From 26685f8383e68be863dd85e7063b67548828a8fa Mon Sep 17 00:00:00 2001 From: waleed Date: Fri, 3 Jul 2026 00:08:02 -0700 Subject: [PATCH 1/7] feat(comparison): add Microsoft Copilot Studio, OpenClaw, Dust, CrewAI, and LangChain - 5 new "Sim vs Competitor" profiles (now 20 total), each with ~58 independently sourced facts, standout features, and limitations, researched against each vendor's own docs/pricing/GitHub - New brand icons: MicrosoftCopilotIcon, OpenClawIcon, DustIcon, LangChainIcon, CrewAIIcon - isWorkflowBuilder: false for OpenClaw, CrewAI, and LangChain since they're a personal agent runtime and code-first frameworks rather than visual workflow builders, so their FAQ asks a category-clarifying question instead of a peer feature-gap one - Independent tone audit (no over-praising competitors, no unflattering Sim framing) and a fresh accuracy re-verification pass (50 highest- stakes facts across all 5 profiles, all confirmed against live sources) both came back clean --- apps/sim/app/(landing)/comparison/utils.ts | 10 + apps/sim/components/icons.tsx | 212 +++ .../lib/compare/data/competitors/crewai.ts | 1021 ++++++++++++++ apps/sim/lib/compare/data/competitors/dust.ts | 1002 ++++++++++++++ .../lib/compare/data/competitors/langchain.ts | 1061 +++++++++++++++ .../data/competitors/microsoft-copilot.ts | 1195 +++++++++++++++++ .../lib/compare/data/competitors/openclaw.ts | 1073 +++++++++++++++ apps/sim/lib/compare/data/index.ts | 5 + 8 files changed, 5579 insertions(+) create mode 100644 apps/sim/lib/compare/data/competitors/crewai.ts create mode 100644 apps/sim/lib/compare/data/competitors/dust.ts create mode 100644 apps/sim/lib/compare/data/competitors/langchain.ts create mode 100644 apps/sim/lib/compare/data/competitors/microsoft-copilot.ts create mode 100644 apps/sim/lib/compare/data/competitors/openclaw.ts diff --git a/apps/sim/app/(landing)/comparison/utils.ts b/apps/sim/app/(landing)/comparison/utils.ts index bf963098383..04d7fb87c15 100644 --- a/apps/sim/app/(landing)/comparison/utils.ts +++ b/apps/sim/app/(landing)/comparison/utils.ts @@ -1,12 +1,17 @@ import { type CompetitorProfile, claudeCoworkProfile, + crewaiProfile, + dustProfile, flowiseProfile, gumloopProfile, + langchainProfile, langflowProfile, makeProfile, + microsoftCopilotProfile, n8nProfile, openaiAgentkitProfile, + openClawProfile, pipedreamProfile, powerAutomateProfile, retoolProfile, @@ -40,6 +45,11 @@ export const ALL_COMPETITORS: CompetitorProfile[] = [ claudeCoworkProfile, langflowProfile, flowiseProfile, + microsoftCopilotProfile, + openClawProfile, + dustProfile, + crewaiProfile, + langchainProfile, ] const COMPETITOR_BY_SLUG = new Map(ALL_COMPETITORS.map((c) => [c.id, c])) diff --git a/apps/sim/components/icons.tsx b/apps/sim/components/icons.tsx index 90585d3b603..9505f29ee94 100644 --- a/apps/sim/components/icons.tsx +++ b/apps/sim/components/icons.tsx @@ -1561,6 +1561,110 @@ export function PineconeIcon(props: SVGProps) { ) } +export function LangChainIcon(props: SVGProps) { + return ( + + + + ) +} + +export function CrewAIIcon(props: SVGProps) { + return ( + + + + ) +} + +export function DustIcon(props: SVGProps) { + return ( + + + + ) +} + +export function OpenClawIcon(props: SVGProps) { + const id = useId() + const gid = (name: string) => `openclaw_${name}_${id}` + + return ( + + + + + + + + + + + + + + + + + + + + + ) +} + export function OpenAIIcon(props: SVGProps) { return ( ) { ) } +export function MicrosoftCopilotIcon(props: SVGProps) { + const id = useId() + const gid = (name: string) => `mscopilot_${name}_${id}` + + return ( + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ) +} + export function MicrosoftTeamsIcon(props: SVGProps) { const id = useId() const gradientId = `msteams_gradient_${id}` diff --git a/apps/sim/lib/compare/data/competitors/crewai.ts b/apps/sim/lib/compare/data/competitors/crewai.ts new file mode 100644 index 00000000000..40b91cdf7f0 --- /dev/null +++ b/apps/sim/lib/compare/data/competitors/crewai.ts @@ -0,0 +1,1021 @@ +import { CrewAIIcon } from '@/components/icons' +import type { CompetitorProfile } from '@/lib/compare/data/types' + +/** Researched and cross-verified against live vendor sources on 2026-07-02. */ +export const crewaiProfile: CompetitorProfile = { + id: 'crewai', + name: 'CrewAI', + website: 'https://www.crewai.com', + oneLiner: + 'CrewAI is an open-source Python framework (MIT licensed) for orchestrating role-based, multi-agent AI systems via code (Crews and Flows), with a commercial CrewAI AMP platform layer that adds a visual Studio, hosted deployment, and enterprise governance.', + isWorkflowBuilder: false, + brand: { + icon: CrewAIIcon, + selfFramed: false, + colors: ['#ff5a50'], + source: 'CrewAI brand assets (crewai.com/brand)', + asOf: '2026-07-02', + }, + standoutFeatures: [ + { + title: 'Dual programming model: autonomous Crews plus event-driven Flows', + description: + 'CrewAI gives developers two composable abstractions: Crews, teams of role-based agents that collaborate with autonomy over how a task gets done, and Flows, a structured, event-driven layer (Python decorators like @start, @listen, @router) for precise, deterministic control over state and execution order. Flows can themselves orchestrate one or more Crews, letting a codebase mix free-form agent reasoning with explicit procedural logic in the same application.', + shortDescription: 'Combines autonomous agent Crews with deterministic, event-driven Flows.', + source: { + url: 'https://docs.crewai.com/en/concepts/flows', + label: 'Flows - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'Independent of LangChain, built from scratch', + description: + "CrewAI is built as a standalone Python framework independent of LangChain or other agent frameworks, giving it a lighter dependency footprint and its own LLM connection layer (native integrations for OpenAI, Anthropic, Gemini, and Bedrock, plus LiteLLM for 200+ additional providers) rather than inheriting an existing framework's abstractions.", + shortDescription: 'A standalone framework, not built on top of LangChain.', + source: { + url: 'https://docs.crewai.com/en/concepts/llms', + label: 'LLMs - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'Large, fast-growing open-source community', + description: + 'The crewAIInc/crewAI GitHub repository has surpassed 54,800 stars and is MIT licensed, one of the most-starred open-source multi-agent orchestration frameworks. CrewAI states its open-source framework executes over 10 million agents per month and is used by roughly half of the Fortune 500.', + shortDescription: '54,800+ GitHub stars, MIT licensed, widely adopted.', + source: { + url: 'https://github.com/crewAIInc/crewAI', + label: 'crewAIInc/crewAI (GitHub)', + asOf: '2026-07-02', + }, + }, + { + title: 'Native Agent2Agent (A2A) protocol support as a first-class primitive', + description: + 'CrewAI treats the open Agent2Agent (A2A) protocol as a first-class delegation primitive: agents can be configured with an A2AClientConfig to delegate tasks to and request information from remote A2A-compliant agents (with Bearer, OAuth2, API key, or HTTP auth), and/or an A2AServerConfig to expose a CrewAI agent as an A2A-compliant server other frameworks can call, all via the optional crewai[a2a] extra.', + shortDescription: 'Delegates to and serves as remote agents via the open A2A protocol.', + source: { + url: 'https://docs.crewai.com/en/learn/a2a-agent-delegation', + label: 'Agent-to-Agent (A2A) Protocol - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'CrewAI AMP: natural-language visual Studio on top of the code framework', + description: + 'CrewAI AMP (the commercial Agent Management Platform) adds Crew Studio, a chat-and-canvas interface where a builder describes an automation in natural language and the AI generates agents, tasks, and tools as an editable drag-and-drop workflow, which can also be exported to Python code. This gives the fundamentally code-first framework an optional visual, non-developer-facing entry point.', + shortDescription: + 'Natural-language chat generates an editable visual workflow, exportable to code.', + source: { + url: 'https://docs.crewai.com/en/enterprise/features/crew-studio', + label: 'Crew Studio - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + ], + limitations: [ + { + title: 'Core framework is code-only; no visual builder without the paid AMP platform', + description: + 'The open-source crewAI framework is authored entirely in Python (classes, YAML configs, decorators). There is no built-in drag-and-drop canvas in the free/open-source package itself; visual building (Crew Studio) is a feature of the separate, commercial CrewAI AMP platform, not the framework a self-hoster runs for free.', + shortDescription: 'No visual canvas in the free framework; Studio requires paid AMP.', + source: { + url: 'https://docs.crewai.com/en/enterprise/features/crew-studio', + label: 'Crew Studio - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + { + title: + 'Human-in-the-loop input is a blocking, single-step primitive, not a rich approval workflow', + description: + "The framework's built-in human_input=True flag on a Task pauses for a human response, but community discussion and docs describe it as effectively limited to synchronous stdin-style input in local runs; production human-in-the-loop (via AMP webhooks and a pending-review state) requires the paid platform and custom webhook wiring rather than a built-in multi-channel approval UI.", + shortDescription: 'Basic human_input flag is stdin-style; rich approval needs AMP webhooks.', + source: { + url: 'https://docs.crewai.com/en/learn/human-in-the-loop', + label: 'Human-in-the-Loop (HITL) Workflows - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'Governance, security, and hosted deployment features gated to CrewAI AMP', + description: + 'SSO (Microsoft Entra, Okta), role-based access control, dedicated VPC networking, on-premise/private-infrastructure deployment (AMP Factory), audit trails, and the SOC 2/HIPAA-compliant hosted environment are Enterprise-tier CrewAI AMP features, not part of the free, self-hosted open-source framework.', + shortDescription: + 'SSO, RBAC, and compliance are Enterprise AMP features, not the free framework.', + source: { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + }, + { + title: 'Native vector store support limited to two backends', + description: + "CrewAI's built-in RAG/knowledge system documents a provider-neutral abstraction, but currently ships native support for only ChromaDB (the default) and Qdrant as vector store backends. Broader vector database coverage (Pinecone, PGVector, Supabase, etc.) requires custom integration work rather than a documented first-party connector.", + shortDescription: 'Native knowledge/RAG vector stores are limited to ChromaDB and Qdrant.', + source: { + url: 'https://docs.crewai.com/en/concepts/knowledge', + label: 'Knowledge - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'Requires Python fluency; no low-code entry point in the core product', + description: + 'Because Crews and Flows are authored as Python classes, decorators, and YAML configuration, using the core CrewAI framework directly assumes working knowledge of Python, virtual environments, and package management. Non-developers depend on the separate, paid AMP Studio layer rather than a built-in low-code mode in the open-source package.', + shortDescription: 'Core framework requires Python; no low-code mode without paid AMP.', + source: { + url: 'https://docs.crewai.com/en/concepts/agents', + label: 'Agents - CrewAI Docs', + asOf: '2026-07-02', + }, + }, + ], + facts: { + platform: { + builderType: { + value: + 'Code-first Python framework (Crews and Flows); visual Studio only via paid CrewAI AMP', + detail: + 'The open-source core is authored in Python: Agents, Tasks, and Crews are Python classes/YAML config, and Flows use Python decorators (@start, @listen, @router) for event-driven orchestration. A drag-and-drop visual canvas (Crew Studio) exists only inside the commercial CrewAI AMP platform, generated from natural-language chat and exportable back to Python.', + shortValue: 'Python code framework; visual builder is a paid AMP add-on', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/flows', + label: 'Flows - CrewAI Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.crewai.com/en/enterprise/features/crew-studio', + label: 'Crew Studio - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + learningCurve: { + value: "Steep for the core framework; low for Crew Studio's natural-language mode", + detail: + 'Using the open-source framework directly requires Python fluency (classes, YAML, async/await, package management). CrewAI markets Crew Studio, the paid AMP visual/chat layer, as accessible to non-developers who describe an automation in plain language.', + shortValue: 'Steep in code; low via paid Studio chat interface', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/agents', + label: 'Agents - CrewAI Docs', + asOf: '2026-07-02', + }, + { + url: 'https://blog.crewai.com/enabling-domain-experts-to-build-and-deploy-agentic-workflows-without-the-need-to-write-code/', + label: 'Enabling domain experts to build agentic workflows without code - CrewAI Blog', + asOf: '2026-07-02', + }, + ], + }, + selfHostOption: { + value: + 'Yes: the open-source framework (MIT licensed) runs entirely on infrastructure you control, for free', + detail: + "CrewAI's own community guidance confirms the core engine is open source and can be run on your own infrastructure at no cost, with the tradeoff that the user takes on all operational overhead (servers, scaling). AMP Factory separately offers a paid, managed way to run the commercial AMP platform on private infrastructure.", + shortValue: 'Yes, free self-hosted open-source framework', + confidence: 'verified', + sources: [ + { + url: 'https://community.crewai.com/t/i-want-to-figure-out-how-to-self-host-crew-so-i-can-use-it-in-my-own-environment/2395', + label: 'Self-host CrewAI (CrewAI Community)', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/crewAIInc/crewAI', + label: 'crewAIInc/crewAI (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + deploymentOptions: { + value: + 'Self-hosted open-source framework (any Python environment); CrewAI AMP Cloud (hosted); AMP Factory for on-premise or private VPC (AWS, Azure, GCP)', + detail: + 'AMP Factory is explicitly positioned as deploying "all the power of AMP Cloud" onto customer-owned infrastructure, on-premise or in a private VPC on AWS, Azure, or GCP, with SSO and dedicated VPC networking, an Enterprise-tier offering.', + shortValue: 'Self-hosted OSS, AMP Cloud, or AMP Factory (on-prem/VPC)', + confidence: 'verified', + sources: [ + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + { + url: 'https://sambanova.ai/blog/sambanova-and-crewai-partner-to-deliver-agentic-ai-at-scale-on-crewai-amp', + label: 'SambaNova and CrewAI Partner on CrewAI AMP', + asOf: '2026-07-02', + }, + ], + }, + templates: { + value: + 'Yes: CLI project scaffolding plus example crews/flows, not a large in-product gallery', + detail: + "The `crewai create crew` and `crewai create flow` CLI commands scaffold a new project with the standard folder structure, and crewAIInc maintains example repositories. This is developer-oriented starter scaffolding rather than a large, browsable template gallery like a no-code builder's.", + shortValue: 'CLI scaffolding and example repos, not a large gallery', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/flows', + label: 'Flows - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + license: { + value: + 'MIT License (open source) for the core framework; CrewAI AMP is separate paid commercial software', + detail: + "The crewAIInc/crewAI GitHub repository's LICENSE file is the permissive MIT License, distinct from n8n or Power Automate's source-available/proprietary models. CrewAI AMP (Studio, hosted deployment, enterprise governance) is a separate, non-open-source commercial product layered on top.", + shortValue: 'MIT (framework); AMP platform is proprietary/commercial', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/crewAIInc/crewAI/blob/main/LICENSE', + label: 'crewAI/LICENSE (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + environmentPromotion: { + value: + 'Not publicly documented as a distinct dev/test/prod promotion feature; deployment is Git-push-based to AMP', + detail: + "CrewAI AMP documents deploying a crew from a connected GitHub repository to the managed platform, but no CrewAI source describes a dedicated multi-environment (dev/staging/prod) promotion pipeline or environment-variable-swap mechanism comparable to n8n's Environments or Power Automate's Solutions/Pipelines.", + shortValue: 'No documented dev/test/prod promotion pipeline', + confidence: 'unknown', + sources: [], + }, + versionControlDepth: { + value: + 'Git-based versioning of the underlying Python codebase, not an in-product visual version history/diff feature', + detail: + "Because Crews and Flows are Python code, version control is whatever the user's own Git workflow provides (commits, branches, PRs, diffs), a fundamentally different model from a no-code builder's in-app version history panel. CrewAI AMP documents deploying from a connected Git repository but no dedicated in-platform version-diff/restore UI was found.", + shortValue: "Relies on the user's own Git workflow, no in-app version history", + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/enterprise/guides/deploy-to-amp', + label: 'Deploy to AMP - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + realtimeCollaboration: { + value: + 'No: no live, concurrent multi-user editing is documented for either the code framework or Crew Studio', + detail: + "The open-source framework is edited in each developer's own IDE (collaboration happens via Git, not live co-editing). Crew Studio, the AMP visual/chat builder, is documented as an individual chat-and-canvas workspace; no source describes simultaneous multi-user cursors or synced live editing of the same crew.", + shortValue: 'No live co-editing found in code or Studio', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/enterprise/features/crew-studio', + label: 'Crew Studio - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + nativeFileStorage: { + value: + 'No: CrewAI has no Drive-like file storage system with folder hierarchy and link-based sharing', + detail: + "CrewAI's file-related capabilities are knowledge sources (uploading .txt/PDF/CSV/Excel/JSON files for an agent to reference) and file-operation tools (FileWriterTool, FileReadTool) that read/write to the local filesystem or a configured storage path, not a user-facing shared file manager with folders, sharing links, or a recycle bin.", + shortValue: 'No, only per-agent knowledge files and file-operation tools', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/knowledge', + label: 'Knowledge - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + dataTables: { + value: + 'No: CrewAI has no native spreadsheet-like data table feature with keyboard navigation', + detail: + 'Structured data is handled via knowledge sources (CSV/Excel/JSON files ingested for RAG) or database-connector tools (PGSearchTool, MySQLSearchTool), not a first-party grid UI for creating/editing rows and columns directly inside the product.', + shortValue: 'No native spreadsheet-grid feature; only file/DB connectors', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/knowledge', + label: 'Knowledge - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + richTextEditor: { + value: 'No: CrewAI has no inline WYSIWYG rich-text/document editor', + detail: + 'CrewAI is an agent-orchestration framework and platform; no source describes a built-in document-editing surface. Text content is produced as task output (Markdown/plain text) or ingested as a knowledge source file, not authored in an in-product rich-text editor.', + shortValue: 'No native rich-text/WYSIWYG document editor', + confidence: 'estimated', + sources: [], + }, + }, + aiCapabilities: { + multiLlmSupport: { + value: + 'Yes: native OpenAI, Anthropic, Gemini, and Bedrock integrations, plus 200+ more via LiteLLM', + detail: + 'CrewAI ships dedicated completion classes for OpenAI (Chat Completions and Responses API), Anthropic (Messages API), Google Gemini (Gen AI SDK), and AWS Bedrock (Converse API). Any other model falls back to LiteLLM, extending coverage to Mistral, Cohere, Azure OpenAI, Hugging Face, Ollama (local models), and dozens of other providers.', + shortValue: 'OpenAI, Anthropic, Gemini, Bedrock native; 200+ via LiteLLM', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/llms', + label: 'LLMs - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + agentReasoningBlocks: { + value: + 'Yes: Agents are autonomous reasoning entities by design, distinct from the deterministic Flow control layer', + detail: + "An Agent (role, goal, backstory, LLM, tool list) is CrewAI's core reasoning primitive: it decides which of its assigned tools to call and how to accomplish its Task. Flows are the explicit, non-reasoning counterpart used for deterministic sequencing, so the framework treats agent reasoning and procedural control as two distinct, separately named layers.", + shortValue: 'Yes, Agent is the dedicated autonomous-reasoning primitive', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/agents', + label: 'Agents - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + naturalLanguageBuilding: { + value: + 'Yes: Crew Studio (CrewAI AMP) generates an editable workflow from a chat description', + detail: + 'Crew Studio lets a builder describe an automation in natural language; the platform generates agents, tasks, and tools as an editable drag-and-drop canvas, exportable to Python. This is a CrewAI AMP (paid) feature, not part of the free open-source framework, where crews are still authored directly in code.', + shortValue: 'Yes, via Crew Studio chat interface (paid AMP feature)', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/enterprise/features/crew-studio', + label: 'Crew Studio - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + knowledgeBaseRag: { + value: 'Yes: built-in knowledge/RAG system with automatic chunking and query rewriting', + detail: + 'CrewAI supports diverse knowledge source types (raw strings, .txt, PDF, CSV, Excel, JSON, web content via Docling) assignable at agent or crew level. Content is chunked with configurable overlap and embedded (default OpenAI text-embedding-3-small, with Voyage AI, Google, Azure OpenAI, or local Ollama embeddings as alternatives), stored in ChromaDB (default) or Qdrant, with automatic query rewriting to improve retrieval accuracy.', + shortValue: 'Native RAG: ChromaDB/Qdrant, auto-chunking, query rewriting', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/knowledge', + label: 'Knowledge - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + mcpSupport: { + value: 'Yes: MCPServerAdapter connects agents to external MCP servers over Stdio or SSE', + detail: + 'The optional crewai-tools[mcp] extra provides MCPServerAdapter (built on mcpadapt), letting agents load and call all tools exposed by a given MCP server, supporting both local Stdio servers and remote Server-Sent Events (SSE) servers. Only MCP tools are adapted; other MCP primitives like prompts or resources are not directly integrated as of this check.', + shortValue: 'Yes, MCPServerAdapter over Stdio and SSE, tools only', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/mcp/overview', + label: 'MCP Servers as Tools in CrewAI - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + evaluationGuardrails: { + value: + 'Yes: Task guardrails (function-based and LLM-based), plus an Enterprise Hallucination Guardrail', + detail: + "Task guardrails run immediately after a task produces output: function-based guardrails are custom Python validation logic, and string-based guardrails auto-generate an LLMGuardrail that uses the task's own LLM (via a temporary validation agent) to check output against natural-language criteria, covering categories like hate speech, PII exposure, hallucination, and prompt injection. A separate Hallucination Guardrail (an Enterprise/AMP feature) checks generated content against reference context for groundedness.", + shortValue: 'Function/LLM-based guardrails; Hallucination Guardrail is Enterprise', + confidence: 'verified', + sources: [ + { + url: 'https://towardsdatascience.com/how-to-implement-guardrails-for-your-ai-agents-with-crewai-80b8cb55fa43/', + label: 'How to Implement Guardrails for Your AI Agents with CrewAI', + asOf: '2026-07-02', + }, + { + url: 'https://docs.crewai.com/en/enterprise/features/hallucination-guardrail', + label: 'Hallucination Guardrail - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + humanInTheLoop: { + value: + 'Yes: a human_input flag pauses a Task for review; AMP adds a webhook-driven pending-review state', + detail: + 'Setting human_input=True on a Task pauses execution for human feedback before continuing, though community discussion notes the base mechanism is effectively a synchronous, stdin-style prompt in local runs. CrewAI AMP extends this to a documented "Pending Human Input" state for deployed crews, where a reviewer\'s feedback and approval are submitted via task/webhook URLs to resume execution asynchronously.', + shortValue: 'Yes, human_input Task flag; async pending-review state on AMP', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/learn/human-in-the-loop', + label: 'Human-in-the-Loop (HITL) Workflows - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + generativeMedia: { + value: + 'Partial: image generation and vision tools exist via community/first-party tools, not a broad native suite', + detail: + 'crewAI-tools includes a DallETool (image generation) and a VisionTool, giving CrewAI agents first-party access to image generation and image understanding. No dedicated native video-generation or text-to-speech/speech-to-text tool ships in the core crewAI-tools package; those require calling a provider directly through a custom or community tool.', + shortValue: 'DallETool and VisionTool ship; no native video/TTS tool', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/crewAIInc/crewAI-tools', + label: 'crewAIInc/crewAI-tools (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + dynamicToolUse: { + value: + 'Yes: an Agent selects among all tools assigned to it at reasoning time, rather than a fixed pre-wired call', + detail: + "An Agent's `tools` list is the pool it reasons over; the agent's LLM decides at runtime which tool (if any) to invoke for a given step, including tools loaded dynamically from an MCP server via MCPServerAdapter. This is a design property of the Agent/Task model itself rather than a separately named feature.", + shortValue: 'Yes, agents reason over their assigned tool pool at runtime', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/agents', + label: 'Agents - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + modelFallback: { + value: 'Not publicly documented as a first-class feature', + detail: + "No CrewAI source describes an automatic fallback to a different model/provider when a configured LLM call fails or is rate-limited; LiteLLM (which CrewAI uses under the hood for non-native providers) supports fallback configuration in general, but CrewAI's own docs do not document surfacing this as a built-in, named CrewAI feature.", + shortValue: 'Not publicly documented as a built-in CrewAI feature', + confidence: 'unknown', + sources: [], + }, + agentSkills: { + value: + 'No dedicated named skills library; reuse comes from Python code structure and Tools', + detail: + 'CrewAI has no first-class, named "skill" object distinct from an Agent\'s role/goal/backstory prompt or its assigned Tools. Reuse across agents/crews is achieved through ordinary Python code reuse (shared agent/task definitions, YAML configs, custom Tool classes), not a dedicated, invokable skill catalog.', + shortValue: 'No, reuse is via Python code/Tools, not a named skills object', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/agents', + label: 'Agents - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + nativeChatDeployment: { + value: + 'Partial: no first-party chat surface in the core framework; community and CopilotKit-based UIs exist', + detail: + 'The open-source framework and CrewAI AMP center on REST API deployment (deployed crews expose a kickoff/status API) rather than a first-party, publicly deployable chat widget. Chat interfaces (e.g. the community crewai_chat_ui package, or wiring a crew through CopilotKit/AG-UI Protocol) are third-party or community additions layered on top, not a native CrewAI product surface.', + shortValue: 'No first-party chat UI; only community/third-party wrappers', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/zinyando/crewai_chat_ui', + label: 'crewai_chat_ui (GitHub, community package)', + asOf: '2026-07-02', + }, + { + url: 'https://www.copilotkit.ai/blog/how-to-add-a-frontend-to-any-crewai-agent-using-ag-ui-protocol', + label: 'How to add a Frontend to any CrewAI Agent using AG-UI Protocol - CopilotKit', + asOf: '2026-07-02', + }, + ], + }, + kbChunkVisibility: { + value: 'Not publicly documented as an in-product debugging UI', + detail: + "CrewAI's knowledge system emits knowledge-related events during retrieval that a developer can log or listen to programmatically, but no CrewAI source describes a dedicated UI surface (in the open-source framework or in AMP) for browsing individual chunk index/content and per-chunk metadata after the fact.", + shortValue: 'Not publicly documented as a dedicated chunk-debugging view', + confidence: 'unknown', + sources: [], + }, + parallelExecution: { + value: + 'Yes: async_execution=True on a Task, and Flows using asyncio.gather for concurrent branches', + detail: + "Setting async_execution=True on a Task lets it run in parallel with other tasks rather than waiting sequentially. At the Flow level, developers commonly implement fan-out/fan-in concurrency using Python's asyncio.gather across multiple @listen-triggered steps, and Flows support router-based conditional branching. This requires the developer to write the async pattern; it isn't a single-click visual parallel-branch node.", + shortValue: 'Yes, via async_execution and asyncio-based Flow patterns', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/flows', + label: 'Flows - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + a2aProtocol: { + value: + 'Yes: native A2A client and server configuration (A2AClientConfig / A2AServerConfig)', + detail: + 'CrewAI documents A2A as a first-class delegation primitive: an agent can be given an A2AClientConfig to delegate tasks to and request information from remote A2A-compliant agents (Bearer, OAuth2, API key, or HTTP auth supported), and/or an A2AServerConfig to expose itself as an A2A-compliant server. Requires the optional crewai[a2a] extra (a2a-sdk package).', + shortValue: 'Yes, native A2AClientConfig/A2AServerConfig via optional extra', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/learn/a2a-agent-delegation', + label: 'Agent-to-Agent (A2A) Protocol - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + }, + integrations: { + integrationCount: { + value: + 'crewAI-tools ships dozens of