Introduction

Secberus Agents are autonomous GRC (governance, risk, and compliance) agents that run multi-step compliance work on your behalf. Where the Pipeline API gives you a single building block — submit text, get mapped controls back — the Agents product ingests your evidence and policies, reasons over 200+ frameworks, and returns finished, cited results: coverage reports, policy drafts, and audit-readiness assessments.

Agents vs. Pipeline

Pipeline (Mapping API) Agents & Workflows
Unit of work One request → mapped controls A multi-step task → a finished report
Input Document text Your uploaded document corpus + a question or workflow
Output Ranked controls with confidence Grounded answers, coverage reports, drafted policies — with citations
Best for Embedding mapping into a pipeline or your own tooling Offloading GRC analysis end to end
Interface POST /v1/map, MCP map_document POST /v1/expert, slash commands, MCP expert_chat

The two products share the same continuously-updated knowledge base of framework controls, so anything you can map you can also reason about.

The orchestrator model

Every Agents request goes through an orchestrator. It reads your question, decides which specialist agents and tools are needed, runs them — often in parallel — and assembles a single grounded response. You don't call individual agents directly; you describe what you need (or invoke a workflow), and the orchestrator routes the work.

The specialist agents available to the orchestrator include:

Agent What it does
Knowledge Assistant Answers compliance questions with RAG retrieval over controls and your documents.
Audit Readiness Ingests evidence, maps it to controls, and evaluates sufficiency.
Policy Coverage Runs gap analysis of your policy corpus against framework controls.
Policy Generator Drafts policy documents that satisfy controls from multiple frameworks.
Evidence Sufficiency Scores a single artifact against a control: SUFFICIENT, PARTIAL, or INSUFFICIENT.
Gap Analysis Compares a policy to a control: MEETS_OR_EXCEEDS or INSUFFICIENT.

How you'll interact with the agents

There are three ways to reach the agents, all authenticated with your Secberus API key:

  1. Expert ChatPOST /v1/expert, a streaming (SSE) chat endpoint. This is the primary interface. See Expert Chat API.
  2. Slash commands — structured workflows you trigger inside expert chat by sending a message such as /policy-coverage or /policy-generator. See Workflows.
  3. MCP — call the agents as Model Context Protocol tools (expert_chat, upload_document, …) from your own agentic clients.

Most workflows operate over a document corpus you upload ahead of time. Start by reading the Quick Start, then dig into the Documents API.

Grounding and citations

Agents are retrieval-grounded. Responses are built from your uploaded documents and the framework control library, and findings cite the specific framework and control IDs they relied on. The orchestrator is scoped to GRC: it declines questions outside the compliance domain rather than answering from general knowledge.