from meshflow import Workflow, Agent, CostCap
wf = Workflow(cost_cap=CostCap(usd=5.00))
wf.add(Agent('researcher'), Agent('critic'), Agent('writer'))
result = wf.run('Write a competitive analysis of Flowise')
print(result)
Core Architecture & Differentiators¶
- Progressive Governance Profiles: Attach policies (such as
dev,standard,regulated, orhipaa) to workflows. Under the hood, these profiles dynamically block PII leaks, restrict third-party tool network ingress/egress, and require human-in-the-loop sign-off on sensitive steps. - Unix-Isolated Subprocess Sandbox: When an agent requests code execution (e.g. through a Python REPL tool), MeshFlow spawns a hard-restricted subprocess with memory caps (
setrlimit), strict execution timeouts, and complete outbound network blocks. This prevents sandbox escapes and command injections. - Sliding Window Token Optimiser: Built-in context deduplication, sliding window summary pruner, and automatic prompt caching (injecting
cache_controltags for Anthropic API discount). Multi-turn agent runs save up to 75% on input token costs automatically. - Durable Resume Backends: Workflows run on a durable state machine that persists checkpoint frames to SQLite, Redis, PostgreSQL, or Amazon S3. If a container crashes mid-execution, MeshFlow resumes exactly where it left off.
- Tamper-Evident Replay Ledger: Every single step is cryptographically hashed and linked to the previous step in a chain. If anyone attempts to modify audit logs, the signature chain breaks, satisfying compliance standards for SOC 2 and HIPAA.
Getting Started¶
MeshFlow is 100% open-source under the Apache-2.0 license.
You can run our visual trace studio locally to view timeline waterfall charts, examine state diffs, and perform time-travel debugging (rewind and run from any step):
We would love to hear your feedback on the API design, the sandbox architecture, and what features you need to run agents safely in your own teams. We'll be hanging out in the comments!
GitHub: github.com/Anteneh-T-Tessema/meshflow
Docs: meshflow.dev