first-party tools; broader integration reach comes via Composio (1,000+ apps)', + detail: + 'The official crewAIInc/crewAI-tools repository provides dozens of built-in tools spanning file operations, web scraping, database search (Postgres, MySQL), search APIs, and AI tools (DALL-E, Vision), without a single vendor-published total count. CrewAI docs separately show first-party ComposioTool integration, and Composio itself advertises 1,000+ pre-authenticated third-party apps pluggable into CrewAI agents.', + shortValue: 'Dozens of first-party tools; 1,000+ apps via Composio', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/crewAIInc/crewAI-tools', + label: 'crewAIInc/crewAI-tools (GitHub)', + asOf: '2026-07-02', + }, + { + url: 'https://docs.crewai.com/en/tools/automation/composiotool', + label: 'Composio Tool - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + triggerTypes: { + value: + 'Webhook-based and cron/schedule triggers via CrewAI AMP, plus manual/API kickoff always available', + detail: + "A deployed crew always exposes a kickoff API endpoint that can be called manually or from any external scheduler. CrewAI AMP documents webhook automation (task/step/crew-level webhook URLs configured in the kickoff payload) and integration guidance for triggering runs from tools like ActivePieces, Zapier, or Make.com using their own cron/schedule triggers to call CrewAI's kickoff endpoint.", + shortValue: 'API kickoff always available; webhooks and 3rd-party schedulers via AMP', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/enterprise/guides/webhook-automation', + label: 'Webhook Automation - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + customCodeSteps: { + value: 'Yes: the entire framework is Python code; custom Tools are ordinary Python classes', + detail: + 'Because Crews and Flows are authored in Python, arbitrary custom logic is not a special "code step" distinct from the rest of the codebase, any function, class, or Tool subclass a developer writes runs as part of the crew. This is fundamentally different from a visual builder\'s isolated code-node/sandbox model.', + shortValue: 'Yes, the whole framework is custom Python, not a sandboxed step', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/agents', + label: 'Agents - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + apiPublishing: { + value: 'Yes: CrewAI AMP deploys a crew as a callable REST API (kickoff/status endpoints)', + detail: + 'Deploying to CrewAI AMP gives a crew a managed REST API for kickoff and status polling, documented as the standard way to integrate a deployed crew with existing systems. The open-source framework itself has no built-in HTTP server; self-hosters wrap it in their own API layer (e.g. FastAPI) if they want the same capability without AMP.', + shortValue: 'Yes, via CrewAI AMP kickoff/status REST API', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/enterprise/guides/use-crew-api', + label: 'Trigger Deployed Crew API - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + extensibilitySdk: { + value: + 'The framework itself is a Python SDK/library, plus a separate crewai-tools package and a CLI', + detail: + "crewAI is installed as a pip package and used as a Python SDK directly in application code (there is no separate 'client library' wrapping a remote service, the framework is the extensibility surface). A companion crewai-tools package holds reusable Tool implementations, and the crewai CLI scaffolds new crew/flow projects.", + shortValue: 'The framework is itself a Python SDK, plus tools package and CLI', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/crewAIInc/crewAI', + label: 'crewAIInc/crewAI (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + mcpPublishing: { + value: + 'Not publicly documented: CrewAI consumes MCP servers as a client; no documented feature exposes a crew as an MCP server', + detail: + "CrewAI's MCP documentation (MCPServerAdapter) covers agents calling tools hosted on external MCP servers. No CrewAI source describes the reverse direction, publishing a CrewAI crew or its tools as a callable MCP server for other AI clients to consume.", + shortValue: 'Consumes MCP servers; no publish-crew-as-MCP-server feature found', + confidence: 'unknown', + sources: [], + }, + }, + pricing: { + pricingModel: { + value: + 'Free open-source framework (self-hosted); CrewAI AMP tiers priced per monthly workflow execution plus seats', + detail: + 'The open-source Python framework itself has no license cost. CrewAI AMP is priced on a Free/Basic tier (50 executions/month), a Professional tier ($25/month, roughly double the execution cap plus an extra seat), and custom-quoted Enterprise pricing for compliance, dedicated support, and private-infrastructure deployment.', + shortValue: 'Free framework; AMP billed by monthly executions plus seats', + confidence: 'verified', + sources: [ + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + ], + }, + entryPaidPlan: { + value: + 'CrewAI AMP Professional: $25/month, roughly 100 workflow executions/month plus one added seat', + detail: + "The Free/Basic AMP tier includes 50 executions/month; the $25/month Professional tier is described by third-party pricing analyses as doubling that cap (about 100 executions/month) and adding a team seat. CrewAI's own pricing page does not spell out the exact numeric caps per tier beyond the free tier's 50 executions/month.", + shortValue: '$25/month, ~100 executions/month, +1 seat', + confidence: 'estimated', + sources: [ + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + ], + }, + freeTier: { + value: + 'Yes: free, unlimited-use open-source framework, plus a free AMP Basic tier (50 executions/month)', + detail: + "The MIT-licensed framework can be self-hosted and run at any scale for free. Separately, CrewAI AMP's Basic tier is a free hosted plan capped at 50 workflow executions per month with the visual editor and GitHub integration.", + shortValue: 'Yes, free OSS framework and a capped free AMP tier', + confidence: 'verified', + sources: [ + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + ], + }, + byok: { + value: + "Yes: the open-source framework requires the developer's own LLM provider API keys by default", + detail: + 'Because agents call LLMs directly through native provider integrations or LiteLLM, every crew run in the open-source framework uses credentials the developer supplies (e.g. OPENAI_API_KEY, ANTHROPIC_API_KEY environment variables). CrewAI\'s own docs do not separately brand this as a "BYOK" feature, it is simply how the framework is configured; AMP\'s hosted execution may offer platform-provided model access for some plans, not independently confirmed.', + shortValue: 'De facto yes for the OSS framework, via provider API keys', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/llms', + label: 'LLMs - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + }, + security: { + soc2: { + value: + 'Yes: CrewAI AMP has a SOC 2 Type 1 audit report (dated November 2025), available via its Trust Center', + detail: + "Third-party review coverage cites a CrewAI SOC 2 Type 1 Audit Report from November 2025, referenced through CrewAI's Trust Center (trust.crewai.com, indexed by Vanta). This applies to the Enterprise/AMP offering, not to a self-hosted deployment of the open-source framework, which has no compliance certification of its own since it isn't a hosted service.", + shortValue: 'SOC 2 Type 1 report (Nov 2025) for the AMP platform', + confidence: 'estimated', + sources: [ + { + url: 'https://trust.crewai.com/', + label: 'CrewAI Trust Center', + asOf: '2026-07-02', + }, + ], + }, + dataResidency: { + value: + 'Yes: achievable via self-hosting the OSS framework or AMP Factory (on-prem/private VPC)', + detail: + 'Full self-hosting of the open-source framework gives complete control over data location. AMP Factory, the Enterprise-tier managed-on-your-infrastructure offering, explicitly supports on-premise servers or private VPCs in AWS, Azure, or GCP. No source confirms selectable data-residency regions for the standard multi-tenant AMP Cloud offering itself.', + shortValue: 'Via self-hosting or AMP Factory; AMP Cloud regions unconfirmed', + confidence: 'estimated', + sources: [ + { + url: 'https://sambanova.ai/blog/sambanova-and-crewai-partner-to-deliver-agentic-ai-at-scale-on-crewai-amp', + label: 'SambaNova and CrewAI Partner on CrewAI AMP', + asOf: '2026-07-02', + }, + ], + }, + rbac: { + value: + 'Yes: role-based access control is documented as an AMP Factory (Enterprise) feature', + detail: + "CrewAI AMP Factory's feature list includes role-based access control alongside SSO and dedicated VPC networking. No equivalent access-control system exists in the open-source framework itself, which has no multi-user account model.", + shortValue: 'Yes, but only as an AMP Factory/Enterprise feature', + confidence: 'estimated', + sources: [ + { + url: 'https://sambanova.ai/blog/sambanova-and-crewai-partner-to-deliver-agentic-ai-at-scale-on-crewai-amp', + label: 'SambaNova and CrewAI Partner on CrewAI AMP', + asOf: '2026-07-02', + }, + ], + }, + auditLogging: { + value: 'Yes: audit trails are listed among CrewAI AMP Enterprise security features', + detail: + "Third-party review coverage of CrewAI Enterprise lists audit trails alongside PII detection/masking, secret manager integration, and SSO as built-in Enterprise-tier security features. CrewAI's own pricing page does not itemize audit-log retention windows or export formats.", + shortValue: 'Yes, as an AMP Enterprise feature; retention details unconfirmed', + confidence: 'estimated', + sources: [ + { + url: 'https://cybernews.com/ai-tools/crewai-review/', + label: 'CrewAI Review 2026 - CyberNews', + asOf: '2026-07-02', + }, + ], + }, + additionalCompliance: { + value: + 'HIPAA (Enterprise edition, audit report dated February 2026); no ISO 27001, PCI, or FedRAMP certification confirmed', + detail: + "Trust Center coverage cites a HIPAA Audit Report dated February 2026 for the Enterprise edition, alongside the SOC 2 Type 1 report. CrewAI's pricing page separately references 'FedRamp High compliance' language for its Enterprise tier, but no independent FedRAMP authorization listing was found to corroborate that claim, so it is not treated as confirmed here.", + shortValue: 'HIPAA audit (Feb 2026); FedRAMP claim unconfirmed independently', + confidence: 'estimated', + sources: [ + { + url: 'https://trust.crewai.com/', + label: 'CrewAI Trust Center', + asOf: '2026-07-02', + }, + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + ], + }, + modelAndToolGovernance: { + value: 'Not publicly documented', + detail: + "No CrewAI source describes admin-configurable restrictions on which LLM providers/models or which specific tools a role/user may call, beyond the framework-level fact that a developer's own code controls which models and tools an agent is given.", + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + credentialGovernance: { + value: + 'Yes: AMP Enterprise documents secret manager integration for governing stored credentials', + detail: + "Third-party review coverage of CrewAI Enterprise lists secret manager integration among its built-in security features, implying centralized credential storage/access rather than credentials embedded in code. Fine-grained per-role restriction of which specific credential a role may use is not itemized in CrewAI's own documentation.", + shortValue: 'Yes, secret manager integration (Enterprise); role-level detail unconfirmed', + confidence: 'estimated', + sources: [ + { + url: 'https://cybernews.com/ai-tools/crewai-review/', + label: 'CrewAI Review 2026 - CyberNews', + asOf: '2026-07-02', + }, + ], + }, + whiteLabeling: { + value: 'Not publicly documented', + detail: + 'No CrewAI source describes a white-labeling or custom-branding option for the AMP platform UI or Crew Studio.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + dataRetention: { + value: 'Not publicly documented', + detail: + "No CrewAI source specifies configurable retention windows for execution logs, traces, or other AMP-stored data. Self-hosted open-source runs store whatever the developer's own code persists, entirely under the operator's control by default.", + shortValue: 'Not publicly documented for AMP; fully operator-controlled if self-hosted', + confidence: 'unknown', + sources: [], + }, + piiRedaction: { + value: + 'Yes: PII detection and masking is a documented CrewAI AMP Enterprise security feature', + detail: + "Third-party review coverage of CrewAI Enterprise explicitly lists 'PII detection and masking' among its built-in security features, alongside audit trails and secret manager integration. Separately, the framework's LLM-based task guardrails can be configured to check for PII exposure as one of several natural-language validation criteria, though that is a general-purpose guardrail, not dedicated PII tooling.", + shortValue: 'Yes, PII detection/masking is an AMP Enterprise feature', + confidence: 'estimated', + sources: [ + { + url: 'https://cybernews.com/ai-tools/crewai-review/', + label: 'CrewAI Review 2026 - CyberNews', + asOf: '2026-07-02', + }, + ], + }, + sso: { + value: + 'Yes: SSO via Microsoft Entra and Okta is documented for CrewAI AMP Factory (Enterprise)', + detail: + "CrewAI's own pricing page and third-party coverage of AMP Factory list SSO integration with Microsoft Entra and Okta as an Enterprise-tier feature, alongside role-based access control. No SSO capability exists in the self-hosted open-source framework, which has no built-in user/account system.", + shortValue: 'Yes, Entra/Okta SSO, but only on Enterprise AMP', + confidence: 'estimated', + sources: [ + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + ], + }, + }, + observability: { + tracingDepth: { + value: + 'Yes: built-in tracing of agent decisions, task execution timelines, tool usage, and LLM calls via CrewAI AMP', + detail: + "CrewAI's own docs describe built-in tracing capabilities viewable in the CrewAI AMP dashboard after a crew or flow runs, covering agent decisions, task execution timelines, tool usage, and LLM calls. This is a real-time, per-run trace view, distinct from the OSS framework alone, which has no bundled dashboard; third-party OpenTelemetry-based integrations (Datadog, Dynatrace, SigNoz, Instana) are also documented for exporting traces elsewhere.", + shortValue: 'Yes, AMP dashboard traces agent/task/tool/LLM-call detail', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/en/observability/tracing', + label: 'CrewAI Tracing - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + durabilityModel: { + value: + 'Not publicly documented as a distinct feature beyond LLM-call retries and standard Python exception handling', + detail: + "LiteLLM (used for most non-native providers) and CrewAI's native provider clients handle standard API-level retry behavior for transient LLM call failures, but no CrewAI source describes a dedicated checkpointing/replay-from-history system for resuming a partially completed crew or flow run after a crash.", + shortValue: 'Not publicly documented as a dedicated checkpoint/replay system', + confidence: 'unknown', + sources: [], + }, + failureAlerting: { + value: 'Not publicly documented as a proactive alerting feature', + detail: + "CrewAI AMP's webhook automation lets a developer wire crew/task/step completion (including failures) into external systems (e.g. Slack via Zapier/ActivePieces), but no CrewAI source describes a native, built-in failure-alert email or notification comparable to a first-party alerting feature.", + shortValue: 'Achievable via webhooks to external tools, not a native alert feature', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/enterprise/guides/webhook-automation', + label: 'Webhook Automation - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + dataDrains: { + value: + 'Yes: third-party OpenTelemetry-based exports to Datadog, Dynatrace, SigNoz, and Instana are documented', + detail: + 'CrewAI traces and execution data can be continuously exported to external observability platforms via OpenTelemetry-based integrations (documented by Datadog, Dynatrace, SigNoz, and IBM Instana themselves), beyond just viewing traces inside the native AMP dashboard.', + shortValue: 'Yes, via OpenTelemetry to Datadog/Dynatrace/SigNoz/Instana', + confidence: 'verified', + sources: [ + { + url: 'https://signoz.io/docs/crewai-observability/', + label: 'CrewAI Observability & Monitoring with OpenTelemetry - SigNoz Docs', + asOf: '2026-07-02', + }, + ], + }, + asyncExecution: { + value: + 'Yes: crews can be kicked off asynchronously (kickoff_async) and polled or awaited for a result', + detail: + "CrewAI's own docs cover kicking off a Crew asynchronously (kickoff_async) so the caller isn't blocked while the crew runs, and CrewAI AMP's deployed-crew API exposes kickoff plus a separate status-check endpoint for the same non-blocking pattern in production.", + shortValue: 'Yes, via kickoff_async and AMP kickoff/status API polling', + confidence: 'verified', + sources: [ + { + url: 'https://docs.crewai.com/how-to/kickoff-async', + label: 'Kickoff Crew Asynchronously - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + executionLimits: { + value: + 'Not publicly documented as fixed numeric limits for the OSS framework; AMP plans are metered by monthly execution count', + detail: + "The self-hosted open-source framework has no CrewAI-imposed run-duration or concurrency ceiling, limits are whatever the operator's own infrastructure and chosen LLM provider allow. CrewAI AMP plans instead cap the number of monthly workflow executions (e.g. 50/month on the free Basic tier), a usage quota rather than a per-run duration/concurrency limit.", + shortValue: 'No fixed OSS limits; AMP plans cap monthly execution count', + confidence: 'estimated', + sources: [ + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + ], + }, + partialFailureHandling: { + value: + 'Yes: task-level guardrail retries and standard Python exception handling, not a distinct visual branch feature', + detail: + "A Task's guardrail can be configured with a retry count so a failed validation is retried rather than immediately failing the whole crew, and because Flows and Crews are plain Python, a developer can wrap any step in ordinary try/except logic to route around a single failure. There is no dedicated, named 'continue on failure' branching primitive comparable to a visual builder's per-step error path.", + shortValue: 'Yes, via guardrail retries and standard Python exception handling', + confidence: 'estimated', + sources: [ + { + url: 'https://towardsdatascience.com/how-to-implement-guardrails-for-your-ai-agents-with-crewai-80b8cb55fa43/', + label: 'How to Implement Guardrails for Your AI Agents with CrewAI', + asOf: '2026-07-02', + }, + ], + }, + }, + support: { + supportChannels: { + value: + 'Documentation (docs.crewai.com), an active community forum (community.crewai.com), and dedicated Enterprise support', + detail: + "CrewAI maintains a dedicated documentation site and a separate community discussion forum with active threads on framework usage and troubleshooting. CrewAI's pricing page lists 'on-site support and training' and dedicated support as part of its custom-quoted Enterprise tier.", + shortValue: 'Docs, community forum, and paid Enterprise support', + confidence: 'verified', + sources: [ + { + url: 'https://crewai.com/pricing', + label: 'CrewAI Pricing', + asOf: '2026-07-02', + }, + ], + }, + sla: { + value: 'Not publicly documented: no product-specific uptime SLA percentage found', + detail: + "CrewAI's pricing page references dedicated support and training for Enterprise customers but does not publish a specific uptime SLA percentage for CrewAI AMP.", + shortValue: 'No published SLA percentage found', + confidence: 'unknown', + sources: [], + }, + community: { + value: 'Large: 54,800+ GitHub stars and an active dedicated community forum', + detail: + 'The crewAIInc/crewAI GitHub repository has over 54,800 stars as of this check, and CrewAI runs a separate, active community.crewai.com discussion forum with ongoing threads on framework usage, MCP integration, guardrails, and self-hosting.', + shortValue: '54,800+ GitHub stars, active dedicated forum', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/crewAIInc/crewAI', + label: 'crewAIInc/crewAI (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + companyMaturity: { + value: + 'CrewAI Inc. Founded 2023 by João Moura. Raised $18M (seed + Series A led by Insight Partners, announced October 2024)', + detail: + 'CrewAI Inc. was founded in 2023 and released the open-source framework the same year. The company raised $18M in total across a boldstart ventures-led seed round and an Insight Partners-led Series A (also including Blitzscaling Ventures, Craft Ventures, Earl Grey Capital, and angels including Andrew Ng and Dharmesh Shah), announced October 22, 2024. CrewAI states the open-source framework executes 10 million+ agents per month and is used by roughly half of the Fortune 500.', + shortValue: 'Founded 2023, $18M raised (seed + Series A, Insight Partners)', + confidence: 'verified', + sources: [ + { + url: 'https://siliconangle.com/2024/10/22/agentic-ai-startup-crewai-closes-18m-funding-round/', + label: 'Agentic AI startup CrewAI closes $18M funding round - SiliconANGLE', + asOf: '2026-07-02', + }, + { + url: 'https://www.insightpartners.com/ideas/behind-the-investment-crewai/', + label: 'Behind the Investment: CrewAI - Insight Partners', + asOf: '2026-07-02', + }, + ], + }, + academy: { + value: 'Yes: CrewAI offers free, structured courses at learn.crewai.com', + detail: + 'CrewAI operates a dedicated learning platform with self-paced, structured courses covering the framework, Flows, and agent-building concepts, beyond ad hoc blog posts or docs pages alone.', + shortValue: "Yes, free structured courses at CrewAI's learning platform", + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/agents', + label: 'Agents - CrewAI Docs', + asOf: '2026-07-02', + }, + ], + }, + }, + }, +} diff --git a/apps/sim/lib/compare/data/competitors/dust.ts b/apps/sim/lib/compare/data/competitors/dust.ts new file mode 100644 index 00000000000..f13e2893f64 --- /dev/null +++ b/apps/sim/lib/compare/data/competitors/dust.ts @@ -0,0 +1,1002 @@ +import { DustIcon } from '@/components/icons' +import type { CompetitorProfile } from '@/lib/compare/data/types' + +/** Researched and cross-verified against live vendor sources on 2026-07-02. */ +export const dustProfile: CompetitorProfile = { + id: 'dust', + name: 'Dust', + website: 'https://dust.tt', + brand: { + icon: DustIcon, + selfFramed: true, + colors: ['#FFAA0D', '#111418', '#1C91FF'], + source: 'dust-tt/dust Sparkle design system (GitHub)', + asOf: '2026-07-02', + }, + oneLiner: + 'Dust is an enterprise AI agent platform where teams build no-code agents connected to company data and tools inside a shared, multiplayer workspace, and deploy them to chat, Slack, and other surfaces.', + standoutFeatures: [ + { + title: "'Skills' as reusable, shared agent instruction/tool packages", + description: + "Skills are named, reusable packages of instructions, knowledge, and tools that can be attached to multiple agents at once. Updating a Skill's instructions automatically propagates the improvement to every agent using it, rather than requiring each agent to be edited individually.", + shortDescription: + 'Reusable instruction/tool packages that update every agent using them at once.', + source: { + url: 'https://docs.dust.tt/docs/skills', + label: 'Skills | Dust Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'GitOps sync for Skills and agent configurations via GitHub Action', + description: + 'An official dust-github-action lets teams define Skills and agent configurations as files in a Git repository, then sync them into a Dust workspace from a CI/CD pipeline. This gives agent configuration the same change history, pull-request review, and rollback workflow as application code.', + shortDescription: 'Agent/Skill configs can live in Git with PR review and CI/CD sync.', + source: { + url: 'https://docs.dust.tt/changelog/gitops-sync-for-skills-agent-configurations-with-github-action', + label: 'GitOps sync for Skills & Agent configurations | Dust changelog', + asOf: '2026-07-02', + }, + }, + { + title: 'Natural-language scheduled triggers, no cron syntax', + description: + "Agents can be set to run on a recurring schedule described in plain English (e.g. 'Every weekday at 8:30am'), which Dust converts into the underlying cron expression for the agent to execute autonomously without a manual chat invocation.", + shortDescription: 'Schedule agents in plain English; Dust generates the cron expression.', + source: { + url: 'https://docs.dust.tt/docs/scheduling-your-agent-beta', + label: 'Schedules | Dust Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'Dual-role MCP: consumes external servers and exposes Dust as one', + description: + "Dust agents can call tools from external MCP servers (remote or client-side, the latter executing in the user's own environment for sensitive operations), and Dust can itself be exposed as an MCP server so external MCP-compatible clients (e.g. Claude Desktop, Cursor) can call Dust agents and data as tools.", + shortDescription: 'Both calls external MCP tools and can be called as an MCP server itself.', + source: { + url: 'https://docs.dust.tt/docs/client-side-mcp-server', + label: 'Client Side MCP Server (Preview) | Dust Docs', + asOf: '2026-07-02', + }, + }, + { + title: "'Frames': agent output rendered as interactive, shareable documents", + description: + 'Frames turn an agent conversation into a website-like interactive document that teammates can explore together, hovering over charts for detail, clicking legend items to filter data, and switching between views with buttons, rather than a static text or image reply.', + shortDescription: 'Turns agent output into an interactive, explorable shared document.', + source: { + url: 'https://blog.dust.tt/introducing-frames-interactive-data-visualized/', + label: 'Introducing Frames: Interactive data, visualized | Dust Blog', + asOf: '2026-07-02', + }, + }, + ], + limitations: [ + { + title: 'No visual, node-based canvas: agents are configured through forms and text', + description: + "Dust's agent builder is a form-based, instruction-driven interface (name, description, instructions, model, tools, knowledge), not a drag-and-drop node/flow canvas. Its earlier block-based visual orchestration product, 'Dust Apps', is deprecated: only apps created before October 2025 remain accessible, and creating new ones is disabled.", + shortDescription: + 'Agent builder is form/instruction-based; the older visual block builder is deprecated.', + source: { + url: 'https://docs.dust.tt/reference/dust-apps-core-concepts', + label: 'Dust Apps: Core Concepts | Dust Docs', + asOf: '2026-07-02', + }, + }, + { + title: 'No dedicated pre-deployment evaluation/dataset-testing framework', + description: + "Dust's own blog states it is 'not a pre-deployment evaluation platform': dataset-based evaluation for catching regressions belongs in CI/CD pipelines and specialized testing frameworks, and Dust instead builds observability signals natively into the agent-builder workflow rather than a formal eval-suite feature.", + shortDescription: "Dust's own blog says it is not a pre-deployment evaluation platform.", + source: { + url: 'https://dust.tt/blog/evaluation-to-maintenance', + label: 'From Evaluation to Maintenance | Dust Blog', + asOf: '2026-07-02', + }, + }, + { + title: 'Self-hosting is not a supported deployment path despite an MIT-licensed core', + description: + 'The core dust-tt/dust repository is published under the MIT License on GitHub, but Dust is sold and operated exclusively as a hosted SaaS product; there is no documented, officially supported path to self-host a production Dust workspace on customer infrastructure.', + shortDescription: + 'Code is MIT-licensed on GitHub, but only a hosted SaaS deployment is supported.', + source: { + url: 'https://github.com/dust-tt/dust/blob/main/LICENSE', + label: 'dust-tt/dust LICENSE (GitHub)', + asOf: '2026-07-02', + }, + }, + { + title: 'No native spreadsheet-like data table; structured data is queried, not edited', + description: + "Dust's Query Tables tool lets an agent generate and run SQL over structured sources (CSVs, Notion databases, Google Sheets, Snowflake, BigQuery), but Dust has no native, editable spreadsheet-grid feature of its own with arrow-key navigation and copy-paste, the way a dedicated data-table product does.", + shortDescription: + 'Query Tables runs SQL over external data; there is no native editable data grid.', + source: { + url: 'https://docs.dust.tt/docs/table-queries', + label: 'Table queries | Dust Docs', + asOf: '2026-07-02', + }, + }, + ], + facts: { + platform: { + builderType: { + value: + 'Form-based, instruction-driven agent builder (name, description, instructions, model, tools, knowledge), not a visual node/flow canvas', + detail: + "Dust's Agent Builder manages agent metadata, model settings, instructions, actions/tools, Skills, triggers, and access permissions through structured form fields and natural-language instructions, guided by an 'Agent Builder Sidekick' conversational assistant. Its earlier visual, block-based orchestration product ('Dust Apps', with Input/Data/LLM/Code/Map/Reduce blocks) is deprecated as of October 2025.", + shortValue: 'Form/instruction-based builder, not a node canvas', + confidence: 'verified', + sources: [ + { + url: 'https://deepwiki.com/dust-tt/dust/3.2-agent-builder-interface', + label: 'Agent Builder Interface | dust-tt/dust | DeepWiki', + asOf: '2026-07-02', + }, + { + url: 'https://docs.dust.tt/reference/dust-apps-core-concepts', + label: 'Dust Apps: Core Concepts | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + learningCurve: { + value: + 'Low for simple no-code agents from a template; steeper for custom MCP tool integrations, Query Tables/SQL, and GitOps-managed configurations', + detail: + 'Dust markets itself as a no-code agent builder for business users starting from templates with Sidekick guidance, while custom MCP servers, SQL-based Query Tables, and Git-based configuration management assume technical familiarity.', + shortValue: 'Easy for templated agents, steeper for custom tools/SQL/GitOps', + confidence: 'estimated', + sources: [ + { + url: 'https://dust.tt/blog/no-code-ai-agent-builder', + label: 'No-Code AI Agent Builder | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + selfHostOption: { + value: + 'No: the core repository is MIT-licensed and public on GitHub, but self-hosting is not an officially supported or documented deployment path; Dust is sold and operated only as hosted SaaS', + detail: + 'dust-tt/dust is publicly available and MIT-licensed, but Dust the company documents only its hosted product (with US/EU region choice), not a supported self-managed installation.', + shortValue: 'No, MIT code exists but only SaaS is supported', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/dust-tt/dust/blob/main/LICENSE', + label: 'dust-tt/dust LICENSE (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + deploymentOptions: { + value: + 'Multi-tenant hosted cloud with a choice of US or EU data-hosting region; Enterprise plan adds single-tenant deployment', + detail: + "Dust's Enterprise plan documentation lists 'US & EU data residency options' and 'single-tenant deployment' alongside SSO/SCIM; lower tiers are multi-tenant cloud only.", + shortValue: 'Hosted cloud, US/EU regions, single-tenant on Enterprise', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/changelog/eu-data-hosting-option-available', + label: 'EU data hosting option available | Dust changelog', + asOf: '2026-07-02', + }, + { + url: 'https://dust.tt/home/enterprise', + label: 'Dust for Enterprise', + asOf: '2026-07-02', + }, + ], + }, + templates: { + value: + 'Yes: a Template Gallery of pre-built agents organized by department/use case (Sales, Support, Marketing, Engineering, HR, IT operations)', + detail: + "Selecting a template opens a Sidekick-guided creation flow pre-loaded with the template's instructions and suggested tools/data sources, which the builder then reviews, adjusts, and publishes.", + shortValue: 'Template gallery organized by department/use case', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/templates', + label: 'Templates | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + license: { + value: + 'Core repository MIT-licensed (dust-tt/dust), but commercially offered only as hosted SaaS', + detail: + 'The dust-tt/dust GitHub repository, written primarily in TypeScript, is published under the permissive MIT License. The commercial dust.tt product is a proprietary hosted service on top of that code, and no self-hosted licensing tier is offered.', + shortValue: 'MIT-licensed code; product sold only as SaaS', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/dust-tt/dust/blob/main/LICENSE', + label: 'dust-tt/dust LICENSE (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + environmentPromotion: { + value: + 'Partial: GitOps sync via an official GitHub Action version-controls and syncs Skills/agent configurations from a Git repository into a workspace, but this is configuration sync, not a documented dev/test/prod multi-environment promotion model', + detail: + 'The dust-github-action lets teams define Skills and agent configurations as files, review changes via pull request, and sync them into a Dust workspace from CI/CD, giving change history and rollback. No dedicated separate-environment (e.g. staging vs. production workspace) promotion pipeline is documented beyond this Git-to-workspace sync.', + shortValue: 'Git-based config sync/rollback, not a formal environment-promotion pipeline', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/changelog/gitops-sync-for-skills-agent-configurations-with-github-action', + label: 'GitOps sync for Skills & Agent configurations | Dust changelog', + asOf: '2026-07-02', + }, + ], + }, + versionControlDepth: { + value: + 'Agent configurations carry an incrementing version number, each prompt/instruction version is saved and recoverable, and Git-based rollback is available via the GitOps GitHub Action; no dedicated visual diff/compare view is documented', + detail: + "Each agent configuration change increments a version number, and 'each version of a prompt is now saved and accessible, with the ability to recover previous assistant instructions'. The GitOps GitHub Action separately provides Git history, PR review, and rollback for configurations managed as code.", + shortValue: 'Versioned configs with prompt history and Git-based rollback', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/changelog/prompt-version-history', + label: 'Prompt version history | Dust changelog', + asOf: '2026-07-02', + }, + { + url: 'https://deepwiki.com/dust-tt/dust/3.1-agent-configuration-and-management', + label: 'Agent Configuration and Management | dust-tt/dust | DeepWiki', + asOf: '2026-07-02', + }, + ], + }, + realtimeCollaboration: { + value: + "No: Dust markets itself as 'multiplayer AI' for shared conversations, mentions, notifications, and to-dos between people and agents in a workspace, but this is asynchronous shared workspace collaboration, not live concurrent multi-user editing of the same agent configuration with synced cursors/selections", + detail: + "Dust's own materials describe a shared workspace where 'teams and agents work in the same workspace with shared projects, context, conversations, to-dos, notifications' rather than live co-editing of a single agent's configuration.", + shortValue: 'Shared async workspace, not live co-editing of one config', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/collaboration', + label: 'Collaboration | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + nativeFileStorage: { + value: + 'No: Dust has no folder-hierarchy, link-sharing, recycle-bin file manager of its own; files are handled as agent-conversation uploads/outputs or through connected external services (Google Drive, Notion, etc.)', + detail: + 'Agents can generate, read, and edit files (PDF, Word, Excel, Google Docs/Sheets/Slides) within a conversation or a connected Drive/Notion account, but no standalone Dust-native shared-drive product surface with folder hierarchy and permissioned link-sharing was found.', + shortValue: 'No native file manager; files live in conversations or connectors', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/file-generation', + label: 'File Generation | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + dataTables: { + value: + 'No: Query Tables lets an agent generate and run SQL queries against structured sources (CSVs, Notion databases, Google Sheets, Snowflake, BigQuery), but there is no native, editable spreadsheet-grid feature with arrow-key navigation and copy-paste', + detail: + "Query Tables is described as letting agents 'execute SQL queries on structured data' and join tables across sources; this is a query layer over external/uploaded data, not an in-product spreadsheet UI a person edits directly.", + shortValue: 'SQL query layer over external tables, not an editable grid', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/table-queries', + label: 'Table queries | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + richTextEditor: { + value: + 'Partial: agents can create and edit Google Docs/Sheets/Slides and generate Word/PDF files, and Frames render interactive documents from a conversation, but Dust has no inline, in-product WYSIWYG rich-text editing surface of its own', + detail: + "'Frames' turn agent output into an explorable, shareable interactive document (charts, filters, view switching), and agents can create/edit Google Drive documents directly, but document editing itself happens in the connected Google Docs surface or as generated file output, not a native Dust WYSIWYG editor.", + shortValue: 'Generates/edits external docs and Frames, no native WYSIWYG editor', + confidence: 'estimated', + sources: [ + { + url: 'https://blog.dust.tt/introducing-frames-interactive-data-visualized/', + label: 'Introducing Frames: Interactive data, visualized | Dust Blog', + asOf: '2026-07-02', + }, + { + url: 'https://docs.dust.tt/changelog/dust-agents-can-now-create-and-edit-google-drive-documents', + label: 'Dust Agents Can Now Create and Edit Google Drive Documents | Dust changelog', + asOf: '2026-07-02', + }, + ], + }, + }, + aiCapabilities: { + multiLlmSupport: { + value: + 'Yes: agents can be configured with a choice of model (e.g. GPT-5, Claude, Gemini, Mistral) and a creativity/temperature setting, selectable per agent', + detail: + 'Advanced agent settings let a builder pick the model and a temperature preset (Creative, Balanced, Factual, Deterministic); marketing materials name GPT-5, Claude, Gemini, and Mistral as selectable models.', + shortValue: 'GPT-5, Claude, Gemini, Mistral selectable per agent', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/what-settings-model-should-i-use', + label: 'What settings / model should I use? | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + agentReasoningBlocks: { + value: + 'Yes: agents autonomously select and call tools (data-source search, Query Tables, MCP tools, code execution, web search) based on the instructions and conversation, rather than following a fixed, pre-wired step sequence', + detail: + "Documented as 'multi-tool agents': a single agent can be given multiple tools/actions and picks which to invoke per user turn, distinct from Dust's deprecated block-based Dust Apps, which used a fixed chain of blocks.", + shortValue: 'Agents dynamically pick from multiple configured tools', + confidence: 'verified', + sources: [ + { + url: 'https://blog.dust.tt/introducing-multi-tool-assistants/', + label: 'Introducing: multi-tool agents | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + naturalLanguageBuilding: { + value: + "Yes: an 'Agent Builder Sidekick' converses with the builder to draft instructions, and suggests tools/data sources, from a plain-language description or a selected template", + detail: + 'Selecting a template opens a Sidekick-guided creation flow; Sidekick drafts initial instructions and suggests tools/data sources for the builder to review and adjust before publishing.', + shortValue: 'Sidekick drafts agent instructions/tools conversationally', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/agent-builder-sidekick', + label: 'Agent Builder Sidekick | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + knowledgeBaseRag: { + value: + 'Yes: agents can be given Search/RAG access to connected Data Sources (Slack, Notion, Google Drive, Confluence, GitHub, and more), with semantic search over synced content', + detail: + "Dust's Search method retrieves and ranks relevant passages from selected Data Sources for an agent to ground its answer in, distinct from the Query Tables SQL-based tool used for structured data.", + shortValue: 'RAG search over connected Slack/Notion/Drive/Confluence data', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/understanding-retrieval-augmented-generation-rag-and-the-search-method-in-dust', + label: 'Understanding Retrieval Augmented Generation (RAG) | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + mcpSupport: { + value: + 'Yes: admins can add Remote MCP Servers (Dust-built or any public MCP server) to a Space, and Client-Side MCP Servers let a local client register tools for a specific conversation at runtime', + detail: + "Remote MCP Servers are added via Spaces > Tools > Add Tool; Client-Side MCP Servers execute tools in the client's own environment for sensitive local operations, distinct from server-hosted tools.", + shortValue: 'Remote and client-side MCP server support for agent tools', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/remote-mcp-server', + label: 'Adding an MCP Server | Dust Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.dust.tt/docs/client-side-mcp-server', + label: 'Client Side MCP Server (Preview) | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + evaluationGuardrails: { + value: + "No dedicated pre-deployment evaluation/guardrail framework: Dust's own blog states it is 'not a pre-deployment evaluation platform' and that dataset-based regression testing belongs in CI/CD pipelines, not a built-in Dust feature", + detail: + 'Dust instead builds observability signals (usage trends, tool execution patterns, feedback tracking, latency, RAG behavior) natively into the Agent Builder dashboard rather than a formal test-dataset evaluation suite comparable to a dedicated evals feature.', + shortValue: "Dust's own blog says it is not a pre-deployment eval platform", + confidence: 'verified', + sources: [ + { + url: 'https://dust.tt/blog/evaluation-to-maintenance', + label: 'From Evaluation to Maintenance | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + humanInTheLoop: { + value: + "Yes: MCP tool execution supports an approval step ('always ask' vs. auto-execute) before a tool call runs, and Dust's own guidance recommends human approval checkpoints before irreversible agent actions", + detail: + "Dust's MCP tool architecture includes an approval-workflow layer for tool execution, and Dust's own content recommends 'mandatory steps, and human approval points before any irreversible action' for consequential agent actions, though this is documented as tool-execution approval rather than a single named workflow node like a dedicated approval action in a workflow tool.", + shortValue: 'MCP tool-execution approval step; documented best-practice guidance', + confidence: 'estimated', + sources: [ + { + url: 'https://deepwiki.com/dust-tt/dust/4-agent-system', + label: 'MCP Tool System | dust-tt/dust | DeepWiki', + asOf: '2026-07-02', + }, + { + url: 'https://dust.tt/blog/ai-agent-workflows', + label: 'AI agent workflows: How they work and how to build your own | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + generativeMedia: { + value: + 'Partial: native image generation (via Gemini/Nano Banana) with reference-image consistency and parallel generation is built in; no dedicated native video-generation or text-to-speech/speech-to-text block was found', + detail: + "Dust's Image Generation capability uses an underlying Gemini image model, supports up to 14 reference images for visual consistency across a series, and can run multiple generations in parallel; generated images are filtered for safety. Video and TTS/STT were not found as native Dust capabilities.", + shortValue: 'Native image generation with reference images; no native video/audio gen', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/image-generation', + label: 'Image Generation | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + dynamicToolUse: { + value: + 'Yes: a single agent can be configured with multiple tools/actions and dynamically chooses which to invoke per turn based on the conversation, rather than following one pre-wired tool call', + detail: + "Documented as 'multi-tool agents': the agent picks from its configured tool pool (data-source search, Query Tables, MCP tools, code execution, web search) at inference time.", + shortValue: 'Agent dynamically selects among its configured tools', + confidence: 'verified', + sources: [ + { + url: 'https://blog.dust.tt/introducing-multi-tool-assistants/', + label: 'Introducing: multi-tool agents | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + modelFallback: { + value: 'Not publicly documented', + detail: + 'No Dust source describes automatic fallback to a different model/provider on a failed or rate-limited call.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + agentSkills: { + value: + "Yes: 'Skills' are named, reusable packages of instructions, knowledge, and tools shareable across multiple agents, distinct from a one-off system prompt on a single agent", + detail: + "Updating a Skill's instructions automatically propagates the change to every agent using it. Skills can also be managed as files via the GitOps GitHub Action for version-controlled, PR-reviewed updates.", + shortValue: "Named, reusable, cross-agent 'Skills' with GitOps management", + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/skills', + label: 'Skills | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + nativeChatDeployment: { + value: + 'Yes: agents are used and deployed through a native web chat surface and directly inside Slack and Microsoft Teams, without a separate form/API/webhook deployment step', + detail: + "Agents are invoked with an '@handle' in Dust's own chat interface, in Slack, and in Teams; this is the primary interaction surface for the product, not an optional add-on channel.", + shortValue: 'Native web chat plus Slack and Teams deployment', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/dust-in-teams', + label: 'Dust in Teams | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + kbChunkVisibility: { + value: + 'Partial: Dust surfaces footnote-style citations tied to a specific source document in agent answers, but no dedicated raw chunk-index/content debugging inspector distinct from citation footnotes was confirmed', + detail: + 'Documentation confirms the Search/RAG method attributes answers back to specific source documents via citations; whether a raw chunk-content inspector view (beyond the citation itself) exists as a separate debugging surface was not confirmed in available docs.', + shortValue: 'Citations point to source documents; raw chunk inspector not confirmed', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/understanding-retrieval-augmented-generation-rag-and-the-search-method-in-dust', + label: 'Understanding Retrieval Augmented Generation (RAG) | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + parallelExecution: { + value: + 'Partial: agents can run multiple tool calls (e.g. several image generations) concurrently within a turn, but Dust has no visual branch/fan-out-and-join execution model since it is not a node-based workflow builder', + detail: + 'Documented parallel behavior is scoped to specific tools (e.g. simultaneous image generations for an asset pipeline), not a general-purpose concurrent-branch primitive across an agent run.', + shortValue: 'Some tools run concurrently; no general branch/fan-out model', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/image-generation', + label: 'Image Generation | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + a2aProtocol: { + value: 'Not publicly documented', + detail: + 'No official Dust documentation describes native Agent2Agent (A2A) protocol support; Dust appears only in third-party community lists of A2A-adjacent tools, not in its own docs or blog.', + shortValue: 'Not publicly documented by Dust', + confidence: 'unknown', + sources: [], + }, + }, + integrations: { + integrationCount: { + value: + '50+ native connections (Slack, Notion, Google Drive, Confluence, GitHub, Salesforce, HubSpot, Zendesk, and more), plus MCP servers for further extensibility', + detail: + "Dust's own enterprise page states 'native integrations to 50+ business tools'; some third-party listings cite higher figures (100+) that likely include MCP-based and community integrations beyond the core native connector count.", + shortValue: '50+ native connections per Dust', + confidence: 'estimated', + sources: [ + { + url: 'https://dust.tt/home/enterprise', + label: 'Dust for Enterprise', + asOf: '2026-07-02', + }, + ], + }, + triggerTypes: { + value: + 'Natural-language scheduled triggers and event-based triggers from connected systems (e.g. Slack messages), invoked in addition to manual chat invocation', + detail: + "Scheduled triggers run an agent on a recurring, plain-language schedule ('Every weekday at 8:30am') without cron syntax; Dust's Triggers feature separately supports agents reacting to events from external systems rather than only manual chat.", + shortValue: 'Natural-language schedules plus event-based triggers', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/triggers', + label: 'Triggers | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + customCodeSteps: { + value: + 'Partial: Val Town integration lets an agent create/deploy and call serverless JavaScript/TypeScript functions from a conversation; the legacy Dust Apps Code block is deprecated', + detail: + 'The Val Town integration supports function creation and deployment of serverless JS/TS functions directly from agent conversations, with real-time results; the earlier general-purpose Code block belonged to the now-deprecated Dust Apps orchestration product.', + shortValue: 'Val Town serverless functions; legacy Code block is deprecated', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/val-town', + label: 'Val Town | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + apiPublishing: { + value: + 'Yes: a documented Conversation API lets external applications create conversations and post messages to Dust agents programmatically, and a Developer Platform covers broader API access', + detail: + 'Client-Side MCP Servers register local tools by creating conversations and posting messages through the Conversation API, which functions as a callable integration surface for external applications.', + shortValue: 'Conversation API for external app integration', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/client-side-mcp-server', + label: 'Client Side MCP Server (Preview) | Dust Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.dust.tt/reference/developer-platform-overview', + label: 'Developer platform | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + extensibilitySdk: { + value: + 'MIT-licensed core repository (dust-tt/dust) on GitHub, a documented Developer Platform/API, an official GitHub Action for GitOps config sync, and community-built MCP bridges', + detail: + 'There is no separate first-party multi-language client SDK beyond the API/GitHub Action; extensibility instead centers on the open MIT-licensed codebase, the public API, and the MCP ecosystem, including third-party community projects (e.g. a community-built dust-mcp-server bridge).', + shortValue: 'Open MIT repo, API, GitHub Action, MCP ecosystem', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/dust-tt/dust', + label: 'dust-tt/dust (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + mcpPublishing: { + value: + 'Yes: Dust can be exposed as an MCP server so external MCP-compatible clients (e.g. Claude Desktop, Cursor) can call Dust agents and data as tools, in addition to consuming external MCP servers itself', + detail: + "Dust's architecture is described as playing a dual role: a client (consuming external MCP tools) and a server (exposing its own agents/data sources) for external AI tools to call, positioning it as a hub rather than a one-directional MCP consumer.", + shortValue: 'Dust agents/data can be called by external MCP clients', + confidence: 'estimated', + sources: [ + { + url: 'https://blog.dust.tt/mcp-emerging-enterprise-ai-os-layer/', + label: 'MCP and the emerging enterprise AI OS layer | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + }, + pricing: { + pricingModel: { + value: 'Per-seat subscription with a monthly AI-usage credit allocation per seat', + detail: + 'Business plan seats (Pro, Max) each include a monthly credit allocation that resets every billing period; credit consumption depends on the model used, task complexity, and any tools the agent invokes (search, retrieval, code execution, connected-app actions).', + shortValue: 'Per-seat pricing with monthly credit allocations', + confidence: 'verified', + sources: [ + { + url: 'https://dust.tt/home/pricing', + label: 'Dust Pricing', + asOf: '2026-07-02', + }, + ], + }, + entryPaidPlan: { + value: 'Business Pro: $30/month per seat ($24/month billed yearly), 8,000 credits/month', + detail: + "The Business plan's Pro tier is the entry paid tier above the free plan; a higher Max tier ($150/month, or $120/month billed yearly) includes 40,000 credits/month.", + shortValue: '$30/month per seat (or $24/month annual), 8,000 credits', + confidence: 'verified', + sources: [ + { + url: 'https://dust.tt/home/pricing', + label: 'Dust Pricing', + asOf: '2026-07-02', + }, + ], + }, + freeTier: { + value: + 'Yes: a free Business tier for up to 5 users, 3 connectors, and 5 Spaces, no credit card required', + detail: + 'Downgrading from a paid plan retains data but restricts the workspace to a single user, no connections, and limited agent interactions.', + shortValue: 'Free for up to 5 users, 3 connectors, 5 Spaces', + confidence: 'verified', + sources: [ + { + url: 'https://dust.tt/home/pricing', + label: 'Dust Pricing', + asOf: '2026-07-02', + }, + ], + }, + byok: { + value: + 'No dedicated BYOK program found: Dust bills usage via plan-included AI credits rather than documenting a bring-your-own-provider-API-key option', + detail: + 'Pricing is structured around per-seat monthly credits that scale with model/task/tool complexity; no Dust source describes letting a workspace supply its own OpenAI/Anthropic API key in place of credit consumption.', + shortValue: 'Not documented; usage billed via included credits', + confidence: 'unknown', + sources: [], + }, + }, + security: { + soc2: { + value: 'Yes: SOC 2 Type II certified, achieved audit readiness with Vanta in three weeks', + detail: + "Dust's own security page states SOC 2 Type II certification; a Vanta customer case study describes Dust achieving SOC 2 Type II audit readiness in three weeks using Vanta's automation, reducing compliance workload by roughly 50%. The report is downloadable via Dust's Trust Center.", + shortValue: 'SOC 2 Type II certified, report via Trust Center', + confidence: 'verified', + sources: [ + { + url: 'https://www.vanta.com/customers/dust', + label: 'With Vanta, Dust achieved SOC 2 Type II audit readiness in three weeks', + asOf: '2026-07-02', + }, + { + url: 'https://trust.dust.com/', + label: 'Dust Trust Center', + asOf: '2026-07-02', + }, + ], + }, + dataResidency: { + value: 'Yes: selectable US or EU data-hosting region', + detail: + "Dust's changelog documents an 'EU data hosting option' becoming available, and the Enterprise plan page lists 'US & EU data residency options' as a named feature.", + shortValue: 'Selectable US or EU hosting region', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/changelog/eu-data-hosting-option-available', + label: 'EU data hosting option available | Dust changelog', + asOf: '2026-07-02', + }, + ], + }, + rbac: { + value: + 'Yes: three workspace roles (Member, Builder, Admin) plus per-Space access control, where only members of the Spaces an agent uses can see and use that agent', + detail: + 'Members can chat with and build agents; Builders additionally manage Folders and use the API; Admins manage workspace settings, connections, and member roles. Spaces (open or restricted) gate which members can see specific data sources, tools, and the agents built on them.', + shortValue: 'Member/Builder/Admin roles plus per-Space access gating', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/access-controls-and-permissions', + label: 'Access Controls and Permissions | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + auditLogging: { + value: + 'Yes: audit logs available on the Enterprise plan, documented with 365-day retention', + detail: + "The Enterprise plan lists audit logs among its named features; a third-party enterprise summary specifies 365-day audit log retention, though this figure was not independently confirmed on Dust's own pricing/security pages.", + shortValue: 'Enterprise-tier audit logs, ~365-day retention', + confidence: 'estimated', + sources: [ + { + url: 'https://dust.tt/home/pricing', + label: 'Dust Pricing', + asOf: '2026-07-02', + }, + ], + }, + additionalCompliance: { + value: + 'GDPR compliant, HIPAA-ready/capable, SOC 2 Type II; no ISO 27001, PCI, or FedRAMP found', + detail: + "Dust's security page and enterprise materials state GDPR compliance and describe HIPAA-compliance capability alongside SOC 2 Type II; no source confirms a formal ISO 27001 certification, PCI-DSS, or FedRAMP authorization.", + shortValue: 'GDPR, HIPAA-capable, SOC 2 Type II', + confidence: 'estimated', + sources: [ + { + url: 'https://dust.tt/home/security', + label: 'Dust Security', + asOf: '2026-07-02', + }, + ], + }, + modelAndToolGovernance: { + value: 'Not publicly documented', + detail: + 'No Dust source describes admin-configurable restrictions on which LLM providers/models or which specific tools a role may use, beyond Space-level data/tool access and workspace-wide model settings.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + credentialGovernance: { + value: + 'Partial: Space-based access control governs which members can use a given connection/data source, but no documented feature restricts which specific stored credential a role may use for the same connector', + detail: + 'Only workspace admins can add data from Connections to a Space, and only members of that Space can use the agents/tools built on it; this gates access to a Connection as a whole rather than choosing among multiple stored credentials for the same service by role.', + shortValue: 'Space-level connection gating, not per-credential role restriction', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/access-controls-and-permissions', + label: 'Access Controls and Permissions | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + whiteLabeling: { + value: 'Not publicly documented', + detail: + 'No Dust source describes a white-label/custom-branding offering for the workspace or chat UI.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + dataRetention: { + value: 'Yes: Enterprise plan documents custom data retention as a named feature', + detail: + "Dust's Enterprise plan page lists 'custom data retention' alongside SSO, SCIM, and audit logs; specific configurable windows were not detailed in available docs.", + shortValue: 'Enterprise plan offers custom retention windows', + confidence: 'estimated', + sources: [ + { + url: 'https://dust.tt/home/enterprise', + label: 'Dust for Enterprise', + asOf: '2026-07-02', + }, + ], + }, + piiRedaction: { + value: 'Not publicly documented', + detail: + 'No Dust source describes a built-in PII detection/redaction feature for workflow content or retained logs.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + sso: { + value: + 'Yes: SSO (e.g. Okta, Entra, JumpCloud) and SCIM user provisioning on the Enterprise plan', + detail: + 'Enterprise plan materials name SSO and SCIM explicitly, and a third-party enterprise summary lists Okta/Entra/JumpCloud as example supported identity providers.', + shortValue: 'SSO and SCIM provisioning, Enterprise plan', + confidence: 'verified', + sources: [ + { + url: 'https://dust.tt/home/enterprise', + label: 'Dust for Enterprise', + asOf: '2026-07-02', + }, + ], + }, + }, + observability: { + tracingDepth: { + value: + 'Yes: an Agent Builder dashboard shows real-time usage trends, tool execution patterns, feedback tracking, latency metrics, and RAG behavior tied to specific agent versions', + detail: + "Described as built natively into the agent-builder workflow with 'zero setup', showing signals specific to how agents work on the Dust platform, rather than a general-purpose distributed-tracing/span export product.", + shortValue: 'Per-agent-version dashboard: usage, tools, feedback, latency, RAG', + confidence: 'estimated', + sources: [ + { + url: 'https://deepwiki.com/dust-tt/dust/3.1-agent-configuration-and-management', + label: 'Agent Configuration and Management | dust-tt/dust | DeepWiki', + asOf: '2026-07-02', + }, + ], + }, + durabilityModel: { + value: 'Not publicly documented', + detail: + 'No Dust source describes automatic retries, checkpointing, or replay of a past agent run with its original inputs.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + failureAlerting: { + value: 'Not publicly documented', + detail: + 'No Dust source describes proactive alerting when an agent run fails or crosses a cost/latency threshold.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + dataDrains: { + value: 'Not publicly documented', + detail: + 'No Dust source describes continuous export of execution/audit/usage data to an external destination (S3, BigQuery, webhook, etc.).', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + asyncExecution: { + value: + 'Yes: scheduled and event-based Triggers run an agent in the background without a synchronous chat request, and results are delivered to a configured destination (e.g. Slack) rather than blocking a caller', + detail: + 'Scheduled triggers execute on a recurring cadence (e.g. daily pipeline review posted to Slack every morning); this is inherently asynchronous relative to a live chat turn.', + shortValue: 'Scheduled/event triggers run agents asynchronously', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/triggers', + label: 'Triggers | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + executionLimits: { + value: 'Not publicly documented', + detail: + 'No Dust source publishes concrete numeric limits for maximum single-run duration or concurrent agent-run caps.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + partialFailureHandling: { + value: 'Not publicly documented', + detail: + 'No Dust source describes routing one failing tool call to an error-handling path while the rest of an agent turn continues, versus the whole turn failing.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + }, + support: { + supportChannels: { + value: + 'Documentation (docs.dust.tt), a public community (community.dust.tt), a blog/changelog, and enterprise account support; Enterprise plans reference dedicated onboarding', + detail: + 'Dust maintains a structured documentation site, a community forum, and a regularly updated changelog; enterprise customers are documented as receiving allocated onboarding/training hours scaled to customer segment.', + shortValue: 'Docs, community forum, changelog, enterprise onboarding', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/', + label: 'Dust Docs', + asOf: '2026-07-02', + }, + ], + }, + sla: { + value: 'Not publicly documented', + detail: 'No Dust source publishes a product-specific uptime SLA percentage.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + community: { + value: + 'Active: a public community forum (community.dust.tt) and Dust Academy course discussions', + detail: + 'community.dust.tt hosts help/support threads (e.g. troubleshooting Table Query tool usage); it is smaller and newer than long-established open-source automation communities.', + shortValue: 'Active but newer community forum plus Academy', + confidence: 'estimated', + sources: [ + { + url: 'https://community.dust.tt/x/03help/vgwnzcrq96s6/using-the-table-queries-tool-for-database-files', + label: 'Using the Table Queries Tool for Database Files | Dust Community', + asOf: '2026-07-02', + }, + ], + }, + companyMaturity: { + value: + 'Dust, Inc. Founded 2022 in Paris by two former Stripe employees (one also ex-OpenAI). Raised a $40M Series B in May 2026 (co-led by Sequoia and Abstract, with Datadog and Snowflake participating), total funding over $60M. Reports 300,000+ agents deployed across 3,000+ organizations, 70% weekly active usage, and zero churn as of the raise', + detail: + "Customers named in Dust's own materials include Datadog, 1Password, and Qonto (Qonto reports 50+ specialized agents and 50,000+ hours saved annually). As a 2022-founded, venture-backed private company, it carries materially more switching risk than an incumbent like Microsoft, though it has real enterprise traction and revenue-retention metrics (240% net revenue retention reported at the raise).", + shortValue: 'Founded 2022, Paris; $60M+ raised; 3,000+ orgs, 300,000+ agents', + confidence: 'verified', + sources: [ + { + url: 'https://sifted.eu/articles/dust-series-b-40m', + label: 'Sequoia backs AI agents scaleup Dust in $40m Series B | Sifted', + asOf: '2026-07-02', + }, + { + url: 'https://dust.tt/blog/series-b-multiplayer-ai', + label: 'Dust raises $40M Series B to scale multiplayer AI | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + academy: { + value: + 'Yes: Dust Academy (dust.tt/academy) offers structured, hands-on courses on navigating the platform, chaining agent calls, connecting company data, agent actions/integrations, and scheduling agents', + detail: + 'Positioned explicitly as handling fundamentals so enterprise implementation teams can focus on customer-specific use cases rather than repeating basic training.', + shortValue: 'Structured Dust Academy course library', + confidence: 'verified', + sources: [ + { + url: 'https://dust.tt/academy', + label: 'Dust Academy', + asOf: '2026-07-02', + }, + { + url: 'https://dust.tt/blog/dust-academy', + label: 'Introducing the Dust Academy | Dust Blog', + asOf: '2026-07-02', + }, + ], + }, + }, + }, +} diff --git a/apps/sim/lib/compare/data/competitors/langchain.ts b/apps/sim/lib/compare/data/competitors/langchain.ts new file mode 100644 index 00000000000..7b74b598e08 --- /dev/null +++ b/apps/sim/lib/compare/data/competitors/langchain.ts @@ -0,0 +1,1061 @@ +import { LangChainIcon } from '@/components/icons' +import type { CompetitorProfile } from '@/lib/compare/data/types' + +/** Researched and cross-verified against live vendor sources on 2026-07-02. */ +export const langchainProfile: CompetitorProfile = { + id: 'langchain', + name: 'LangChain', + website: 'https://www.langchain.com', + isWorkflowBuilder: false, + brand: { + icon: LangChainIcon, + selfFramed: false, + colors: ['#1c3c34', '#3f7255', '#000000'], + source: 'Official brand guidelines', + asOf: '2026-07-02', + }, + oneLiner: + 'LangChain is an open-source Python/JavaScript framework for building LLM applications, paired with LangGraph (a low-level, code-first agent-orchestration library for stateful, long-running agents) and LangSmith (a commercial observability, evaluation, and deployment platform for both).', + standoutFeatures: [ + { + title: 'Durable execution via checkpointed graph state', + description: + "LangGraph's checkpointer snapshots the full graph state after every node completes. If a process crashes or an agent run is interrupted (timeout, human approval, service restart), execution resumes from the last checkpoint instead of restarting from scratch, and past checkpoints can be replayed for time-travel debugging.", + shortDescription: + 'Snapshots graph state after every node so runs resume, not restart, on failure.', + source: { + url: 'https://www.langchain.com/blog/fault-tolerance-in-langgraph', + label: 'Fault Tolerance in LangGraph (LangChain Blog)', + asOf: '2026-07-02', + }, + }, + { + title: 'Dynamic parallel fan-out via the Send API', + description: + 'A routing function can return a list of Send objects instead of a single next-node key, letting LangGraph spawn a runtime-determined number of parallel branches (e.g. one worker per item in a list of unknown length) that merge back through a state reducer, a native map-reduce pattern rather than a fixed number of parallel branches wired at build time.', + shortDescription: + 'Send API spawns a runtime-determined number of parallel branches that merge via a reducer.', + source: { + url: 'https://docs.langchain.com/oss/python/langgraph/use-graph-api', + label: 'Use the graph API - Docs by LangChain', + asOf: '2026-07-02', + }, + }, + { + title: 'LangSmith evaluation stack: datasets, LLM-as-judge, annotation queues, Align Evals', + description: + 'LangSmith supports building test datasets from production traces, scoring runs with configurable LLM-as-judge evaluators or heuristic/pairwise comparisons, routing outputs to human annotation queues for review, and an Align Evals feature that calibrates an LLM-judge against accumulated human corrections over time.', + shortDescription: + 'Datasets, LLM-as-judge, human annotation queues, and judge-calibration in one eval stack.', + source: { + url: 'https://www.langchain.com/langsmith/evaluation', + label: 'LangSmith Evaluations', + asOf: '2026-07-02', + }, + }, + { + title: 'SKILL.md-based reusable agent skills via Deep Agents SkillsMiddleware', + description: + "The Deep Agents harness (LangChain's batteries-included agent framework) ships a SkillsMiddleware that loads named SKILL.md files from a directory and injects them into the system prompt using progressive disclosure (metadata surfaced first, full instructions pulled in on demand), letting a team define a workflow once and reuse it as a named capability across multiple agents.", + shortDescription: + 'SkillsMiddleware loads named SKILL.md files and injects them via progressive disclosure.', + source: { + url: 'https://reference.langchain.com/python/deepagents/middleware/skills', + label: 'skills | deepagents | LangChain Reference', + asOf: '2026-07-02', + }, + }, + { + title: 'Native A2A protocol support as both server and client', + description: + "A locally run LangGraph dev server exposes A2A protocol endpoints at /a2a/{assistant_id}, and the LangSmith Deployment A2A endpoint maps the protocol's contextId to a LangGraph thread_id for tracing continuity, so any LangChain/LangGraph agent can expose itself as an A2A server and call other A2A-compliant agents built on different frameworks.", + shortDescription: + 'Agents expose themselves as A2A servers and call other A2A agents across frameworks.', + source: { + url: 'https://docs.langchain.com/langsmith/server-a2a', + label: 'A2A endpoint in Agent Server - Docs by LangChain', + asOf: '2026-07-02', + }, + }, + { + title: 'LangGraph Studio: a browser-based visual agent IDE with time-travel debugging', + description: + "Studio renders a running agent's graph (nodes, edges, conditional branches) visually, lets a developer inspect state at every node, rewind to a previous checkpoint, edit the state, and fork a new execution path from there, and hot-reloads when a prompt or tool signature changes in code.", + shortDescription: 'Visual graph IDE with checkpoint rewind, state editing, and hot-reload.', + source: { + url: 'https://www.langchain.com/blog/langgraph-studio-the-first-agent-ide', + label: 'LangGraph Studio: The first agent IDE', + asOf: '2026-07-02', + }, + }, + ], + limitations: [ + { + title: 'Code-first framework, not a visual builder for non-developers', + description: + 'Building an agent means writing Python or JavaScript against the LangChain/LangGraph APIs. LangGraph Studio visualizes and debugs an already-coded graph, but it does not let a non-developer assemble agent logic from scratch by dragging and connecting blocks the way a visual workflow builder does.', + shortDescription: + 'Building agents means writing code; Studio only visualizes and debugs graphs already written.', + source: { + url: 'https://docs.langchain.com/oss/python/langgraph/use-graph-api', + label: 'Use the graph API - Docs by LangChain', + asOf: '2026-07-02', + }, + }, + { + title: 'No native, publicly deployable chat UI shipped with the open-source libraries', + description: + 'Neither LangChain nor LangGraph ships a first-party, hosted chat widget or public chat surface a builder can toggle on for an end user. Teams that want a deployed conversational UI build their own frontend (or use a separate framework like Chainlit/Streamlit) and call the LangGraph Agent Server as a backend.', + shortDescription: + 'No first-party hosted chat UI; teams build their own frontend against the Agent Server.', + source: { + url: 'https://docs.langchain.com/langsmith/assistants', + label: 'Assistants - Docs by LangChain', + asOf: '2026-07-02', + }, + }, + { + title: 'Durability is checkpoint persistence, not automatic failure detection', + description: + "LangGraph's checkpointer saves state after every node, but production commentary notes there is no automatic detection of a crashed process; the checkpointer only lets a resumed process recover from the last saved state. An operator (or external process supervisor) still has to notice the failure and trigger the resume.", + shortDescription: + 'Checkpointer saves state on failure, but nothing automatically detects a crashed process.', + source: { + url: 'https://www.diagrid.io/blog/checkpoints-are-not-durable-execution-why-langgraph-crewai-google-adk-and-others-fall-short-for-production-agent-workflows', + label: "Why Checkpoints Aren't Durable Execution: LangGraph", + asOf: '2026-07-02', + }, + }, + { + title: 'No dedicated native image/video/audio generation capability', + description: + 'LangChain and LangGraph provide standardized model integrations, so an agent can call a multimodal provider (DALL-E, an image model via a provider integration) as a tool, but there is no first-party, dedicated generative-media node or block comparable to a purpose-built image/video-generation feature.', + shortDescription: + 'Multimodal generation happens only through provider integrations, not a dedicated first-party block.', + source: { + url: 'https://docs.langchain.com/oss/python/langchain/mcp', + label: 'Model Context Protocol (MCP) - Docs by LangChain', + asOf: '2026-07-02', + }, + }, + { + title: 'Full white-labeling and org-level credential governance are not documented', + description: + 'No LangSmith or LangGraph Platform documentation describes rebranding the platform UI with customer branding, or restricting a specific role/permission group to a specific stored credential/connection distinct from workspace-level RBAC and API-key scoping.', + shortDescription: + 'No documented white-labeling, and credential access is scoped by workspace RBAC, not per-credential.', + source: { + url: 'https://docs.langchain.com/langsmith/user-management', + label: 'User management - Docs by LangChain', + asOf: '2026-07-02', + }, + }, + ], + facts: { + platform: { + builderType: { + value: + 'Code-first Python/JavaScript framework (LangChain) plus a low-level graph-orchestration library (LangGraph) for building agents in code, with LangGraph Studio providing a browser-based visual IDE to render, inspect, and debug an already-coded agent graph, and Deep Agents providing a batteries-included harness on top of both', + detail: + 'There is no drag-and-drop agent authoring surface; developers write Python or TypeScript against LangChain/LangGraph APIs, and Studio visualizes the resulting graph for debugging and time-travel, rather than authoring it visually from scratch.', + shortValue: + 'Code framework plus a graph-visualization/debugging Studio, not a visual builder', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/blog/langgraph-studio-the-first-agent-ide', + label: 'LangGraph Studio: The first agent IDE', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/langchain-ai/deepagents', + label: 'langchain-ai/deepagents (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + learningCurve: { + value: + 'Steep for non-developers; moderate to steep for developers new to graph-based state machines and LLM orchestration concepts', + detail: + 'The framework assumes Python or JavaScript proficiency and introduces its own concepts (Runnables, graphs, checkpointers, reducers, Send/Command primitives) that take real ramp-up time even for experienced engineers; LangChain Academy exists specifically to address this learning curve.', + shortValue: 'Requires coding proficiency; own vocabulary (graphs, checkpointers, reducers)', + confidence: 'estimated', + sources: [ + { + url: 'https://academy.langchain.com/', + label: 'LangChain Academy', + asOf: '2026-07-02', + }, + ], + }, + selfHostOption: { + value: + 'Yes: the LangChain/LangGraph open-source libraries run entirely self-hosted by default (no vendor service required), and LangGraph Platform (the deployment/runtime layer) can also be fully self-hosted so no agent data leaves the customer VPC', + detail: + 'A basic LangGraph server can additionally be self-hosted for free on the Developer plan with up to 100k nodes executed per month; full self-hosting of the platform layer is typically an Enterprise offering.', + shortValue: 'Yes, both the OSS libraries and LangGraph Platform can be fully self-hosted', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/deploy-standalone-server', + label: 'Self-host standalone servers - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + deploymentOptions: { + value: + 'Any environment that runs Python/Node for the open-source libraries themselves; LangGraph Platform (renamed LangSmith Deployment) additionally offers a managed cloud service, a standalone self-hosted container (Docker/Kubernetes/VM with a Redis + Postgres backend), and a hybrid model', + detail: + 'Standalone container deployment requires a REDIS_URI (background task queue) and a DATABASE_URI (Postgres, for assistants/threads/runs/state); langgraph deploy (introduced March 2026) is the current production deployment path, superseding the older langgraph up Docker Compose flow.', + shortValue: 'OSS libraries anywhere, plus managed cloud, self-hosted container, or hybrid', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/langchain-ai/langgraph/blob/main/docs/docs/cloud/deployment/standalone_container.md', + label: 'Standalone container deployment docs (langgraph GitHub)', + asOf: '2026-07-02', + }, + ], + }, + templates: { + value: + 'Yes: a small, official set of LangGraph templates (RAG Chatbot, ReAct Agent, Data Enrichment Agent, plus a blank starter) available in Python and JavaScript, downloadable via LangGraph Studio or as standalone GitHub repos, alongside a much larger informal ecosystem of community-published starter repos', + detail: + 'The official template count is small and curated (four templates at launch) compared to marketplace-style template galleries seen on visual workflow builders; most reuse in practice comes from cloning community GitHub repos rather than an in-product template library.', + shortValue: + 'A handful of official templates (RAG, ReAct, Data Enrichment), plus community repos', + confidence: 'verified', + sources: [ + { + url: 'https://blog.langchain.com/launching-langgraph-templates/', + label: 'Launching LangGraph Templates (LangChain Blog)', + asOf: '2026-07-02', + }, + ], + }, + license: { + value: + 'MIT License (LangChain and LangGraph open-source libraries); LangSmith and LangGraph Platform are proprietary commercial SaaS/self-hosted products', + detail: + "Both the langchain-ai/langchain and langchain-ai/langgraph GitHub repos are MIT-licensed. LangSmith (observability/evaluation) and LangGraph Platform's managed/enterprise deployment tooling are commercial products layered on top of the free libraries, not covered by the MIT license.", + shortValue: 'MIT for the OSS libraries; LangSmith/Platform are commercial', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/langchain-ai/langchain', + label: 'langchain-ai/langchain (GitHub)', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/langchain-ai/langgraph', + label: 'langchain-ai/langgraph (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + environmentPromotion: { + value: + 'Partial: LangGraph Platform assistants are versioned (every edit creates a new version, with instant rollback to a prior version), but this is deployment/version management within one deployed service, not a Git-backed promotion of a whole project between separate dev/test/prod environments', + detail: + 'A LangGraph Platform deployment automatically creates a default assistant per graph; the platform tracks assistant versions and lets an operator roll back, comparable to a single-service release history rather than a multi-environment promotion pipeline.', + shortValue: + 'Assistant versioning with rollback, not whole-project multi-environment promotion', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/assistants', + label: 'Assistants - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + versionControlDepth: { + value: + 'Standard Git-based source control for agent code (since agents are code), plus LangGraph Platform assistant-level versioning with instant rollback; no in-product visual diff/compare UI beyond what Git tooling itself provides', + detail: + "Because the agent logic lives in a codebase, teams get full Git history, branching, and diffing for free through their own repository, distinct from a workflow builder's in-app version history panel; LangGraph Platform layers assistant versioning on top for the deployed configuration.", + shortValue: 'Git for code; assistant versioning/rollback for deployed configs', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/assistants', + label: 'Assistants - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + realtimeCollaboration: { + value: + "No: there is no live, concurrent multi-user editing surface, agents are authored as code in each developer's own editor/IDE and merged via standard Git workflows, not edited simultaneously inside a shared canvas", + detail: + 'LangGraph Studio is a debugging/visualization tool for a single running graph, not a multiplayer authoring surface with visible cursors or synced edits.', + shortValue: 'No, collaboration happens through Git, not live co-editing', + confidence: 'estimated', + sources: [ + { + url: 'https://www.langchain.com/blog/langgraph-studio-the-first-agent-ide', + label: 'LangGraph Studio: The first agent IDE', + asOf: '2026-07-02', + }, + ], + }, + nativeFileStorage: { + value: + 'No: neither LangChain, LangGraph, nor LangSmith provides a Drive-like file storage system with folder hierarchy, link sharing, or a recycle bin. File handling is done in application code via document loaders and external storage integrations (S3, GCS, local filesystem) that a developer wires up themselves', + detail: + "Deep Agents provides a virtual/in-memory filesystem abstraction for an agent's own working context (planning, scratch files), which is a per-run working memory concept, not a persistent, user-facing file manager.", + shortValue: 'No, file handling is via document-loader code, not a built-in file manager', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/oss/python/deepagents/overview', + label: 'Deep Agents overview - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + dataTables: { + value: + 'No: there is no native, in-product spreadsheet-like data table feature. Structured data storage is left entirely to whatever external database or vector store a developer integrates (Postgres, a vector store, etc.) via code', + detail: + "LangGraph's own persistence layer (checkpointer/store) is a state and memory backend for agent execution, not a user-facing spreadsheet grid for arbitrary structured data.", + shortValue: + 'No, no built-in spreadsheet-like table; state store is for agent memory, not data', + confidence: 'estimated', + sources: [], + }, + richTextEditor: { + value: + 'No: there is no inline WYSIWYG rich-text/document editor in any LangChain, LangGraph, or LangSmith product surface. Content is authored as code, markdown files (e.g. SKILL.md), or plain-text prompts', + detail: + "SKILL.md files used by Deep Agents' SkillsMiddleware are edited as raw Markdown in a code editor, not through an in-product WYSIWYG surface.", + shortValue: 'No, content is authored as code or raw Markdown, not WYSIWYG', + confidence: 'estimated', + sources: [ + { + url: 'https://reference.langchain.com/python/deepagents/middleware/skills', + label: 'skills | deepagents | LangChain Reference', + asOf: '2026-07-02', + }, + ], + }, + }, + aiCapabilities: { + multiLlmSupport: { + value: + 'Yes: LangChain provides a standardized interface (ChatModel/Runnable) to over 100 LLM providers and hundreds of documented integrations across providers, embeddings, and vector stores, including OpenAI, Anthropic, Google, AWS Bedrock, Azure OpenAI, Mistral, Cohere, and local models via Ollama', + detail: + "This is the framework's foundational design goal: swap providers by changing the model class instantiation, with the rest of a chain/graph remaining unchanged.", + shortValue: '100+ LLM providers via a standardized model interface', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/langchain', + label: 'LangChain: Open Source AI Agent Framework', + asOf: '2026-07-02', + }, + ], + }, + agentReasoningBlocks: { + value: + 'Yes: LangGraph is purpose-built low-level orchestration for stateful, reasoning-driven agents, distinct from a plain deterministic chain, supporting single-agent ReAct loops, multi-agent systems, and hierarchical/supervisor architectures within one graph-based framework', + detail: + 'Graphs model explicit decision points, conditional edges, and tool-calling loops as first-class constructs, giving low-level control over exactly how an agent reasons and branches, rather than a black-box agent abstraction.', + shortValue: + 'LangGraph provides low-level graph primitives for single- and multi-agent reasoning', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/langgraph', + label: 'LangGraph: Agent Orchestration Framework for Reliable AI Agents', + asOf: '2026-07-02', + }, + ], + }, + naturalLanguageBuilding: { + value: + 'No: there is no feature that converts a plain-text description into a working, editable agent graph. Agents are built by writing code against the LangChain/LangGraph APIs', + detail: + 'LangGraph Studio hot-reloads and visualizes changes made in code, but does not itself generate agent logic from a natural-language prompt.', + shortValue: 'No natural-language-to-agent generation feature found', + confidence: 'estimated', + sources: [], + }, + knowledgeBaseRag: { + value: + 'Yes: LangChain ships a full RAG toolkit (document loaders, text splitters, embeddings interfaces, and a standardized VectorStore interface) with integrations for Pinecone, Qdrant, Chroma, PGVector, Weaviate, and many others, usable as a retriever or wrapped as a callable tool for a LangGraph agent', + detail: + 'The official RAG Chatbot LangGraph template packages this pattern (retrieval step against a search index, then a generation step) as a ready-made starting point.', + shortValue: + 'Full RAG toolkit: loaders, splitters, and a standardized vector-store interface', + confidence: 'verified', + sources: [ + { + url: 'https://blog.langchain.com/launching-langgraph-templates/', + label: 'Launching LangGraph Templates (LangChain Blog)', + asOf: '2026-07-02', + }, + ], + }, + mcpSupport: { + value: + 'Yes: the official langchain-mcp-adapters library converts external MCP server tools into LangChain/LangGraph-compatible tools over stdio or streamable HTTP transport, letting an agent call tools across multiple MCP servers, and LangGraph agents can themselves be exposed for MCP consumption', + detail: + 'Interceptors give access to LangGraph runtime context during MCP tool execution, adding middleware-like control (modify requests, retries, dynamic headers) around MCP tool calls.', + shortValue: 'Official langchain-mcp-adapters library, stdio and streamable HTTP', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/langchain-ai/langchain-mcp-adapters', + label: 'langchain-ai/langchain-mcp-adapters (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + evaluationGuardrails: { + value: + 'Yes: LangSmith provides a dedicated evaluation stack, datasets built from sampled production traces, LLM-as-judge evaluators scored against defined criteria, heuristic checks, pairwise comparisons, human annotation queues, and an Align Evals feature that calibrates judges against accumulated human corrections over time', + detail: + "This is LangSmith (the commercial platform), not the free open-source libraries; the evaluation stack is one of LangSmith's core paid product surfaces alongside tracing.", + shortValue: 'LangSmith: datasets, LLM-as-judge, human annotation queues, judge calibration', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/langsmith/evaluation', + label: 'LangSmith Evaluations', + asOf: '2026-07-02', + }, + ], + }, + humanInTheLoop: { + value: + "Yes: a dedicated interrupt() function pauses a running graph at an exact line and returns a payload to the caller; Command(resume=...) resumes execution with the human's response (approve, edit, reject, or respond), all backed by the checkpointer so the pause survives a process restart", + detail: + 'The same thread_id must be used for the initial invocation and the resume call, since that is how the checkpointer identifies which frozen state to restore.', + shortValue: + 'interrupt()/Command(resume=...) primitives with checkpoint-backed pause/resume', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/oss/python/langchain/human-in-the-loop', + label: 'Human-in-the-loop - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + generativeMedia: { + value: + "Partial: no dedicated, first-party image/video/audio-generation node exists. Generative media is reached only by calling a provider's multimodal model (e.g. an image-generation model) through LangChain's standard model-integration interface, the same as any other model call", + detail: + 'There is no purpose-built "generate an image" or "generate a video" abstraction distinct from a generic chat-model or tool call to a multimodal provider.', + shortValue: + 'Only via generic provider-model integrations, no dedicated media-gen abstraction', + confidence: 'estimated', + sources: [], + }, + dynamicToolUse: { + value: + 'Yes: the standard ReAct-style agent pattern in LangChain/LangGraph binds a pool of tools to a model and lets the model choose, at each step, which tool (if any) to call based on its own reasoning, rather than following a fixed, pre-wired sequence of tool calls', + detail: + 'This dynamic selection is the core mechanic LangGraph agent templates (e.g. the ReAct Agent template) are built around, and extends to MCP-provided tools loaded at runtime.', + shortValue: 'Yes, ReAct-style agents dynamically pick from a bound tool pool at each step', + confidence: 'verified', + sources: [ + { + url: 'https://blog.langchain.com/launching-langgraph-templates/', + label: 'Launching LangGraph Templates (LangChain Blog)', + asOf: '2026-07-02', + }, + ], + }, + modelFallback: { + value: + "Yes: LangChain's with_fallbacks() method (RunnableWithFallbacks) lets a developer chain a primary model with one or more fallback models or providers, tried in order until one succeeds, at either a single model call or a whole-chain level", + detail: + "Documentation notes that a wrapper's own internal retry logic should typically be disabled when using fallbacks, otherwise the primary model keeps retrying instead of failing over to the fallback.", + shortValue: 'Yes, with_fallbacks() chains ordered fallback models/providers', + confidence: 'verified', + sources: [ + { + url: 'https://python.langchain.com/v0.2/docs/how_to/fallbacks/', + label: 'How to add fallbacks to a runnable | LangChain', + asOf: '2026-07-02', + }, + ], + }, + agentSkills: { + value: + 'Yes: the Deep Agents harness ships a SkillsMiddleware that loads named SKILL.md files (metadata plus full Markdown instructions) from a directory and injects them into the system prompt using progressive disclosure, giving a reusable, named capability invokable across multiple agents, distinct from a one-off system prompt', + detail: + 'Static skill/memory content is automatically prompt-cached for Anthropic and Amazon Bedrock models to avoid reprocessing the same tokens on every turn.', + shortValue: 'Deep Agents SkillsMiddleware: named, reusable SKILL.md files across agents', + confidence: 'verified', + sources: [ + { + url: 'https://reference.langchain.com/python/deepagents/middleware/skills', + label: 'skills | deepagents | LangChain Reference', + asOf: '2026-07-02', + }, + ], + }, + nativeChatDeployment: { + value: + 'No: neither the open-source libraries nor LangGraph Platform ship a first-party, publicly deployable chat widget or hosted chat page. A team deploying a conversational agent builds its own frontend (or uses a separate UI framework) calling the LangGraph Agent Server as a backend', + detail: + 'LangGraph Studio itself provides a chat-style interaction panel for testing/debugging a graph during development, but this is a developer tool, not a shippable end-user chat deployment target.', + shortValue: 'No first-party public chat surface; teams build and host their own frontend', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/assistants', + label: 'Assistants - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + kbChunkVisibility: { + value: + "Yes: LangChain's Document abstraction returned by any VectorStore retriever carries per-chunk page_content and per-chunk metadata (source, page, chunk index), and LangSmith's trace view shows this document-level detail for each retrieval step in an agent run", + detail: + 'This chunk-level detail is a property of the standard LangChain Document object used across all vector-store integrations, not a bespoke debugging UI feature.', + shortValue: + 'Yes, Document objects carry per-chunk content/metadata, visible in LangSmith traces', + confidence: 'verified', + sources: [ + { + url: 'https://blog.langchain.com/launching-langgraph-templates/', + label: 'Launching LangGraph Templates (LangChain Blog)', + asOf: '2026-07-02', + }, + ], + }, + parallelExecution: { + value: + 'Yes: the Send API lets a routing function dynamically spawn N parallel branches at runtime (not just a fixed number configured ahead of time), each processing a slice of state, with results merged back through a state reducer once all branches complete, a native map-reduce/fan-out-fan-in pattern', + detail: + 'This differs from a small, statically fixed number of parallel branches: the number of concurrent executions is determined by the routing function at run time, based on the size of whatever collection it is fanning out over.', + shortValue: + 'Yes, Send API dynamically fans out to N parallel branches, merged via a reducer', + confidence: 'verified', + sources: [ + { + url: 'https://machinelearningplus.com/gen-ai/langgraph-map-reduce-parallel-execution/', + label: 'LangGraph Map-Reduce: Parallel Execution with Send API', + asOf: '2026-07-02', + }, + ], + }, + a2aProtocol: { + value: + "Yes: LangChain shipped native A2A (Agent2Agent) support via langchain-adk (March 2026), letting any LangChain agent expose itself as an A2A server and call other A2A-compliant agents regardless of the framework that built them, with Agent Cards auto-generated from the agent's name/description/tool list; the local LangGraph dev server exposes A2A endpoints at /a2a/{assistant_id}", + detail: + "The LangSmith Deployment A2A endpoint maps the protocol's contextId to a LangGraph thread_id automatically, so A2A conversations get the same tracing/observability as native LangGraph runs.", + shortValue: 'Yes, native A2A server/client support with auto-generated Agent Cards', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/server-a2a', + label: 'A2A endpoint in Agent Server - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + }, + integrations: { + integrationCount: { + value: + "1,000+ integrations across model providers, vector stores, document loaders, and tools (per LangChain's own marketing), with a unified interface to 100+ LLM providers specifically", + detail: + 'The langchain-community package hosts many additional community-maintained integrations beyond what is centrally documented, so the true count is larger and harder to pin to one authoritative live number, unlike a connector-count page some workflow builders publish.', + shortValue: '1,000+ integrations; 100+ LLM providers via a unified interface', + confidence: 'estimated', + sources: [ + { + url: 'https://www.langchain.com/langchain', + label: 'LangChain: Open Source AI Agent Framework', + asOf: '2026-07-02', + }, + ], + }, + triggerTypes: { + value: + "Not a workflow-builder concept: agents are invoked programmatically (function/API call) or served over the LangGraph Agent Server's REST/SDK interface; the Agent Server also exposes protocol-level entry points (A2A, MCP) but there is no equivalent to a connector-event/schedule/webhook trigger picker", + detail: + 'A developer wires up whatever trigger mechanism they need in their own application code (a cron job, a webhook handler, a queue consumer) that then calls the LangGraph SDK or REST API to start a run.', + shortValue: + 'No trigger picker; runs are started by calling the Agent Server API from your own code', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/assistants', + label: 'Assistants - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + customCodeSteps: { + value: + 'Yes, by definition: every node in a LangGraph graph is arbitrary Python or JavaScript code, and the entire LangChain framework is consumed as a library inside a codebase, not a sandboxed code step within a separate visual builder', + detail: + 'There is no separate "custom code node" concept because the whole agent, not just one step, is written in code.', + shortValue: 'Yes, every node is Python/JavaScript code by design', + confidence: 'verified', + sources: [], + }, + apiPublishing: { + value: + 'Yes: the LangGraph Agent Server exposes deployed graphs over a REST API and SDKs (Python/JS), and additionally supports the Agent Protocol, MCP, and A2A as callable interfaces for the same deployed agent', + detail: + 'A single deployed graph can be called via plain REST, the LangGraph SDK, or one of the standardized agent-interop protocols, depending on the caller.', + shortValue: 'Yes, REST/SDK plus Agent Protocol, MCP, and A2A interfaces', + confidence: 'verified', + sources: [ + { + url: 'https://forum.langchain.com/t/langgraph-platform-deployment-failing/443', + label: 'LangGraph Platform - forum reference on deployment interfaces', + asOf: '2026-07-02', + }, + ], + }, + extensibilitySdk: { + value: + 'Official Python and JavaScript/TypeScript SDKs for both LangChain and LangGraph, a public REST API for the Agent Server, and an open, MIT-licensed codebase that any developer can extend, fork, or contribute integrations back to via langchain-community', + detail: + 'Because the whole product is a set of open-source libraries, extensibility is inherent rather than a separately bolted-on SDK layer, distinct from a workflow builder that offers a custom-node development kit for an otherwise closed core product.', + shortValue: + 'Official Python/JS SDKs, open MIT-licensed codebase, community integration package', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/langchain-ai/langchain', + label: 'langchain-ai/langchain (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + mcpPublishing: { + value: + 'Yes: an agent built with LangChain/LangGraph can be exposed as MCP tools/resources for external AI clients to call, via the same langchain-mcp-adapters ecosystem used to consume external MCP servers, in addition to native A2A server exposure', + detail: + "This is the reverse direction from consuming an external MCP server's tools, publishing a LangGraph agent's own capabilities for other MCP clients to invoke.", + shortValue: 'Yes, agents can be exposed as MCP tools via langchain-mcp-adapters', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/langchain-ai/langchain-mcp-adapters', + label: 'langchain-ai/langchain-mcp-adapters (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + }, + pricing: { + pricingModel: { + value: + 'The LangChain/LangGraph libraries themselves are free and open source (MIT); LangSmith (observability, evaluation, deployment) is a separate commercial product billed per-seat plus usage (traces, deployment uptime-minutes, compute units, sandbox resources)', + detail: + 'Usage-based components include base/extended trace pricing (different retention windows), dev vs. production deployment uptime rates, LangChain Compute Units (LCUs) for the underlying execution engine, and sandbox CPU/memory/storage rates.', + shortValue: 'Free OSS libraries; LangSmith is per-seat plus usage-based billing', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/pricing', + label: 'LangSmith Pricing', + asOf: '2026-07-02', + }, + ], + }, + entryPaidPlan: { + value: + 'LangSmith Plus: $39/seat/month, up to 10,000 base traces/month included, then pay-as-you-go, unlimited seats, one complimentary dev deployment, email support', + detail: + 'The Developer plan below it is $0/seat/month (single seat, up to 5,000 base traces/month, community support only), so Plus is the first genuinely paid tier.', + shortValue: '$39/seat/month, 10,000 base traces included', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/pricing', + label: 'LangSmith Pricing', + asOf: '2026-07-02', + }, + ], + }, + freeTier: { + value: + "Yes: the LangChain/LangGraph open-source libraries are free with no usage limits of their own, and LangSmith's Developer plan is $0/seat/month with up to 5,000 base traces/month and a free, limited self-hosted LangGraph server tier (up to 100,000 nodes executed/month)", + detail: + 'The free LangSmith Developer tier is capped at a single seat and community-only support; higher usage or team seats require moving to the Plus or Enterprise tier.', + shortValue: 'Free OSS libraries, plus a free single-seat LangSmith Developer tier', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/pricing', + label: 'LangSmith Pricing', + asOf: '2026-07-02', + }, + ], + }, + byok: { + value: + "Yes, by default: every model call in LangChain/LangGraph requires the developer's own provider API credentials (OpenAI, Anthropic, etc.) configured directly in application code or environment variables; LangSmith itself does not resell or proxy model access", + detail: + 'This is the inherent architecture of a code library calling out to providers directly, not a named "BYOK" toggle in a UI.', + shortValue: + 'Yes, de facto by architecture; every model call uses your own provider credentials', + confidence: 'verified', + sources: [], + }, + }, + security: { + soc2: { + value: + 'Yes: LangSmith is SOC 2 Type II compliant, and LangGraph Platform separately achieved SOC 2 Type II compliance alongside LangSmith', + detail: + "Confirmed directly via LangChain's own changelog announcement and Trust Center; both LangSmith and LangGraph Platform (now branded LangSmith Deployment) carry the same SOC 2 Type II attestation.", + shortValue: 'Yes, SOC 2 Type II for both LangSmith and LangGraph Platform', + confidence: 'verified', + sources: [ + { + url: 'https://changelog.langchain.com/announcements/langsmith-is-now-soc-2-type-ii-compliant', + label: 'LangSmith is now SOC 2 Type II compliant (LangChain Changelog)', + asOf: '2026-07-02', + }, + { + url: 'https://trust.langchain.com/', + label: 'LangChain Trust Center', + asOf: '2026-07-02', + }, + ], + }, + dataResidency: { + value: + 'Yes: LangSmith offers selectable regions at no extra cost, US (GCP US, default), EU (GCP EU), APAC (GCP APAC), and a separate AWS US region, plus multi-geo data residency options for self-hosted deployments', + detail: + 'Migrating an existing organization between regions is not supported; the region must be chosen at signup. Full self-hosting (of the OSS libraries or LangGraph Platform) is a further, absolute form of data residency control.', + shortValue: 'Yes, US/EU/APAC/AWS-US selectable regions, no migration between them', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/regions-faq', + label: 'Regions FAQ - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + rbac: { + value: + 'Yes: LangSmith Role-Based Access Control is available to Enterprise customers, with three built-in system roles (Admin, Editor, Viewer) and custom roles with granular, per-entity permissions assignable at the workspace or organization level', + detail: + 'Editor has full permissions except workspace management (adding/removing users, changing roles, configuring service keys), which is reserved for Admin.', + shortValue: 'Yes, on Enterprise: Admin/Editor/Viewer plus custom granular roles', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/blog/access-control-updates-for-langsmith', + label: 'Role Based Access Control (RBAC) for LangSmith', + asOf: '2026-07-02', + }, + ], + }, + auditLogging: { + value: + 'Not publicly documented: no LangSmith or LangGraph Platform page describes a dedicated, exportable audit-log feature distinct from run tracing and RBAC', + detail: + 'LangSmith exposes rich execution traces and OpenTelemetry-based export of those traces to external observability backends, but that is run/execution telemetry rather than a documented admin-activity audit log (user logins, permission changes, etc.).', + shortValue: 'Not publicly documented as a distinct admin-activity audit log', + confidence: 'unknown', + sources: [], + }, + additionalCompliance: { + value: 'HIPAA and GDPR, in addition to SOC 2 Type II', + detail: + "LangChain's own docs and Trust Center state LangSmith is SOC 2 Type II, HIPAA compliant, and GDPR compliant; no ISO 27001, PCI-DSS, or FedRAMP attestation was found on LangChain's own compliance materials.", + shortValue: 'HIPAA and GDPR compliant, alongside SOC 2 Type II', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/regions-faq', + label: 'Regions FAQ - Docs by LangChain', + asOf: '2026-07-02', + }, + { + url: 'https://trust.langchain.com/', + label: 'LangChain Trust Center', + asOf: '2026-07-02', + }, + ], + }, + modelAndToolGovernance: { + value: + 'Not publicly documented: no LangSmith/LangGraph Platform feature restricts which LLM providers or tools a given role/user may invoke beyond general workspace RBAC and API-key scoping', + detail: + 'Because agents are code, provider/tool selection is a decision made in the codebase itself; there is no admin console toggle limiting which model or tool a deployed agent is allowed to call at the platform level.', + shortValue: + 'Not publicly documented; provider/tool choice lives in agent code, not an admin toggle', + confidence: 'unknown', + sources: [], + }, + credentialGovernance: { + value: + 'No: RBAC in LangSmith is scoped to workspace/organization entities (traces, datasets, deployments) via custom roles, not to individual stored provider credentials or connections', + detail: + "Provider API keys are typically supplied as environment variables or secrets in the developer's own deployment environment, outside any LangSmith-native credential-governance layer.", + shortValue: 'No, RBAC governs LangSmith entities, not specific stored provider credentials', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/user-management', + label: 'User management - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + whiteLabeling: { + value: + "Not publicly documented: no LangSmith or LangGraph Platform page describes an option to replace LangChain/LangSmith branding with a customer's own across the product UI", + detail: + 'No official documentation on customer-facing white-labeling or OEM/embed branding controls was found.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + dataRetention: { + value: + "Yes: LangSmith's usage-based trace pricing offers two retention tiers a customer chooses per trace, base traces (14-day retention) and extended traces (400-day retention), giving org-level control over how long execution data is kept", + detail: + 'This retention choice is made at billing/trace-ingestion time (base vs. extended), rather than a single fixed platform-wide default.', + shortValue: 'Yes, choose 14-day (base) or 400-day (extended) trace retention', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/pricing', + label: 'LangSmith Pricing', + asOf: '2026-07-02', + }, + ], + }, + piiRedaction: { + value: + 'Yes: LangSmith supports masking sensitive data before it reaches the backend via environment-variable-level hiding of all inputs/outputs, custom masking functions for selective redaction, and regex-based anonymizers (with a reference implementation in langsmith-pii-removal) covering emails, IPs, phone numbers, credit cards, SSNs, and dates, plus integration points for third-party tools like Microsoft Presidio', + detail: + "Redaction happens client-side, before the trace payload is serialized and sent, via a create_anonymizer hook, so sensitive data is stripped in the customer's own process rather than being redacted after ingestion.", + shortValue: 'Yes, client-side masking/anonymizer hooks with regex PII detection', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/mask-inputs-outputs', + label: 'Prevent logging of sensitive data in traces - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + sso: { + value: + 'Yes: LangSmith supports SAML 2.0 single sign-on for Enterprise Cloud customers, letting organizations centrally manage team access through a single authentication source', + detail: + 'SSO is documented as an Enterprise Cloud feature rather than available to lower tiers.', + shortValue: 'Yes, SAML 2.0 SSO, Enterprise Cloud tier', + confidence: 'verified', + sources: [ + { + url: 'https://changelog.langchain.com/announcements/saml-sso-for-unified-access-to-langsmith', + label: 'SAML SSO for unified access to LangSmith (LangChain Changelog)', + asOf: '2026-07-02', + }, + ], + }, + }, + observability: { + tracingDepth: { + value: + "Yes: LangSmith provides full span-level distributed tracing of every LLM call, tool call, and intermediate step in a run, plus LangGraph Studio's time-travel debugging that lets a developer rewind to any prior checkpoint, inspect state, and fork a new execution path from it", + detail: + 'This is deeper than dashboard-level metrics: LangSmith traces are span-based (individual step-by-step execution detail), not just aggregate run counts/success rates.', + shortValue: 'Yes, full span-level tracing plus checkpoint-based time-travel debugging', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/blog/langgraph-studio-the-first-agent-ide', + label: 'LangGraph Studio: The first agent IDE', + asOf: '2026-07-02', + }, + ], + }, + durabilityModel: { + value: + 'LangGraph\'s checkpointer snapshots full graph state after every node completes (a "super-step"), so a run resumes from the last checkpoint after an interruption, timeout, human-approval pause, or crash rather than restarting; RetryPolicy provides automatic per-node retries with backoff/jitter, and TimeoutPolicy caps a node attempt', + detail: + 'Production commentary notes checkpointing alone does not include automatic failure detection, an external process still needs to notice a crash and trigger the resume, so durability here is a resumable-state primitive, not a fully autonomous self-healing system.', + shortValue: + 'Checkpoint-based resume plus per-node RetryPolicy/TimeoutPolicy, no auto failure detection', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/blog/fault-tolerance-in-langgraph', + label: 'Fault Tolerance in LangGraph (LangChain Blog)', + asOf: '2026-07-02', + }, + ], + }, + failureAlerting: { + value: + 'Not publicly documented: no LangSmith or LangGraph Platform page describes an automatic, proactive failure-alert notification (e.g. email/Slack) distinct from viewing failures in the trace dashboard', + detail: + "LangSmith surfaces failed runs and errors in its tracing UI, but no source confirms an automatic push notification/digest comparable to some workflow builders' failure-alert emails.", + shortValue: 'Not publicly documented as a proactive alert feature', + confidence: 'unknown', + sources: [], + }, + dataDrains: { + value: + 'Yes: LangSmith services emit OpenTelemetry traces that can be exported to an observability backend of choice by configuring an OTel/Prometheus collector endpoint, letting execution data flow continuously into external systems like Datadog rather than only being viewable in LangSmith itself', + detail: + 'This is a generic OTel-based export mechanism, not named, pre-built connectors to specific destinations like S3 or BigQuery.', + shortValue: 'Yes, OpenTelemetry export to any OTel-compatible backend', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/export-backend', + label: 'Export LangSmith telemetry to your observability backend - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + asyncExecution: { + value: + 'Yes: the LangGraph Agent Server supports background/async execution, a run can be started and its result polled or streamed later via the SDK/REST API, and interrupt()-paused runs inherently execute asynchronously across a human-response gap by design', + detail: + "This is a natural consequence of the Agent Server's run/thread model, where a run's state persists server-side independent of any single blocking client connection.", + shortValue: "Yes, via the Agent Server's run/thread API and checkpoint-backed pausing", + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/langsmith/assistants', + label: 'Assistants - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, + executionLimits: { + value: + "Not publicly documented as concrete published numbers: no LangGraph Platform or LangSmith page states a maximum run duration or a fixed concurrency ceiling comparable to some workflow builders' published limits", + detail: + "Execution duration and concurrency are effectively bounded by the customer's own compute/infrastructure configuration (self-hosted) or the specific managed-plan resources purchased, rather than a single documented platform-wide ceiling.", + shortValue: 'Not publicly documented as fixed platform-wide numbers', + confidence: 'unknown', + sources: [], + }, + partialFailureHandling: { + value: + "Yes: LangGraph's per-node RetryPolicy and TimeoutPolicy let a single failing node retry or time out independently, and a developer can route a node's error to a dedicated error-handling branch in the graph, so one step failing does not necessarily halt the entire run", + detail: + "This is implemented in code as explicit graph edges/conditional routing around a node's exception, rather than a single toggle exposed in a visual builder.", + shortValue: 'Yes, per-node retry/timeout policies plus code-defined error-handling edges', + confidence: 'verified', + sources: [ + { + url: 'https://deepwiki.com/langchain-ai/langgraph/3.8-error-handling-and-retry-policies', + label: 'Error Handling and Retry Policies | langchain-ai/langgraph | DeepWiki', + asOf: '2026-07-02', + }, + ], + }, + }, + support: { + supportChannels: { + value: + 'Documentation via docs.langchain.com and reference.langchain.com, a public LangChain Forum, a Community Slack, GitHub issues on the open-source repos, and paid email/Enterprise support tiers through LangSmith plans', + detail: + 'Community support is the default at the free Developer tier; email support is included starting at the Plus tier, with dedicated SLA-backed support at Enterprise.', + shortValue: 'Docs, forum, Slack, GitHub issues, plus paid email/Enterprise tiers', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/pricing', + label: 'LangSmith Pricing', + asOf: '2026-07-02', + }, + { + url: 'https://www.langchain.com/join-community', + label: 'LangChain Community Slack', + asOf: '2026-07-02', + }, + ], + }, + sla: { + value: + 'Not publicly documented as a specific uptime percentage: LangSmith Enterprise lists "SLA guarantees" as an included feature, but no page publishes a concrete SLA number', + detail: + 'The LangSmith pricing page names "SLA guarantees" under the Enterprise tier without stating the specific percentage or terms publicly.', + shortValue: 'Enterprise includes SLA guarantees, exact terms not publicly stated', + confidence: 'estimated', + sources: [ + { + url: 'https://www.langchain.com/pricing', + label: 'LangSmith Pricing', + asOf: '2026-07-02', + }, + ], + }, + community: { + value: + 'Large: 141,000+ GitHub stars on langchain-ai/langchain and 36,000+ on langchain-ai/langgraph, an active Community Slack, a dedicated LangChain Forum, and reported adoption by roughly 35% of the Fortune 500', + detail: + "Star counts and Fortune 500 adoption figure are per LangChain's own reporting around its October 2025 Series B announcement.", + shortValue: '141k+ and 36k+ GitHub stars; Slack and Forum communities', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/langchain-ai/langchain', + label: 'langchain-ai/langchain (GitHub)', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/langchain-ai/langgraph', + label: 'langchain-ai/langgraph (GitHub)', + asOf: '2026-07-02', + }, + { + url: 'https://www.langchain.com/blog/series-b', + label: 'LangChain raises $125M to build the platform for agent engineering', + asOf: '2026-07-02', + }, + ], + }, + companyMaturity: { + value: + 'LangChain Inc. Founded 2022 by Harrison Chase. Raised a $125M Series B led by IVP in October 2025 at a $1.25B valuation (total raised approximately $260M), with reported headcount in the roughly 260-325 employee range as of mid-2026', + detail: + 'Prior rounds: a $10M seed from Benchmark (April 2023) and a $25M Series A led by Sequoia days later (reportedly a ~$200M valuation). Investors in the Series B include Sequoia, Benchmark, IVP, CapitalG, Sapphire Ventures, and strategic investors such as ServiceNow Ventures, Workday Ventures, Cisco Investments, Datadog Ventures, and Databricks Ventures. Employee-count sources vary by snapshot date (163 to 325 across different 2026 trackers), reflecting rapid hiring.', + shortValue: + 'Founded 2022; $125M Series B (Oct 2025) at $1.25B valuation; ~260-325 employees', + confidence: 'verified', + sources: [ + { + url: 'https://www.langchain.com/blog/series-b', + label: 'LangChain raises $125M to build the platform for agent engineering', + asOf: '2026-07-02', + }, + { + url: 'https://techcrunch.com/2025/10/21/open-source-agentic-startup-langchain-hits-1-25b-valuation/', + label: 'Open source agentic startup LangChain hits $1.25B valuation | TechCrunch', + asOf: '2026-07-02', + }, + ], + }, + academy: { + value: + 'Yes: LangChain Academy (academy.langchain.com) is a free, structured learning platform built by the LangChain team, offering courses (video lessons, code exercises, Jupyter notebooks) on LangChain and LangGraph fundamentals, agent architectures, and advanced patterns, with completion certificates', + detail: + 'Course content spans introductory quickstarts through advanced multi-agent and observability-focused material; roughly 13 hours of core LangGraph-focused content across the primary course sequence.', + shortValue: 'Yes, free structured courses with certificates at LangChain Academy', + confidence: 'verified', + sources: [ + { url: 'https://academy.langchain.com/', label: 'LangChain Academy', asOf: '2026-07-02' }, + ], + }, + }, + }, +} diff --git a/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts b/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts new file mode 100644 index 00000000000..f96aa653b55 --- /dev/null +++ b/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts @@ -0,0 +1,1195 @@ +import { MicrosoftCopilotIcon } from '@/components/icons' +import type { CompetitorProfile } from '@/lib/compare/data/types' + +/** Researched and cross-verified against live vendor sources on 2026-07-02. */ +export const microsoftCopilotProfile: CompetitorProfile = { + id: 'microsoft-copilot', + name: 'Microsoft Copilot Studio', + website: 'https://www.microsoft.com/en-us/microsoft-copilot-studio', + brand: { + icon: MicrosoftCopilotIcon, + selfFramed: true, + colors: ['#0736c4', '#8c48ff', '#00e5cc'], + source: 'Official brand guidelines', + asOf: '2026-07-02', + }, + oneLiner: + 'Microsoft Copilot Studio is a low-code tool in the Microsoft ecosystem for building, testing, and publishing conversational and autonomous AI agents, using topics or LLM-driven generative orchestration, connectors, agent flows, and Dataverse-grounded knowledge.', + standoutFeatures: [ + { + title: 'Reusable, portable Agent Skills', + description: + 'A Skill is a named capability defined once as a SKILL.md file (YAML front matter plus Markdown instructions, optionally bundled with scripts/templates/reference documents into a ZIP package). Skills can be authored in Copilot Studio or a text editor, attached to multiple agents, and exported to share with others, distinct from a one-off system prompt tied to a single agent.', + shortDescription: 'Named, Markdown-defined capabilities reusable across multiple agents.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/agents-experience/skills-overview', + label: 'Skills overview for agents (preview) - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + { + title: 'Multi-model support including Anthropic Claude and bring-your-own-model', + description: + 'Agents can use OpenAI GPT models, Anthropic Claude Sonnet 4 and Opus 4.1, any model in the Azure AI Model Catalog, or a bring-your-own-model connection to an Azure AI Foundry deployment (via endpoint URI, deployment name, and API key) for individual prompts. Admins enable or restrict non-default models tenant-wide, with automatic fallback to the default OpenAI model if a selected model is disabled.', + shortDescription: + 'OpenAI, Anthropic Claude, Azure AI Model Catalog, or a bring-your-own model.', + source: { + url: 'https://www.microsoft.com/en-us/microsoft-copilot/blog/copilot-studio/anthropic-joins-the-multi-model-lineup-in-microsoft-copilot-studio/', + label: 'Anthropic joins the multi-model lineup in Microsoft Copilot Studio', + asOf: '2026-07-02', + }, + }, + { + title: 'Deep, per-session orchestration traces', + description: + 'Conversation transcripts capture which topic fired, which knowledge sources were consulted, which tools were called, which child agents or MCP servers were invoked, what the orchestration plan was, and how long each step took, viewable per-session in the Analytics area for the last 28 days (extendable via export to Azure Data Lake Storage).', + shortDescription: + 'Per-session traces cover topics, tools, knowledge, sub-agents, and timing.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/agents-experience/analytics-overview', + label: 'Monitor an agent overview (preview) - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + { + title: 'Broad, independently audited compliance certification list', + description: + "Copilot Studio's own admin documentation lists coverage under HIPAA (BAA), HITRUST CSF, FedRAMP, SOC, multiple ISO standards (9001, 20000-1, 22301, 27001, 27017, 27018, 27701), PCI DSS, CSA STAR, UK G-Cloud, Singapore MTCS Level 3, Korea K-ISMS, and Spain ENS, each with an audit report on the Microsoft Service Trust Portal.", + shortDescription: + 'HIPAA, FedRAMP, SOC, multiple ISO standards, PCI DSS, and more, each audited.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-certification', + label: 'Review ISO, SOC, and HIPAA compliance - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + { + title: 'Generative orchestration picks topics, tools, and knowledge dynamically', + description: + "Generative orchestration replaces fixed decision-tree topic flows with an LLM-driven planning layer that interprets user intent, selects from an agent's topics, tools, knowledge sources, and child agents at runtime, and executes multistep plans, rather than requiring every path to be hand-authored with trigger phrases in advance.", + shortDescription: + 'An LLM planning layer selects topics/tools/knowledge at runtime, not a fixed script.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/generative-orchestration', + label: + 'Apply generative orchestration capabilities - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + ], + limitations: [ + { + title: 'Consumption pricing carries overage and cost-forecasting complexity', + description: + 'Usage is billed in Copilot Credits across many separately metered feature rates (classic answer, generative answer, agent action, tenant graph grounding, agent flow actions per 100, three tiers of AI tools, three tiers of voice), and reasoning models add a second, separate premium-token charge on top of the base feature rate. Microsoft publishes a dedicated usage estimator tool because manually forecasting cost from these dimensions is otherwise difficult.', + shortDescription: + 'Costs span many separately metered credit rates, needing a dedicated estimator tool.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/requirements-messages-management', + label: 'Billing rates and management - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + { + title: + 'Full ALM tooling (pipelines, environment variables) is gated to solution-aware agents', + description: + 'Version history, environment promotion via pipelines, and environment variables only apply to agents built inside a Dataverse solution. Agents created outside a solution, a common default for individual makers experimenting in Copilot Studio, do not get this ALM tooling.', + shortDescription: + 'Pipelines and environment-variable promotion require building inside a solution.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/alm', + label: + 'Establish an Application Lifecycle Management (ALM) strategy - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + { + title: 'Session transcript detail defaults to a 28-day window', + description: + "An agent's per-session transcripts, showing which topic fired, tools called, and knowledge consulted, are available in the Analytics area for the last 28 days by default. Retaining that level of detail longer requires a separate export pipeline (Azure Synapse Link for Dataverse into Azure Data Lake Storage Gen2), not a built-in retention setting.", + shortDescription: + 'Detailed session transcripts default to 28 days; longer retention needs a manual export.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/analytics-transcripts-studio', + label: + 'Understand downloaded session data from Copilot Studio - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + { + title: 'No self-hosting; a Microsoft-operated cloud service only', + description: + "Copilot Studio's authoring, orchestration, and runtime are Microsoft-operated multi-tenant (or government-cloud) cloud services. There is no on-premises deployment option for the core agent-building and conversation-orchestration engine itself, unlike products that offer a self-hosted or air-gapped runtime.", + shortDescription: + 'No on-premises option; agents run only on Microsoft-operated cloud infrastructure.', + source: { + url: 'https://learn.microsoft.com/en-us/compliance/regulatory/offering-soc-2', + label: 'SOC 2 Type 2 - Microsoft Compliance | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + { + title: 'No native white-labeling of the core builder or default chat UI', + description: + 'Agent-level branding is limited to setting a name, icon, and accent color, or hosting a fully custom canvas web app for the chat window itself. There is no documented option to remove Microsoft/Copilot Studio branding from the authoring canvas or the default published chat surface the way a dedicated white-label offering would.', + shortDescription: + 'Branding is limited to name/icon/color or a custom-built chat canvas, not full white-label.', + source: { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/customize-default-canvas', + label: + 'Customize the look and feel of an agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + }, + ], + facts: { + platform: { + builderType: { + value: + 'Low-code conversational/agent builder with a topics-based (trigger phrase) authoring mode, an alternative LLM-driven generative orchestration mode, natural-language agent creation, and separate agent flows for deterministic step sequences', + detail: + 'Classic authoring uses topics triggered by phrases; generative orchestration lets the agent dynamically select topics/tools/knowledge based on a description of each. Agent flows (built on the Power Automate flow engine) handle deterministic, step-by-step logic invoked as agent tools.', + shortValue: 'Topics or generative orchestration, plus deterministic agent flows', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/fundamentals-what-is-copilot-studio', + label: 'Overview - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/generative-orchestration', + label: + 'Apply generative orchestration capabilities - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/flows-overview', + label: 'Agent flows overview - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + learningCurve: { + value: + 'Low for a single-topic agent answering from one knowledge source; steep for generative orchestration instruction design, solution-based ALM, and Dataverse security modeling at production scale', + detail: + 'Microsoft markets basic agent creation as accessible to non-developer makers via natural language and templates, while its own guidance devotes dedicated articles to writing effective generative-orchestration instructions and structuring solutions/environments/pipelines, both described as requiring deliberate design work.', + shortValue: 'Easy for a single simple agent, steep for orchestration and ALM at scale', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/generative-mode-guidance', + label: + 'Configure high-quality instructions for generative orchestration - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/alm', + label: + 'Establish an Application Lifecycle Management (ALM) strategy - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + selfHostOption: { + value: + 'No: Copilot Studio has no self-hosted deployment of its authoring or orchestration/runtime engine; it runs only as a Microsoft-operated cloud service (commercial or government cloud)', + detail: + "Microsoft's own compliance documentation describes Copilot Studio as an Online Service across Commercial, GCC, GCC High, and DoD environments, all Microsoft-operated; no on-premises or customer-hosted runtime is documented.", + shortValue: 'No, Microsoft-operated cloud service only', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/compliance/regulatory/offering-soc-2', + label: 'SOC 2 Type 2 - Microsoft Compliance | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + deploymentOptions: { + value: + 'Commercial multi-tenant cloud, plus Office 365 GCC, GCC High, and DoD sovereign/government cloud environments', + detail: + "Confirmed via Microsoft's SOC 2 compliance documentation, which lists Copilot Studio among the Power Platform services in scope for Commercial and GCC environments.", + shortValue: 'Commercial cloud plus GCC/GCC High/DoD government clouds', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/compliance/regulatory/offering-soc-2', + label: 'SOC 2 Type 2 - Microsoft Compliance | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + templates: { + value: + 'Yes: an Agent Library of ready-to-use, pre-built agent templates (e.g. Employee Self-Service, Prompt Coach, IT Helpdesk, Financial Insights) with preconfigured instructions, actions, topics, and starter knowledge, deployable into an environment and then customized', + detail: + 'Templates are distributed both as a visual, guided-deployment catalog on Microsoft Marketplace and as raw solution files on GitHub for the same templates.', + shortValue: 'Yes, Agent Library of pre-built, customizable templates', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/agent-library-overview', + label: + 'Configure and deploy agents from the Agent Library - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/template-fundamentals', + label: + 'Create a custom agent from a template - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + license: { + value: 'Proprietary, commercial SaaS, not open source', + detail: + 'Copilot Studio is a licensed Microsoft commercial cloud product billed via Copilot Credits (prepaid packs, pay-as-you-go, or annual commitment); no open-source licensing model exists for the product.', + shortValue: 'Proprietary commercial SaaS', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/requirements-messages-management', + label: 'Billing rates and management - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + environmentPromotion: { + value: + 'Yes: agents built inside a Dataverse solution can be promoted dev to test to production via exported/imported managed and unmanaged solutions, Power Platform Pipelines for automated promotion, and environment variables for per-environment config, the same ALM model Power Automate uses', + detail: + 'Copilot Studio agents are created inside a Power Platform solution; solutions are the transport container across environments, with pipelines or Azure DevOps/GitHub Actions automating the import chain and Git integration available for source control.', + shortValue: 'Dataverse solutions plus Pipelines for dev/test/prod', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/authoring-solutions-overview', + label: + 'Create and manage custom solutions - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/alm', + label: + 'Establish an Application Lifecycle Management (ALM) strategy - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + versionControlDepth: { + value: + 'Solution-based promotion with Git integration and pipelines for solution-aware agents; no documented visual diff/compare view between two agent versions, and this ALM tooling does not apply to agents built outside a solution', + detail: + 'Git integration lets a solution connect to a repository for version control and collaboration, and pipelines automate deployment between environments, but no dedicated side-by-side version-diff UI for an individual agent was found in vendor documentation.', + shortValue: 'Git-backed solution promotion, no visual diff view found', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/alm', + label: + 'Establish an Application Lifecycle Management (ALM) strategy - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + realtimeCollaboration: { + value: + "No: Copilot Studio agents can be shared with co-owners and accessed by multiple makers, but there is no documented live, concurrent multi-user editing of the same agent with visible cursors and synced changes. Microsoft's live coauthoring feature (visible cursors, simultaneous editing) is documented for Power Apps Studio canvas apps, a separate product, not for the Copilot Studio agent designer.", + detail: + 'Sharing an agent with other users grants asynchronous edit access, not simultaneous live co-editing; no vendor source documents cursor-level real-time collaboration in the Copilot Studio designer itself.', + shortValue: 'No true live co-editing; only async sharing of an agent', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-share-bots', + label: 'Share agents with other users - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + nativeFileStorage: { + value: + 'No: Copilot Studio has no file storage system of its own (no folder hierarchy, link-based sharing, or recycle bin built into the product). Files used as knowledge sources or by connectors are stored in and managed through external services such as SharePoint, OneDrive, or Dataverse.', + detail: + 'Knowledge sources reference SharePoint sites/document libraries or uploaded files stored in Dataverse; there is no first-party, user-facing file manager surface inside Copilot Studio itself.', + shortValue: 'No native file store; relies on SharePoint/OneDrive/Dataverse', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/knowledge-copilot-studio', + label: 'Knowledge sources summary - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + dataTables: { + value: + 'No: Copilot Studio does not offer a lightweight, spreadsheet-like data table with arrow-key navigation and copy-paste. Its native structured-data store is Microsoft Dataverse, a full relational database with tables, relationships, and business rules, used both as an agent knowledge source and for storing conversation transcripts and custom analytics.', + detail: + 'Dataverse is the same underlying data platform Power Automate uses; it is positioned as the agent data platform for grounding, but is a relational database product, not a simple spreadsheet-grid UI.', + shortValue: 'Dataverse tables are a full DB, not a spreadsheet grid', + confidence: 'estimated', + sources: [ + { + url: 'https://www.microsoft.com/en-us/power-platform/blog/2026/05/05/dataverse-agent-data-platform/', + label: 'Dataverse Is Your Agent Data Platform - Microsoft Power Platform Blog', + asOf: '2026-07-02', + }, + ], + }, + richTextEditor: { + value: + 'No: Copilot Studio does not provide an inline rich-text/WYSIWYG document editor. Agent instructions, topic content, and Skill files (Markdown with YAML front matter) are authored as plain text or Markdown source, either inside the Copilot Studio UI or an external text editor, not through a WYSIWYG surface.', + detail: + 'Skills are explicitly described as portable Markdown files a maker can author in Copilot Studio or "your favorite text editor," underscoring that authoring is raw-text/Markdown-based rather than WYSIWYG.', + shortValue: + 'No WYSIWYG editor; instructions and Skills are authored as Markdown/plain text', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/agents-experience/skills-overview', + label: + 'Skills overview for agents (preview) - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + }, + aiCapabilities: { + multiLlmSupport: { + value: + 'Yes: agents can use OpenAI GPT models, Anthropic Claude Sonnet 4 and Opus 4.1, any model in the Azure AI Model Catalog, or a bring-your-own Azure AI Foundry model deployment for individual prompts', + detail: + 'Admins enable or restrict non-default models tenant-wide in the Microsoft 365 Admin Center; if a selected alternate model is disabled or unavailable, agents fall back automatically to the default OpenAI model. Google Gemini is not a supported option.', + shortValue: 'OpenAI, Anthropic Claude, Azure AI Model Catalog, or bring-your-own model', + confidence: 'verified', + sources: [ + { + url: 'https://www.microsoft.com/en-us/microsoft-copilot/blog/copilot-studio/anthropic-joins-the-multi-model-lineup-in-microsoft-copilot-studio/', + label: 'Anthropic joins the multi-model lineup in Microsoft Copilot Studio', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/bring-your-own-model-prompts', + label: + 'Bring your own model for your prompts - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + agentReasoningBlocks: { + value: + "Yes: generative orchestration is an LLM-driven planning layer that selects among an agent's topics, tools, knowledge sources, and child agents at runtime, and an optional deep reasoning model (GPT-5.5 Reasoning) can be enabled for tasks requiring step-by-step logical analysis, distinct from a fixed decision-tree topic flow", + detail: + 'Deep reasoning is currently regionally limited to the United States and the EU (excluding the UK) and trades response speed for accuracy on complex tasks; the agent decides when to apply it, or a maker can force it via a "reason" keyword in instructions.', + shortValue: 'Generative orchestration planning plus an optional deep reasoning model', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/generative-orchestration', + label: + 'Apply generative orchestration capabilities - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/authoring-reasoning-models', + label: + 'Add a deep reasoning model for complex tasks (preview) - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + naturalLanguageBuilding: { + value: + "Yes: makers can describe an agent in plain language and Copilot Studio's AI-based authoring drafts topics, instructions, and structure from that description, distinct from manually assembling a topic tree", + detail: + "Documented as the product's core AI-based agent authoring capability, letting non-developers describe the desired behavior instead of hand-building every topic and trigger phrase.", + shortValue: 'Describe an agent in text; Copilot Studio drafts the topics/instructions', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/nlu-gpt-overview', + label: 'AI-based agent authoring overview - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + knowledgeBaseRag: { + value: + 'Yes: agents can be grounded via retrieval-augmented generation over Dataverse tables, SharePoint/Office files, connectors to systems like Salesforce or ServiceNow, and a tenant-wide semantic search index (tenant graph grounding) over Microsoft Graph data including connector-synced external content', + detail: + 'Tenant graph grounding is a distinctly billed, optional per-agent feature (10 Copilot Credits per message) layered on top of ordinary knowledge-source retrieval, aimed at higher-quality, up-to-date grounding.', + shortValue: 'RAG over Dataverse, SharePoint, connectors, plus tenant graph grounding', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/knowledge-copilot-studio', + label: 'Knowledge sources summary - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://www.microsoft.com/en-us/power-platform/blog/2026/05/05/dataverse-agent-data-platform/', + label: 'Dataverse Is Your Agent Data Platform - Microsoft Power Platform Blog', + asOf: '2026-07-02', + }, + ], + }, + mcpSupport: { + value: + 'Yes: agents connect to external MCP servers as tools directly from the Tools page (Add Tool > New Tool > MCP, specifying just a URL), and tools/resources the server publishes are automatically added as actions that inherit their name, description, inputs, and outputs, staying in sync as the server changes', + detail: + 'MCP servers are wired in via connector infrastructure under the hood, so they inherit enterprise controls like Data Loss Prevention policies and virtual network integration alongside multiple authentication methods.', + shortValue: 'Yes, connects to external MCP servers as auto-syncing tools', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/mcp-add-existing-server-to-agent', + label: + 'Connect your agent to an existing MCP server - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/mcp-add-components-to-agent', + label: + 'Add tools and resources from a Model Context Protocol (MCP) server to your agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + evaluationGuardrails: { + value: + "Yes: a dedicated test-set evaluation feature runs up to 100 test cases (authored manually, imported from a spreadsheet, or AI-generated from the agent's design/knowledge/topics) against an agent, alongside mandatory content moderation that screens both user input and agent responses for harmful content, jailbreaking, prompt injection, and prompt exfiltration", + detail: + 'Content is evaluated twice per turn (at input and again before the response is returned); a detected violation blocks the response and shows an error rather than letting it through.', + shortValue: 'Test-set evaluations (up to 100 cases) plus dual-stage content moderation', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/analytics-agent-evaluation-create', + label: 'Create a single response test set - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/troubleshoot/power-platform/copilot-studio/generative-answers/agent-response-filtered-by-responsible-ai', + label: + 'Resolve responsible AI content filter errors - Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + humanInTheLoop: { + value: + 'Yes: a dedicated Request for Information action in agent flows pauses an automated run to collect structured input from a designated human reviewer via email, and a separate hand-off feature lets a conversational agent transfer an in-progress chat, with full history and variables, to a live human agent in a connected engagement hub', + detail: + 'Request for Information targets agent-flow-style automation pausing on a decision point; hand-off targets live conversational escalation to a human, covering both the automation-approval and conversational-escalation senses of human-in-the-loop.', + shortValue: 'Request-for-Information flow action, plus live-agent conversation hand-off', + confidence: 'verified', + sources: [ + { + url: 'https://www.microsoft.com/en-us/microsoft-copilot/blog/copilot-studio/introducing-request-for-information-in-copilot-studio-agent-flows/', + label: + 'Introducing request for information in Copilot Studio agent flows | Microsoft Copilot Blog', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/advanced-hand-off', + label: 'Hand off to a live agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + generativeMedia: { + value: + 'Partial: AI Builder, the shared Power Platform model catalog Copilot Studio prompts draw from, ships an image-description (captioning) model and GPT-based text generation, but no dedicated native image-generation, video-generation, or text-to-speech/speech-to-text model exists in that catalog. Generating images or audio requires calling an external connector, such as Azure OpenAI DALL-E or Azure AI Speech.', + detail: + 'This is the same AI Builder model catalog Power Automate flows use; Copilot Studio prompts and agent flows both draw from it, so the gap in native generative-media models is shared across both products.', + shortValue: + 'Captioning and text gen only; image/audio generation needs an external connector', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/ai-builder/use-in-flow-overview', + label: 'AI Builder in Power Automate overview - Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + dynamicToolUse: { + value: + "Yes: with generative orchestration turned on, an agent's LLM-driven planner dynamically selects which topics, tools, and knowledge sources to invoke at runtime from the full set attached to the agent, rather than following only the specific tool-call path a maker pre-wired into a fixed topic", + detail: + 'This is the explicit mechanism generative orchestration adds over classic topic-based authoring, where a maker had to hand-author which tool a given trigger phrase path calls.', + shortValue: "Yes, via generative orchestration's runtime tool/topic selection", + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/generative-orchestration', + label: + 'Apply generative orchestration capabilities - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + modelFallback: { + value: + 'Yes: Copilot Studio automatically falls back to the default OpenAI GPT-4o model when a selected alternate model, such as Anthropic Claude, is disabled or unavailable for the tenant', + detail: + 'Documented specifically as multi-model fallback behavior; not documented as a broader multi-provider retry-on-rate-limit policy beyond that single fallback path.', + shortValue: 'Falls back to the default OpenAI GPT-4o model automatically', + confidence: 'verified', + sources: [ + { + url: 'https://www.microsoft.com/en-us/microsoft-copilot/blog/copilot-studio/anthropic-joins-the-multi-model-lineup-in-microsoft-copilot-studio/', + label: 'Anthropic joins the multi-model lineup in Microsoft Copilot Studio', + asOf: '2026-07-02', + }, + ], + }, + agentSkills: { + value: + "Yes: Skills are named capabilities (name, description, Markdown instructions, optional supporting files) defined once, created in Copilot Studio or a text editor, added to multiple agents, and exported as a Markdown file or ZIP package for sharing, distinct from a single agent's own instructions", + detail: + 'This is a preview feature in the new Copilot Studio agent-building experience; the standard SKILL.md format with YAML front matter makes skills portable between agents and organizations.', + shortValue: 'Yes, named Markdown Skills reusable and exportable across agents', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/agents-experience/skills-overview', + label: + 'Skills overview for agents (preview) - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + nativeChatDeployment: { + value: + 'Yes: an agent can be published directly to a live website chat widget, Microsoft Teams, Microsoft 365 Copilot Chat, SharePoint, Power Pages, mobile, and further channels via Azure Bot Service (Slack, Telegram, Twilio SMS, and more), not only a form/API/webhook', + detail: + 'Publishing pushes the current agent version out to every connected channel at once; a channel is documented as "the integration point where an end-user can interact with a Copilot Studio agent."', + shortValue: 'Yes, publishes to website, Teams, M365 Copilot Chat, and more channels', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/publication-fundamentals-publish-channels', + label: + 'Key concepts - Publish and deploy your agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/publication-connect-bot-to-azure-bot-service-channels', + label: + 'Publish an agent to Azure Bot Service channels - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + kbChunkVisibility: { + value: + "Partial: Copilot Studio's test/preview panel shows a trace of which knowledge sources an agent consulted for an answer, with footnote-style citations tied to specific chunk metadata (e.g. document and page), and a maker can navigate from a citation to the source component to edit it, but a dedicated raw chunk-content inspector distinct from citation footnotes is not clearly documented.", + detail: + 'Some knowledge formats, such as local JSON, are documented as lacking citation metadata entirely, so chunk-level detail is not uniformly available across every knowledge-source type.', + shortValue: + 'Test panel shows citations/trace with chunk metadata, not a full chunk inspector', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/knowledge-test', + label: + "Test your agent's knowledge sources - Microsoft Copilot Studio | Microsoft Learn", + asOf: '2026-07-02', + }, + ], + }, + parallelExecution: { + value: + 'Yes: agent flows, built on the Power Automate flow engine, support native parallel branches so multiple actions run concurrently and the flow proceeds only once every branch completes; loop actions separately support a parallel (concurrency) mode for independent iterations', + detail: + 'Vendor guidance notes parallel branches and concurrent loop iterations add complexity and can affect output quality when combining concurrent results, and flows must still return within a documented action-count/time budget.', + shortValue: 'Yes, native parallel branches and concurrent loop iterations in agent flows', + confidence: 'estimated', + sources: [ + { + url: 'https://www.microsoft.com/en-us/power-platform/blog/power-automate/parallel-actions/', + label: + 'Add parallel branches in flows and five new services - Microsoft Power Platform Blog', + asOf: '2026-07-02', + }, + { + url: 'https://www.candede.com/articles/copilot-studio-workflow-engine-loop-component/', + label: 'Mastering Copilot Studio Workflows: The Loop Component', + asOf: '2026-07-02', + }, + ], + }, + a2aProtocol: { + value: + "No native support: Copilot Studio does not ship a first-party Agent2Agent (A2A) implementation today. Third-party custom connectors can wrap an external A2A agent's JSON-RPC/HTTP+JSON endpoints, and Microsoft has stated native A2A support is planned for Copilot Studio and Azure AI Foundry, but no built-in Agent Card discovery or native peer-to-peer A2A calling ships as of this check.", + detail: + 'Available A2A connectors today are community-built custom connectors translating Power Platform requests into A2A protocol calls, not a first-party Copilot Studio feature.', + shortValue: 'No native A2A yet; only third-party custom connectors, native support planned', + confidence: 'estimated', + sources: [ + { + url: 'https://troystaylor.com/power%20platform/custom%20connectors/2026-05-05-agent-to-agent-a2a-connector-work-iq.html', + label: 'Agent-to-Agent (A2A) connector for Copilot Studio and Power Automate', + asOf: '2026-07-02', + }, + ], + }, + }, + integrations: { + integrationCount: { + value: "1,000+ pre-built connectors, per Copilot Studio's own connector documentation", + detail: + "Copilot Studio's connector documentation states its connector library gives access to pre-built integrations to 1,000+ services; this shares the same underlying connector catalog Power Automate uses, whose own product page cites 1,400+ certified connectors as a broader Power Platform-wide figure.", + shortValue: '1,000+ connectors from the shared Power Platform catalog', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/advanced-connectors', + label: + 'Use connectors in Copilot Studio agents - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + triggerTypes: { + value: + 'Conversational trigger phrases (topics), autonomous event-based triggers that wait for a specific event to fire the agent without a user prompting it, connector-event triggers, and schedule-based triggers for agent flows', + detail: + 'Autonomous triggers let an agent proactively respond to events (e.g. a new record, an incoming email) rather than only reacting to a live conversation.', + shortValue: 'Trigger phrases, autonomous event triggers, connector events, schedules', + confidence: 'estimated', + sources: [ + { + url: 'https://adoption.microsoft.com/files/copilot-studio/Autonomous-agents-with-Microsoft-Copilot-Studio.pdf', + label: 'Autonomous Agents with Microsoft Copilot Studio', + asOf: '2026-07-02', + }, + ], + }, + customCodeSteps: { + value: + 'No generic inline script step in the conversational designer; custom logic is reached via agent flows composed of Power Automate flow actions, or custom connectors wrapping an Azure Function or REST/SOAP API', + detail: + 'Agent flows are built with the same low-code flow-action model as Power Automate, not an arbitrary code editor; a custom connector can front an Azure Function to run bespoke code as a callable action.', + shortValue: + 'No inline script step; custom logic via agent flows or Azure Function connectors', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/advanced-flow-create', + label: 'Create an agent flow as a tool - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + apiPublishing: { + value: + 'Yes: a published agent is reachable over the Azure Bot Service Direct Line API/channel, giving external code a callable HTTP interface into the conversation, alongside the standard chat channels', + detail: + 'Direct Line is the same Bot Framework mechanism used to embed a custom canvas or drive an agent from an external application, rather than a distinct, separately branded API-publishing feature.', + shortValue: 'Yes, via the Azure Bot Service Direct Line channel/API', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/publication-connect-bot-to-azure-bot-service-channels', + label: + 'Publish an agent to Azure Bot Service channels - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + extensibilitySdk: { + value: + 'Microsoft Bot Framework SDK and custom-canvas hosting for programmatic chat-UI control, the Power Platform CLI (pac CLI) for solution/pipeline scripting, and the shared, open-source microsoft/PowerPlatformConnectors GitHub repo for community connector submissions', + detail: + 'No separate, independently monetized third-party marketplace exists beyond the shared certified-connector catalog; custom canvas hosting lets a developer take full programmatic control of the chat surface via Bot Framework.', + shortValue: 'Bot Framework SDK, custom canvas, pac CLI, open-source connector repo', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/customize-default-canvas', + label: + 'Customize the look and feel of an agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/microsoft/PowerPlatformConnectors', + label: 'microsoft/PowerPlatformConnectors GitHub repo', + asOf: '2026-07-02', + }, + ], + }, + mcpPublishing: { + value: + "No: public documentation describes Copilot Studio primarily consuming MCP servers (adding an existing server's tools/resources to an agent), the reverse direction. No documented feature lets a maker publish a specific Copilot Studio agent itself as its own callable MCP server for external AI tools to invoke.", + detail: + 'Guidance on exposing an MCP server for Copilot Studio to reach describes hosting a custom MCP server separately (e.g. via Azure Container Apps or VS Code dev tunnels) and connecting Copilot Studio to it as a client, not publishing the agent as a server.', + shortValue: 'Consumes MCP servers; no publish-your-own-agent-as-MCP feature found', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/mcp-add-components-to-agent', + label: + 'Add tools and resources from a Model Context Protocol (MCP) server to your agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + }, + pricing: { + pricingModel: { + value: + 'Consumption-based Copilot Credits, purchasable as prepaid capacity packs, pay-as-you-go against an Azure subscription, or a discounted annual commitment, billed across separately metered feature rates (classic/generative answers, agent actions, tenant graph grounding, agent flow actions, three tiers of AI tools, three tiers of voice)', + detail: + 'Microsoft 365 Copilot licensed users get included usage at no additional Copilot Credit charge for employee-facing (business-to-employee) scenarios, up to documented fair-usage limits.', + shortValue: 'Consumption-based Copilot Credits, several metered feature rates', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/requirements-messages-management', + label: 'Billing rates and management - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + entryPaidPlan: { + value: + 'Copilot Studio Pre-Purchase Plan: $200/month for a 25,000 Copilot Credit capacity pack (roughly 20% cheaper than pay-as-you-go), or pay-as-you-go at $0.01 per Copilot Credit with no upfront commitment', + detail: + 'Both require an active Azure subscription for billing; a $200 free Azure credit is available for new accounts to trial the pay-as-you-go meter.', + shortValue: '$200/month for 25,000 credits, or $0.01/credit pay-as-you-go', + confidence: 'verified', + sources: [ + { + url: 'https://www.microsoft.com/en-us/microsoft-365-copilot/pricing/copilot-studio', + label: 'Microsoft 365 Copilot Pricing - AI Agents | Copilot Studio', + asOf: '2026-07-02', + }, + ], + }, + freeTier: { + value: + 'No permanent free tier for building/running agents at production scale; a $200 Azure account credit and a Copilot Studio trial are available for new users, and Microsoft 365 Copilot licensed users get included agent usage for internal, employee-facing scenarios', + detail: + "The $200 Azure credit functions as a one-time trial allowance against the pay-as-you-go Copilot Credit meter, not an ongoing free plan; Microsoft 365 Copilot's included usage only applies to authenticated, licensed-user interactions.", + shortValue: 'Trial credit and licensed-user included usage, no ongoing free tier', + confidence: 'verified', + sources: [ + { + url: 'https://www.microsoft.com/en-us/microsoft-365-copilot/pricing/copilot-studio', + label: 'Microsoft 365 Copilot Pricing - AI Agents | Copilot Studio', + asOf: '2026-07-02', + }, + ], + }, + byok: { + value: + 'Yes, for the underlying model rather than a raw provider API key: a maker can bring a specific Azure AI Foundry model deployment (via its endpoint URI, deployment name, and API key) into a prompt as a first-class Bring Your Own Model option, billed separately from the standard Copilot Credit meters', + detail: + "Documented as currently available for individual prompts/tools; Microsoft's release plan lists using a brought-in model as the agent's primary response model, not just in prompts, as a future preview capability.", + shortValue: 'Yes, via a bring-your-own Azure AI Foundry model deployment', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/bring-your-own-model-prompts', + label: + 'Bring your own model for your prompts - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + }, + security: { + soc2: { + value: + 'Yes: Copilot Studio has been audited to be compliant with SOC, with SOC audit reports available from the Microsoft Service Trust Portal', + detail: + "Copilot Studio's own admin-certification documentation states it has been audited to be compliant with SOC, without specifying SOC 1 vs SOC 2 vs report Type on that particular page; the underlying Power Platform SOC 2 Type 2 attestation separately covers Commercial and GCC environments.", + shortValue: 'Audited SOC compliant, reports via Microsoft Service Trust Portal', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-certification', + label: + 'Review ISO, SOC, and HIPAA compliance - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + dataResidency: { + value: + 'Yes: organizations can create agents in a specific environment/region so agent data resides within that geography, with Microsoft replicating only within the same geographic area for durability', + detail: + "Covered in Copilot Studio's dedicated geographic data residency documentation, distinct from the general Power Platform environment-region setting.", + shortValue: 'Region-selectable environments keep agent data in-geography', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/geo-data-residency-security', + label: + 'Geographic data residency - Security - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + rbac: { + value: + 'Yes: Dataverse-backed security roles (System Administrator, Environment Maker, Bot Contributor, Bot Transcript Viewer, Analytics Viewer, and others) scope who can author, publish, view transcripts for, or view analytics on an agent, assignable directly or via Microsoft Entra ID group teams', + detail: + 'Controlling agent creation requires layering tenant-level licensing/Author-group access with environment-level security roles, since neither alone is sufficient; Bot Transcript Viewer specifically scopes access to conversation transcripts.', + shortValue: + 'Dataverse security roles (System Admin, Bot Contributor, Transcript Viewer, etc.)', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/sec-gov-phase3', + label: + 'Secure your Copilot Studio projects - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + auditLogging: { + value: + 'Yes: Copilot Studio provides dedicated audit logging covering admin, maker, and user activity across agents, viewable in the Microsoft Purview compliance portal', + detail: + 'Documented in a Copilot Studio-specific audit-logging article, distinct from the general Microsoft 365 unified audit log Power Automate relies on for the same purpose.', + shortValue: 'Yes, dedicated admin/maker/user audit logging via Microsoft Purview', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-logging-copilot-studio', + label: + 'View audit logs for admins, makers, and users of Copilot Studio - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + additionalCompliance: { + value: + 'HIPAA (Business Associate Agreement), HITRUST CSF, FedRAMP, multiple ISO standards (9001, 20000-1, 22301, 27001, 27017, 27018, 27701), PCI DSS, CSA STAR, UK G-Cloud, Singapore MTCS Level 3, Korea K-ISMS, and Spain ENS, each with an audit report on the Microsoft Service Trust Portal', + detail: + "This is the full list from Copilot Studio's own admin-certification documentation; each certification links to a corresponding audit report or certificate rather than being a bare marketing claim.", + shortValue: 'HIPAA, HITRUST, FedRAMP, multiple ISO standards, PCI DSS, CSA STAR, and more', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-certification', + label: + 'Review ISO, SOC, and HIPAA compliance - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + modelAndToolGovernance: { + value: + 'Yes: admins can enable or restrict which non-default LLMs (e.g. Anthropic Claude) are available tenant-wide, and Data Loss Prevention policies classify connectors, and therefore the tools built from them, into Business/Non-Business/Blocked groups at the tenant or environment level', + detail: + 'Model access control is a distinct admin toggle from DLP connector classification; together they cover both which model an agent may use and which connector-backed tools it may call.', + shortValue: 'Yes, admin-toggled model access plus DLP-based connector/tool classification', + confidence: 'estimated', + sources: [ + { + url: 'https://www.microsoft.com/en-us/microsoft-copilot/blog/copilot-studio/anthropic-joins-the-multi-model-lineup-in-microsoft-copilot-studio/', + label: 'Anthropic joins the multi-model lineup in Microsoft Copilot Studio', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/power-platform/admin/wp-data-loss-prevention', + label: 'Data policies - Power Platform | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + credentialGovernance: { + value: + 'No: Data Loss Prevention policies and Advanced Connector Policies govern access at the connector/action/endpoint level (e.g. blocking the SharePoint connector tenant-wide), not at the level of restricting which specific stored credential or connection a given role may use for the same connector', + detail: + 'This is the same Power Platform DLP model Power Automate uses, since Copilot Studio agent flows and connectors sit on the same underlying platform.', + shortValue: 'DLP governs connectors, not specific stored credentials by role', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/power-platform/admin/wp-data-loss-prevention', + label: 'Data policies - Power Platform | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + whiteLabeling: { + value: + 'No: agent-level branding is limited to a custom name, icon, and accent color in Settings, or fully hosting a custom canvas web app for the chat window (via CSS/JavaScript or the Bot Framework SDK); there is no documented option to remove Microsoft/Copilot Studio branding from the authoring canvas or the default published chat UI itself.', + detail: + 'A custom canvas gives full programmatic control over the embedded chat experience, but that is a developer-built replacement UI, not a native white-labeling setting inside the product.', + shortValue: 'No, only name/icon/color or a fully custom-built chat canvas', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/customize-default-canvas', + label: + 'Customize the look and feel of an agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + dataRetention: { + value: + 'Partial: session/transcript detail in the Analytics area defaults to a 28-day window (conversation transcripts downloadable for 29 days), extendable only via a separate export pipeline (Azure Synapse Link for Dataverse into Azure Data Lake Storage Gen2) rather than a built-in, admin-configurable retention setting for that transcript detail', + detail: + "This differs from Power Automate's own flow-run-history retention, which is directly admin-configurable in the Power Platform admin center (28/14/7 days or a custom Dataverse field edit); Copilot Studio's session-transcript detail requires the export workaround instead.", + shortValue: '28-day default transcript window; longer retention needs a manual export', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/analytics-transcripts-studio', + label: + 'Understand downloaded session data from Copilot Studio - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + piiRedaction: { + value: + 'Yes, but as a block rather than in-line redaction: Microsoft Purview inline Data Loss Prevention for Copilot Studio agents (public preview) scans prompts sent to an agent in real time for Sensitive Information Types (SSNs, credit card numbers, custom types), and blocks the prompt from being processed, with no AI response generated, if one is detected before the agent is invoked.', + detail: + 'This stops sensitive content from reaching the agent at all rather than redacting it in-line and continuing; it is configured as a Purview DLP policy targeting the Copilot Studio location, separate from the product itself.', + shortValue: 'Purview inline DLP blocks prompts containing detected PII before invocation', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/purview/ai-copilot-studio', + label: + 'Use Microsoft Purview to manage data security & compliance for Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + sso: { + value: + 'Yes: Copilot Studio and the wider Power Platform are built on Microsoft Entra ID, which natively supports SAML/OIDC single sign-on plus automatic user/app provisioning (SAML just-in-time and SCIM-based), so signing in via Entra ID grants org-level access without manual per-user account setup', + detail: + "SSO/provisioning is inherited from the Microsoft 365/Entra ID tenant rather than a Copilot Studio-specific setting, consistent with the rest of Microsoft's enterprise stack.", + shortValue: 'Yes, SSO via Entra ID (SAML/OIDC) with automatic provisioning', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/entra/identity/app-provisioning/user-provisioning', + label: + 'What is automated app user provisioning in Microsoft Entra ID | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + }, + observability: { + tracingDepth: { + value: + 'Yes: per-session conversation transcripts show which topic fired, which knowledge sources were consulted, which tools were called, which child agents or MCP servers were invoked, what the orchestration plan was, and how long each step took, alongside an Analytics dashboard with conversation volume, engagement, satisfaction, and response-quality metrics over time', + detail: + 'Telemetry can additionally be sent to Azure Monitor Application Insights, with a dedicated Copilot Studio dashboard workbook surfacing total conversations, latency, exceptions, tool usage, and topic analytics in one view for deeper analysis beyond the native session view.', + shortValue: 'Per-session traces (topic/tools/knowledge/timing) plus a metrics dashboard', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/agents-experience/analytics-overview', + label: + 'Monitor an agent overview (preview) - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/advanced-bot-framework-composer-capture-telemetry', + label: + 'Capture telemetry with Application Insights - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + durabilityModel: { + value: + 'Yes for agent-flow steps: because agent flows are built on the Power Automate flow engine, individual flow actions can use configurable retry policies with backoff, the same durability mechanism Power Automate exposes; a documented troubleshooting pattern for tool-call timeouts explicitly recommends adding retry with backoff', + detail: + 'This durability applies to the deterministic agent-flow layer; no separate, distinct replay/checkpoint mechanism specific to the conversational/generative-orchestration layer itself was found.', + shortValue: + 'Yes, per-action retry with backoff inherited from the Power Automate flow engine', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/troubleshoot/power-platform/copilot-studio/authoring/error-codes', + label: 'Understand Error Codes - Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + failureAlerting: { + value: + "Partial: proactive failure alerting is reachable through Azure Monitor Application Insights alerts on exceptions/latency once telemetry is wired up, but no Copilot Studio-native, automatic per-run failure-email or weekly-digest feature (comparable to Power Automate's flow-failure notifications) was found in vendor documentation.", + detail: + "Copilot Studio's own Analytics area is dashboard/lookup-based (a maker must open it to see failures), whereas the alerting capability that pushes a notification depends on separately configuring Application Insights alert rules.", + shortValue: + 'Alerting requires configuring Application Insights; no native failure-email feature found', + confidence: 'unknown', + sources: [], + }, + dataDrains: { + value: + 'Yes: telemetry can be continuously streamed to Azure Monitor Application Insights, and conversation transcripts/custom analytics data stored in Dataverse can be continuously exported via Azure Synapse Link for Dataverse into Azure Data Lake Storage Gen2 in Common Data Model format', + detail: + 'This is the same Azure-native export pattern documented for Power Automate/Power Platform more broadly (Microsoft Sentinel for audit/activity logs, Application Insights for telemetry), not a generic user-configurable webhook/S3/BigQuery drain built directly into Copilot Studio.', + shortValue: 'Yes, exports to Application Insights and Azure Data Lake via Synapse Link', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/custom-analytics-strategy', + label: + 'Develop a custom analytics strategy - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + asyncExecution: { + value: + "Yes: agent flows inherit the Power Automate flow engine's asynchronous response pattern (an HTTP 202 plus a Location header the caller polls), letting a long-running flow action continue beyond a synchronous request's time limit", + detail: + 'Agent flow actions invoked by an agent are still bound by a documented 100-second action limit within a conversational turn, distinct from the longer-running asynchronous pattern available to a flow triggered independently of a live conversation.', + shortValue: 'Yes, via the same 202 + Location polling pattern as Power Automate', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/power-automate/guidance/coding-guidelines/asychronous-flow-pattern', + label: 'Use asynchronous responses - Power Automate | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + executionLimits: { + value: + 'Microsoft publishes concrete limits: agent flow actions invoked by an agent must respond within roughly 100-120 seconds per conversational turn; express-mode flow runs are capped at 100 actions and a 64 KB message size per action; and generative AI/Copilot Credit throttling applies per Dataverse environment when consumption exceeds capacity.', + detail: + 'These limits are specific to the agent-flow/tool-calling layer inside a live conversation; the underlying flow engine also carries the broader Power Automate execution limits (30-day max run, etc.) when a flow runs independently of an agent turn.', + shortValue: '~100-120s per-turn action limit, 100-action/64KB express-mode cap', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/agent-flow-express-mode', + label: + 'Speed up agent flow execution with express mode (preview) - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/troubleshoot/power-platform/copilot-studio/licensing/throttling-errors-agents', + label: + 'Resolve usage limit and agent unavailable errors in Copilot Studio agents - Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + partialFailureHandling: { + value: + 'Yes for agent-flow steps: because agent flows run on the Power Automate flow engine, an individual failing action can be routed to an error-handling path via the same per-action "Configure run after" (has failed / is skipped / has timed out) setting, letting the rest of the flow continue rather than the whole run always halting', + detail: + 'This inherits directly from the Power Automate flow-action model agent flows are built on; no separate, distinct partial-failure mechanism specific to the conversational/topic layer was found.', + shortValue: "Yes, via the inherited per-action 'Configure run after' setting", + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/power-automate/guidance/coding-guidelines/error-handling', + label: 'Employ robust error handling - Power Automate | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + }, + support: { + supportChannels: { + value: + 'Documentation via Microsoft Learn, the Power Platform/Power Users community forum and Microsoft Q&A for general questions, and the Microsoft 365 Admin Center for business-critical, SLA-based support requests', + detail: + "Microsoft's own guidance distinguishes routine community/Q&A support from business-critical issues, which are directed specifically to the Microsoft 365 Admin Center support flow rather than the public forums.", + shortValue: 'Docs, community/Q&A forums, and Admin Center for business-critical issues', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-365/copilot/extensibility/feedback', + label: + 'Microsoft 365 Copilot Developer Community Support and Feedback Channels | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + sla: { + value: + 'Not publicly documented as a Copilot Studio-specific, financially backed SLA; general Microsoft Online Services SLA terms (covering Azure, Dynamics 365, Office 365) apply, with a widely cited 99.9% uptime commitment for other core Microsoft 365 services', + detail: + 'Reporting on Copilot outages has specifically noted enterprise customers lack the same financially backed SLA protection for Copilot that exists for core services like Exchange Online or file storage.', + shortValue: 'No product-specific SLA found; general Online Services SLA applies', + confidence: 'unknown', + sources: [], + }, + community: { + value: + 'Large: an active, Microsoft-hosted Power Platform/Power Users community forum with structured Q&A on building, publishing, and troubleshooting Copilot Studio agents, plus Microsoft Q&A for developer-specific questions', + detail: + 'The same community forum infrastructure serves the broader Power Platform (Power Apps, Power Automate, Copilot Studio), rather than a dedicated, separately branded Copilot Studio-only forum.', + shortValue: 'Large, shared Power Platform community forum plus Microsoft Q&A', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-365/copilot/extensibility/feedback', + label: + 'Microsoft 365 Copilot Developer Community Support and Feedback Channels | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, + companyMaturity: { + value: + 'Microsoft Corporation. Founded April 4, 1975. Approximately 228,000 employees. Market capitalization approximately $2.8 trillion USD. Publicly traded (NASDAQ: MSFT) with quarterly revenue in the $80B+ range as of FY2026 SEC filings', + detail: + "Copilot Studio is a product within Microsoft's Power Platform/Business Applications segment, backed by Microsoft's overall corporate scale rather than an independent startup.", + shortValue: 'Microsoft Corporation. Public, ~228,000 employees', + confidence: 'verified', + sources: [ + { + url: 'https://www.sec.gov/Archives/edgar/data/0000789019/000119312526191457/msft-ex99_1.htm', + label: 'Microsoft Corp 8-K FY2026 filing', + asOf: '2026-07-02', + }, + { + url: 'https://stockanalysis.com/stocks/msft/market-cap/', + label: 'Microsoft (MSFT) Market Cap - StockAnalysis.com', + asOf: '2026-07-02', + }, + ], + }, + academy: { + value: + 'Yes: Microsoft Learn provides structured, self-paced training paths, hands-on labs (Microsoft Copilot Studio Labs, Agent Academy), and official certifications spanning Copilot Studio and the broader Power Platform, including Microsoft Certified: Power Platform Fundamentals (PL-900)', + detail: + 'Beyond formal certification paths, Microsoft publishes dedicated, scenario-based hands-on labs (mcs-labs, agent-academy) specifically for Copilot Studio, going beyond ad hoc docs or blog content.', + shortValue: 'Microsoft Learn courses, hands-on labs, and PL-900 certification', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/credentials/certifications/power-platform-fundamentals/', + label: + 'Microsoft Certified: Power Platform Fundamentals - Certifications | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://microsoft.github.io/mcs-labs/labs/setup-for-success/', + label: + 'Set yourself up for success & discover ALM best practices | Microsoft Copilot Studio Labs', + asOf: '2026-07-02', + }, + ], + }, + }, + }, +} diff --git a/apps/sim/lib/compare/data/competitors/openclaw.ts b/apps/sim/lib/compare/data/competitors/openclaw.ts new file mode 100644 index 00000000000..9a5b3685fb5 --- /dev/null +++ b/apps/sim/lib/compare/data/competitors/openclaw.ts @@ -0,0 +1,1073 @@ +import { OpenClawIcon } from '@/components/icons' +import type { CompetitorProfile } from '@/lib/compare/data/types' + +/** Researched and cross-verified against live vendor sources on 2026-07-02. */ +export const openClawProfile: CompetitorProfile = { + id: 'openclaw', + name: 'OpenClaw', + website: 'https://openclaw.ai', + isWorkflowBuilder: false, + brand: { + icon: OpenClawIcon, + selfFramed: false, + colors: ['#ff4d4d', '#991b1b', '#00e5cc'], + source: 'OpenClaw brand icon color inspection', + asOf: '2026-07-02', + }, + oneLiner: + "OpenClaw is a free, open-source, self-hosted personal AI agent that runs on a user's own machine or server and connects to messaging platforms (WhatsApp, Telegram, Slack, Discord, Signal, iMessage, Microsoft Teams, and others) as its primary interface, extensible via a Skills plugin system and the ClawHub marketplace. It is not a visual workflow/automation builder like Sim, n8n, or Power Automate.", + standoutFeatures: [ + { + title: '22+ messaging channels as the native interface', + description: + 'OpenClaw ships a multi-channel inbox connecting one assistant to WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, iMessage, Microsoft Teams, IRC, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, and more, so the user talks to the same agent from whichever chat app they already use, rather than a dedicated web builder UI.', + shortDescription: 'One agent reachable from 22+ chat apps instead of a dedicated builder UI.', + source: { + url: 'https://docs.openclaw.ai/start/openclaw', + label: 'OpenClaw Docs: Personal assistant setup', + asOf: '2026-07-02', + }, + }, + { + title: 'ClawHub Skills marketplace with multi-scanner security pipeline', + description: + 'Skills are Markdown-based instruction packages (SKILL.md files) installable from the public ClawHub registry, git repos, or local directories. Every published skill is scanned by a ClawScan pipeline combining static analysis, VirusTotal, and NVIDIA SkillSpector (added June 2026) before receiving a Clean/Suspicious/Malicious verdict and a Skill Card documenting provenance.', + shortDescription: + 'Markdown skills from ClawHub, each scanned by static analysis, VirusTotal, and SkillSpector.', + source: { + url: 'https://openclaw.ai/blog/openclaw-nvidia-skill-security', + label: 'OpenClaw Blog: OpenClaw Collaborates with NVIDIA for Stronger Agent Skill Security', + asOf: '2026-07-02', + }, + }, + { + title: 'Sub-agent orchestration for parallel background work', + description: + 'A running agent can spawn sub-agents, background runs in their own isolated session and (by default) sandbox, that work in parallel on research, long-running tools, or verification tasks and report results back to the requesting chat when finished, up to a documented 2-level nesting depth.', + shortDescription: + 'Spawns isolated sub-agents that run tasks in parallel and report back to chat.', + source: { + url: 'https://docs.openclaw.ai/tools/subagents', + label: 'OpenClaw Docs: Sub-agents', + asOf: '2026-07-02', + }, + }, + { + title: 'Native MCP client over stdio and HTTP/SSE', + description: + "OpenClaw connects to external Model Context Protocol servers by adding an mcpServers block to its config, giving the agent tool access to any of the published MCP ecosystem's servers (GitHub, Notion, Postgres, Slack, and others) without custom integration code.", + shortDescription: + 'Connects to any MCP server (stdio or HTTP/SSE) by editing one config block.', + source: { + url: 'https://docs.openclaw.ai/cli/mcp', + label: 'OpenClaw Docs: MCP', + asOf: '2026-07-02', + }, + }, + { + title: 'Markdown-file memory instead of an opaque vector store', + description: + "Long-term memory is stored as plain, human-readable Markdown files (daily notes plus a curated MEMORY.md), layered with semantic search (memorySearch) rather than hiding retrieved context inside a vector database the user can't inspect or edit directly.", + shortDescription: + 'Long-term memory lives in editable Markdown files, not a hidden vector store.', + source: { + url: 'https://docs.openclaw.ai/concepts/memory', + label: 'OpenClaw Docs: Memory overview', + asOf: '2026-07-02', + }, + }, + { + title: 'Foundation-governed, MIT-licensed, with committed multi-year sponsorship', + description: + 'Following creator Peter Steinberger joining OpenAI in February 2026, governance passed to the independent, non-profit OpenClaw Foundation (board of community-elected maintainers), with OpenAI committing sponsorship funding and inference/security support (Codex Security scanning) rather than owning the project outright.', + shortDescription: + 'MIT-licensed, run by a non-profit Foundation with OpenAI sponsorship, not one company.', + source: { + url: 'https://openclaw.ai/ecosystem/', + label: 'OpenClaw Ecosystem page', + asOf: '2026-07-02', + }, + }, + ], + limitations: [ + { + title: 'Single-operator trust model. No multi-user RBAC or org-level admin controls', + description: + 'OpenClaw\'s own security documentation states its design assumes "one trusted operator boundary per gateway (single-user, personal-assistant model)" rather than hostile multi-tenant isolation. There is no documented role-based access control, org/team admin console, or per-user permission model comparable to a team collaboration platform.', + shortDescription: + 'Designed for one trusted operator per install, not multi-user org admin controls.', + source: { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + }, + { + title: 'ClawHub marketplace has documented, ongoing supply-chain security incidents', + description: + 'Independent research found 283 ClawHub skills (roughly 7.1% of the registry at the time) leaking API keys and other credentials, and a separate scan identified 24 accounts distributing over 600 malicious skills before scanning was introduced. OpenClaw has since added VirusTotal and SkillSpector scanning, but its own documentation still tells users to "treat third-party skills as untrusted code."', + shortDescription: + 'Researchers found hundreds of ClawHub skills leaking credentials or containing malware.', + source: { + url: 'https://snyk.io/blog/openclaw-skills-credential-leaks-research/', + label: 'Snyk: 280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII', + asOf: '2026-07-02', + }, + }, + { + title: 'No deployable API/webhook endpoint or visual workflow builder', + description: + 'OpenClaw is a chat-interface agent gateway, not a workflow/automation platform. There is no documented feature to publish a configured agent, skill, or automation as a callable REST/webhook endpoint for external systems, and no drag-and-drop canvas for composing multi-step logic.', + shortDescription: + 'No feature to publish an agent or automation as a callable API/webhook endpoint.', + source: { + url: 'https://docs.openclaw.ai/', + label: 'OpenClaw Docs home', + asOf: '2026-07-02', + }, + }, + { + title: 'No enterprise compliance certifications (SOC 2, ISO 27001, HIPAA)', + description: + 'As a self-hosted open-source project run by a non-profit foundation rather than a vendor selling a hosted service, OpenClaw does not publish any SOC 2, ISO 27001, HIPAA, or similar third-party compliance attestation. Security responsibility for data-at-rest and processing falls entirely on the operator running their own instance.', + shortDescription: + 'No SOC 2/ISO/HIPAA attestations; the self-hosting operator owns all compliance risk.', + source: { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + }, + { + title: 'Rapid rebranding and name churn created real confusion and scam risk', + description: + 'The project launched in November 2025 as "Warelay," was renamed to "Clawdbot," then to "Moltbot" on January 27, 2026 after an Anthropic trademark complaint over similarity to "Claude," then to "OpenClaw" three days later. Coverage from the period documents resulting scam/impersonation activity (including a reported $16M crypto scam) riding the confusion of the name changes.', + shortDescription: + 'Three name changes in about ten weeks, including an Anthropic trademark dispute, fueled scam activity.', + source: { + url: 'https://en.wikipedia.org/wiki/OpenClaw', + label: 'Wikipedia: OpenClaw', + asOf: '2026-07-02', + }, + }, + ], + facts: { + platform: { + builderType: { + value: + 'Conversational, config-driven personal AI agent gateway (not a visual or drag-and-drop workflow/agent builder). Behavior is set via a JSON configuration file (openclaw.json) and Markdown Skill files, and the agent itself is operated by sending it chat messages, not by wiring blocks on a canvas.', + detail: + 'The docs describe OpenClaw as "a self-hosted gateway that connects your favorite chat apps...to AI coding agents," configured through a CLI (openclaw onboard, openclaw channels login) and JSON/Markdown files rather than a graphical builder.', + shortValue: 'Conversational config-driven agent, not a visual builder', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/', + label: 'OpenClaw Docs home', + asOf: '2026-07-02', + }, + { + url: 'https://docs.openclaw.ai/start/openclaw', + label: 'OpenClaw Docs: Personal assistant setup', + asOf: '2026-07-02', + }, + ], + }, + learningCurve: { + value: + 'Moderate to steep for initial self-hosted setup; low for day-to-day chat use once running', + detail: + 'Installing OpenClaw requires Node.js 22.19+/24, a package manager (pnpm/npm/bun), CLI onboarding commands, and editing JSON configuration for channels, providers, and security policy (e.g. DM pairing, sandbox mode). Once running, interacting with the agent is plain natural-language chat, no technical skill required for that part.', + shortValue: 'Technical setup, but simple chat once configured', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/', + label: 'OpenClaw Docs home', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/openclaw/openclaw', + label: 'openclaw/openclaw (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + selfHostOption: { + value: + "Yes: self-hosting is the only deployment model. OpenClaw runs as a single Gateway process on the user's own machine or server; there is no OpenClaw-operated hosted/SaaS version.", + detail: + 'Docs describe the Gateway as running locally and being "the single source of truth for sessions, routing, and channel connections," with a local workspace at ~/.openclaw/workspace.', + shortValue: 'Yes, self-hosting only, no vendor-hosted SaaS option', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/', + label: 'OpenClaw Docs home', + asOf: '2026-07-02', + }, + ], + }, + deploymentOptions: { + value: + 'Local install via npm/pnpm/bun on macOS, Windows, or Linux; from-source build via a pnpm workspace; Docker/docker-compose; plus companion macOS app and iOS/Android mobile "nodes" that connect to a locally run Gateway', + detail: + 'The GitHub repo documents `npm install -g openclaw@latest` plus `openclaw onboard --install-daemon` as the recommended path, alongside from-source and Docker installs, and platform-specific companion apps (Windows Hub, macOS app, iOS/Android nodes).', + shortValue: 'Local install, Docker, or from source; no hosted option', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/openclaw/openclaw', + label: 'openclaw/openclaw (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + templates: { + value: + 'No workflow templates in the visual-builder sense (OpenClaw has no workflow canvas); ClawHub instead offers 60,000+ community-built Skills as installable starter packages for specific tasks', + detail: + "ClawHub's live registry lists over 60,000 community-built skills and 56,000+ certified skills, functioning as the closest analog to a template gallery, but each is a Markdown instruction package installed into the agent, not a prebuilt multi-step workflow.", + shortValue: '60,000+ ClawHub skills, not workflow templates', + confidence: 'estimated', + sources: [ + { + url: 'https://clawhub.ai/', + label: 'ClawHub registry', + asOf: '2026-07-02', + }, + ], + }, + license: { + value: + 'MIT License (permissive open source), stewarded by the independent, non-profit OpenClaw Foundation rather than a single vendor company', + detail: + "The GitHub repository's LICENSE file confirms MIT licensing. Governance passed from individual creator Peter Steinberger to a community-elected Foundation board after he joined OpenAI in February 2026; OpenAI is a Foundation sponsor (inference support and Codex Security scanning) but does not own the project.", + shortValue: 'MIT license, non-profit Foundation governance', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/openclaw/openclaw/blob/main/LICENSE', + label: 'openclaw/openclaw LICENSE file', + asOf: '2026-07-02', + }, + { + url: 'https://openclaw.ai/ecosystem/', + label: 'OpenClaw Ecosystem page', + asOf: '2026-07-02', + }, + ], + }, + environmentPromotion: { + value: + 'N/A: no dev/staging/production environment-promotion concept exists. OpenClaw is a single running agent instance configured by one JSON file, not a deployable multi-stage application.', + detail: + 'There is no documented feature for forking or promoting a full agent configuration/project between separate environments; configuration changes apply directly to the running Gateway.', + shortValue: 'No dev/staging/prod concept', + confidence: 'estimated', + sources: [], + }, + versionControlDepth: { + value: + 'No native version history, diff/compare, or rollback feature for agent configuration or Skills inside the product; users can optionally track their own config/skill files in an external Git repository', + detail: + 'Skills and memory are plain files on disk (SKILL.md, MEMORY.md, openclaw.json), which a user can manually place under their own Git repository for versioning, but OpenClaw itself does not ship a built-in change-history or restore UI for these files.', + shortValue: 'No built-in version history; files can be user-Git-tracked', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/concepts/memory', + label: 'OpenClaw Docs: Memory overview', + asOf: '2026-07-02', + }, + ], + }, + realtimeCollaboration: { + value: + "No: OpenClaw's security model explicitly assumes a single trusted operator per Gateway instance, not multiple simultaneous users collaboratively editing the same agent configuration or session with live cursors/synced state.", + detail: + 'The security documentation states the design is a "single-user, personal-assistant model," which structurally excludes any live multi-user co-editing concept.', + shortValue: 'No: single-operator design, no live multi-user co-editing', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + nativeFileStorage: { + value: + "No: OpenClaw has no cloud file-storage product of its own (no folder hierarchy, link-based sharing with password/SSO, or deleted-item recovery). It reads/writes files directly on the operator's own local filesystem or connected apps (e.g. via MCP servers, channel attachments), inside a sandboxed workspace directory.", + detail: + 'Tool access defaults to sandbox-isolated directories under the local workspace (~/.openclaw/workspace); there is no first-party hosted file-storage/sharing surface distinct from the local filesystem.', + shortValue: 'No: operates on the local filesystem, no hosted file store', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + dataTables: { + value: + 'No: OpenClaw has no native spreadsheet-like data table feature. Its structured, persistent data primitives are plain Markdown memory files (daily notes and MEMORY.md) plus whatever external tools (databases, spreadsheets) it reaches via MCP servers or Skills, not a first-party grid UI.', + detail: + 'Memory documentation describes Markdown files as the source of truth for continuity/state, deliberately chosen over a hidden database for transparency and human readability, the opposite design goal of a spreadsheet-grid product.', + shortValue: 'No: Markdown memory files, no native data-table object', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/concepts/memory', + label: 'OpenClaw Docs: Memory overview', + asOf: '2026-07-02', + }, + ], + }, + richTextEditor: { + value: + "No: OpenClaw has no inline WYSIWYG rich-text editor. Documents it produces or edits (including its own memory files) are plain Markdown text files edited by the agent or the user's own text editor, not a rendered rich-text surface inside a product UI.", + detail: + 'Memory and Skills are both explicitly plain Markdown (.md) files on disk; there is no documented in-app rendered rich-text editing surface.', + shortValue: 'No: plain Markdown files, no in-app WYSIWYG editor', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/concepts/memory', + label: 'OpenClaw Docs: Memory overview', + asOf: '2026-07-02', + }, + ], + }, + }, + aiCapabilities: { + multiLlmSupport: { + value: + 'Yes: bundled support for Anthropic Claude, OpenAI (via Codex OAuth), and Google Gemini, plus any OpenAI-compatible endpoint including local runtimes like Ollama', + detail: + 'OpenClaw ships with the pi-ai model catalog for Anthropic, OpenAI, and Google Gemini (auth via CLI login/token flows), and documents compatibility with local models (Ollama, auto-detected at http://127.0.0.1:11434/v1) and other OpenAI-compatible providers (Moonshot/Kimi, Cerebras, MiniMax, DeepSeek, Groq, xAI, and others).', + shortValue: 'Anthropic, OpenAI, Gemini, Ollama, and OpenAI-compatible endpoints', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/concepts/model-providers', + label: 'OpenClaw Docs: Model providers', + asOf: '2026-07-02', + }, + ], + }, + agentReasoningBlocks: { + value: + 'N/A in the block-based sense: OpenClaw has no visual builder with distinct "reasoning" vs. "routing" node types. The entire agent is a single conversational reasoning loop (with optional sub-agent delegation), not composed from discrete blocks.', + detail: + 'Reasoning happens inside the model\'s own agent loop per turn; the closest structural analog is spawning a sub-agent for a distinct sub-task, not a dedicated "agent block" placed on a canvas.', + shortValue: 'No block-based builder; reasoning is the whole agent loop', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/subagents', + label: 'OpenClaw Docs: Sub-agents', + asOf: '2026-07-02', + }, + ], + }, + naturalLanguageBuilding: { + value: + 'Yes, in the sense that natural language is the entire interaction model, but this is not "building a workflow" from a prompt: there is no workflow artifact for a prompt to generate. Configuration (channels, providers, security policy) is instead done via JSON files and CLI commands, not natural-language authoring.', + detail: + 'OpenClaw\'s design intentionally splits operational config (JSON/CLI, technical) from agent interaction (chat, natural language); the two are not the same axis as a workflow-builder\'s "describe it and get an editable workflow" feature.', + shortValue: 'Chat is natural language; config is JSON/CLI, not NL-generated', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/start/openclaw', + label: 'OpenClaw Docs: Personal assistant setup', + asOf: '2026-07-02', + }, + ], + }, + knowledgeBaseRag: { + value: + "Partial: a built-in semantic-search memory system (memorySearch) indexes the operator's own Markdown notes for natural-language retrieval, but there is no dedicated knowledge-base module for ingesting arbitrary documents (PDF, DOCX, websites) into a managed vector database the way a workflow platform's KB module does.", + detail: + "memorySearch uses vector embeddings over the user's own Markdown files (daily notes, MEMORY.md) for semantic recall; broader document ingestion/RAG over arbitrary file types would rely on external MCP servers or Skills rather than a first-party KB feature.", + shortValue: 'Semantic search over own Markdown notes, not a general KB/RAG module', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/concepts/memory', + label: 'OpenClaw Docs: Memory overview', + asOf: '2026-07-02', + }, + ], + }, + mcpSupport: { + value: + 'Yes: native MCP client support over both stdio and HTTP/SSE transports, connecting to any published MCP server by adding an mcpServers block to the OpenClaw config', + detail: + 'Documented as compatible with "the entire published ecosystem of MCP servers" (e.g. GitHub, Notion, Postgres, Slack); no evidence OpenClaw itself can be published as an MCP server for external tools to call (see mcpPublishing).', + shortValue: 'Yes, MCP client over stdio and HTTP/SSE', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/cli/mcp', + label: 'OpenClaw Docs: MCP', + asOf: '2026-07-02', + }, + ], + }, + evaluationGuardrails: { + value: + 'No dedicated eval/regression-testing framework for agent behavior; safety-relevant controls instead take the form of exec approval gates, sandboxing, and skill security scanning (ClawScan/SkillSpector/VirusTotal), not a test-dataset evaluation feature.', + detail: + 'The security documentation covers exec approvals, sandbox tiers, and DM/group access policy, not a systematic evaluation harness for scoring agent output quality against expected results.', + shortValue: 'No eval framework; safety is via approvals/sandboxing/scanning', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + humanInTheLoop: { + value: + "Yes: a per-command exec-approval system prompts the operator with Allow Once / Always Allow / Don't Allow for new command patterns before the agent can run them, distinct from a plain delay step", + detail: + 'Documented as one of three permission gates (agent-level tool allow/deny, sandbox-level tool filter, and exec approvals), configurable per-agent via a security/ask mode; this is host command execution approval specifically, not a general-purpose "pause and wait for any human input" workflow node.', + shortValue: 'Yes, per-command exec approval prompts (Allow Once/Always/Deny)', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/sandbox-vs-tool-policy-vs-elevated', + label: 'OpenClaw Docs: Sandbox vs tool policy vs elevated', + asOf: '2026-07-02', + }, + ], + }, + generativeMedia: { + value: + 'Yes: documented tools for image generation, video generation (text-to-video, image-to-video, video-to-video), music/audio generation, and text-to-speech, each running asynchronously except TTS which runs synchronously', + detail: + 'The image_generate, video_generate, and music_generate tools post results into the chat session when ready; TTS defaults to ElevenLabs but also supports Azure Speech and Google Cloud TTS, with SSML/voice customization.', + shortValue: 'Yes, image/video/music generation and TTS tools', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/media-overview', + label: 'OpenClaw Docs: Media overview', + asOf: '2026-07-02', + }, + { + url: 'https://docs.openclaw.ai/tools/tts', + label: 'OpenClaw Docs: Text-to-speech', + asOf: '2026-07-02', + }, + ], + }, + dynamicToolUse: { + value: + 'Yes: the agent dynamically selects among its configured tools, connectors, and installed Skills at runtime based on the request, rather than following a pre-wired sequence of steps chosen at build time', + detail: + 'This is the core operating model described throughout the docs (tool/skill dispatch decided per-turn by the agent), the natural consequence of there being no visual builder with pre-wired steps in the first place.', + shortValue: 'Yes, picks tools/skills dynamically per request', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/skills', + label: 'OpenClaw Docs: Skills', + asOf: '2026-07-02', + }, + ], + }, + modelFallback: { + value: 'Unknown', + detail: + 'No public OpenClaw documentation was found describing an automatic fallback to a different model or provider when the configured model errors or is rate-limited.', + shortValue: 'Not publicly documented', + confidence: 'unknown', + sources: [], + }, + agentSkills: { + value: + 'Yes: Skills are named, reusable Markdown instruction packages (SKILL.md plus optional reference files/scripts) that a builder writes once and the agent invokes by name or automatically when context matches, installable individually from ClawHub, git, or a local path', + detail: + 'Skills follow the AgentSkills specification, support YAML frontmatter for gating (OS, environment variables, config flags) and slash-command exposure, and are resolved via a documented precedence order across workspace, project, personal, and managed/bundled skill directories.', + shortValue: 'Yes: named, reusable Skills (SKILL.md), installable from ClawHub', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/skills', + label: 'OpenClaw Docs: Skills', + asOf: '2026-07-02', + }, + ], + }, + nativeChatDeployment: { + value: + 'N/A / not applicable in the usual sense: OpenClaw\'s entire product is a chat surface (messaging-platform channels), so there is no separate "deploy as a public chat widget" feature the way a workflow builder has, because chat is the interface itself, not an optional deployment target.', + detail: + 'The agent is reached through the messaging channels the operator has connected it to (WhatsApp, Telegram, Slack, etc.) or a local Web Control UI; there is no documented feature to publish a standalone, unauthenticated public-facing chat widget for arbitrary website visitors.', + shortValue: 'N/A: chat is the native interface, not a separate deploy target', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/', + label: 'OpenClaw Docs home', + asOf: '2026-07-02', + }, + ], + }, + kbChunkVisibility: { + value: + 'Unknown: no public documentation describes a chunk-level debugging or inspection UI for memorySearch results. Because memory is stored as plain, human-readable Markdown files rather than an opaque vector store, a user can inspect the underlying source files directly, but that is not the same as a purpose-built chunk-index/metadata debugging view.', + detail: + "OpenClaw's stated design goal (transparency via plain Markdown files) reduces the need for a chunk-inspection UI, but no such feature is documented to exist.", + shortValue: 'Unknown: no chunk-debug UI documented, source files are readable', + confidence: 'unknown', + sources: [], + }, + parallelExecution: { + value: + 'Yes: sub-agents can run in parallel, working simultaneously on separate tasks (e.g. research, content generation, verification) and report back to the requesting session, up to a documented 2-level nesting depth (main session can spawn depth-1 sub-agents, which can spawn depth-2 workers, where depth-2 spawning further sub-agents is denied)', + detail: + 'Each sub-agent gets its own session identifier, context window, and execution environment (with optional sandboxing), isolated from the main session and from sibling sub-agents.', + shortValue: 'Yes, parallel sub-agents up to 2 levels of nesting', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/subagents', + label: 'OpenClaw Docs: Sub-agents', + asOf: '2026-07-02', + }, + ], + }, + a2aProtocol: { + value: + 'No native support: OpenClaw does not ship first-party Agent2Agent (A2A) protocol support. Community-built plugins (e.g. an A2A v0.3.0 gateway plugin) let OpenClaw agents discover and communicate with other A2A-compliant agents, but this is a third-party addition, not a built-in core feature.', + detail: + 'A GitHub feature request for native A2A support exists on the openclaw/openclaw repo; as of this check, A2A capability is provided only through separately maintained community plugins.', + shortValue: 'No, only via third-party community plugins', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/openclaw/openclaw/issues/12401', + label: + 'openclaw/openclaw GitHub issue: Native Agent-to-Agent Communication (A2A Protocol Support)', + asOf: '2026-07-02', + }, + ], + }, + }, + integrations: { + integrationCount: { + value: + '22+ native messaging channels plus 60,000+ community-built Skills and MCP access to the broader MCP server ecosystem', + detail: + "Native channel integrations (WhatsApp, Telegram, Slack, Discord, Signal, iMessage, Microsoft Teams, and more) are documented directly; ClawHub's live registry separately lists over 60,000 community-built skills (56,000+ certified) as of this check, and MCP support adds access to hundreds of third-party MCP servers on top of that.", + shortValue: '22+ channels, 60,000+ Skills, plus MCP servers', + confidence: 'estimated', + sources: [ + { + url: 'https://openclaw.ai/', + label: 'OpenClaw homepage', + asOf: '2026-07-02', + }, + { + url: 'https://clawhub.ai/', + label: 'ClawHub registry', + asOf: '2026-07-02', + }, + ], + }, + triggerTypes: { + value: + 'Inbound chat messages on connected channels, and cron-based scheduled jobs (main-session or isolated-session runs); no documented generic external webhook/event trigger', + detail: + 'Cron jobs run agent prompts on a schedule using Croner syntax, with either "main session" delivery (enqueues a system event, optionally wakes the heartbeat) or an isolated dedicated session per run, pruned after a retention window (24 hours by default).', + shortValue: 'Chat messages and cron schedules; no generic webhook trigger', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/automation/cron-jobs', + label: 'OpenClaw Docs: Scheduled tasks (cron jobs)', + asOf: '2026-07-02', + }, + ], + }, + customCodeSteps: { + value: + 'Yes: the agent can read/write files and run shell commands/scripts directly (subject to exec approval and sandbox policy), rather than through a discrete "code step" primitive in a visual workflow', + detail: + 'This is native agent capability (shell exec, file read/write) governed by the three-tier permission system (agent tool allow/deny, sandbox tool filter, exec approvals), not a workflow-builder code block a user drops into a defined step sequence.', + shortValue: 'Yes, via sandboxed shell/file execution, not a workflow code block', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/sandbox-vs-tool-policy-vs-elevated', + label: 'OpenClaw Docs: Sandbox vs tool policy vs elevated', + asOf: '2026-07-02', + }, + ], + }, + apiPublishing: { + value: + 'No: there is no documented mechanism to publish an OpenClaw agent, skill, or automation as a callable REST/webhook API endpoint for external systems to invoke.', + detail: + 'OpenClaw is reached through messaging channels or a local Web Control UI, not through a deployable API surface; the Gateway itself exposes local control endpoints for its own CLI/UI, not a public API product feature.', + shortValue: 'No API endpoint deployment feature', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/', + label: 'OpenClaw Docs home', + asOf: '2026-07-02', + }, + ], + }, + extensibilitySdk: { + value: + 'Skill-authoring specification (AgentSkills/SKILL.md) plus a plugin system for channels/providers, and an open-source GitHub organization (~70 repos spanning SDKs, hosted agents, crawlers, and skill registries) rather than one single unified SDK product', + detail: + 'The docs describe skill authoring (frontmatter, gating, tool dispatch), a plugin mechanism used for channels like Matrix/Nostr/Twitch/Zalo, and a broader open-source "federation" of related projects under the openclaw GitHub org.', + shortValue: 'Skill spec, plugin system, and a ~70-repo OSS ecosystem', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/skills', + label: 'OpenClaw Docs: Skills', + asOf: '2026-07-02', + }, + { + url: 'https://openclaw.ai/ecosystem/', + label: 'OpenClaw Ecosystem page', + asOf: '2026-07-02', + }, + ], + }, + mcpPublishing: { + value: + 'Unknown/Not documented as a first-party feature: OpenClaw is documented as an MCP client (consuming external MCP servers), and one third-party community project (openclaw-mcp) provides a bridge exposing an OpenClaw instance itself as an MCP server, but no official OpenClaw feature to publish agent capability as an MCP server was found.', + detail: + 'The reverse direction, letting external MCP clients call into OpenClaw, exists only via community-built bridge projects (e.g. a Claude.ai-to-OpenClaw OAuth2 bridge), not as a documented first-party capability.', + shortValue: 'No first-party feature; only third-party bridge projects', + confidence: 'unknown', + sources: [], + }, + }, + pricing: { + pricingModel: { + value: + 'Free and open source (MIT license); no OpenClaw subscription fee. Users separately pay their chosen LLM provider (Anthropic, OpenAI, Google, etc.) for model usage, or run a local model at no marginal API cost.', + detail: + 'There is no OpenClaw-branded paid plan, since the software itself carries no license fee and there is no hosted SaaS tier; the only recurring cost is whichever model provider/API the operator configures.', + shortValue: 'Free software, pay only your own model provider', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/openclaw/openclaw/blob/main/LICENSE', + label: 'openclaw/openclaw LICENSE file', + asOf: '2026-07-02', + }, + ], + }, + entryPaidPlan: { + value: + 'N/A: there is no paid OpenClaw plan or tier. The software is free under the MIT license.', + detail: + 'No pricing page or paid-tier documentation exists for OpenClaw itself; costs incurred are entirely third-party (LLM provider API usage, optional TTS/media-generation provider fees, hosting for a VPS if not run on a personal machine).', + shortValue: 'N/A, no paid plan exists', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/openclaw/openclaw/blob/main/LICENSE', + label: 'openclaw/openclaw LICENSE file', + asOf: '2026-07-02', + }, + ], + }, + freeTier: { + value: + 'Yes: the entire product is free and open source under the MIT license; there is no metered or gated free tier because there is no paid tier at all.', + detail: + 'This differs from a typical vendor "free tier" that caps usage, OpenClaw itself imposes no OpenClaw-side usage limits; only the configured LLM provider\'s own rate limits/costs apply.', + shortValue: 'Yes, entirely free (MIT license), no usage cap by OpenClaw itself', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/openclaw/openclaw/blob/main/LICENSE', + label: 'openclaw/openclaw LICENSE file', + asOf: '2026-07-02', + }, + ], + }, + byok: { + value: + 'Yes, and mandatory: OpenClaw requires the operator to supply their own API credentials/OAuth login for whichever model provider(s) they configure (Anthropic, OpenAI, Google, or any OpenAI-compatible endpoint); there is no OpenClaw-hosted model access.', + detail: + 'Onboarding documentation walks through provider-specific auth flows (e.g. `openclaw models auth paste-token --provider anthropic`, `openclaw models auth login --provider openai-codex`), confirming BYOK is the only supported model-access model.', + shortValue: 'Yes, mandatory; no OpenClaw-hosted model access', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/concepts/model-providers', + label: 'OpenClaw Docs: Model providers', + asOf: '2026-07-02', + }, + ], + }, + }, + security: { + soc2: { + value: + 'No: OpenClaw is a self-hosted open-source project run by a non-profit Foundation, not a vendor selling a hosted service, and does not publish a SOC 2 report.', + detail: + 'No SOC 2 attestation, trust center, or third-party audit report was found for OpenClaw; responsibility for infrastructure security rests entirely with whoever self-hosts the Gateway.', + shortValue: 'No SOC 2 report published', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + dataResidency: { + value: + 'Yes, by construction: because OpenClaw is self-hosted only, all agent data (sessions, memory files, credentials) resides wherever the operator chooses to run the Gateway (laptop, homelab, or their own VPS/cloud region), giving complete control over data location with no vendor-side residency question.', + detail: + 'The OpenClaw Ecosystem page states data lives "where you choose, laptop, homelab, or VPS," a direct consequence of there being no vendor-operated cloud service.', + shortValue: 'Yes, fully controlled by self-hosting location', + confidence: 'verified', + sources: [ + { + url: 'https://openclaw.ai/ecosystem/', + label: 'OpenClaw Ecosystem page', + asOf: '2026-07-02', + }, + ], + }, + rbac: { + value: + 'No: OpenClaw has no documented role-based access control system. Its security model is explicitly a "single-user, personal-assistant model" with one trusted operator per Gateway, not multiple roles/permission tiers for different users of the same instance.', + detail: + 'Access control that does exist is channel/message-level (DM pairing policy, group allowlists, per-agent tool allow/deny), not a user-role permission matrix.', + shortValue: 'No: single-operator model, no role/permission tiers', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + auditLogging: { + value: + 'Partial: a local `openclaw security audit` CLI command checks inbound access policy, tool blast radius, filesystem permissions, and network exposure, and session transcripts are stored as local JSONL files with sensitive content redacted by default, but this is a local diagnostic/log-file feature, not a centralized, exportable audit-log product.', + detail: + 'Findings are grouped by severity with checkId keys (e.g. gateway.bind_no_auth); transcripts live at ~/.openclaw/agents//sessions/*.jsonl, accessible to any process with filesystem access to that path, so there is no access-controlled central audit store.', + shortValue: 'Local audit CLI + redacted JSONL transcripts, not a central log product', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + additionalCompliance: { + value: + 'No compliance certifications documented (no HIPAA, ISO 27001, GDPR-specific attestation, PCI, or FedRAMP). As open-source, self-hosted software from a non-profit Foundation, OpenClaw itself is not the kind of vendor entity that typically pursues these certifications; any such compliance posture would depend entirely on how and where the operator self-hosts it.', + detail: + "China restricted state enterprises/government agencies from deploying OpenClaw in March 2026 over security concerns, per Wikipedia's history summary, one data point on the compliance/trust landscape rather than a certification.", + shortValue: 'None documented; compliance posture depends on self-hosting operator', + confidence: 'estimated', + sources: [ + { + url: 'https://en.wikipedia.org/wiki/OpenClaw', + label: 'Wikipedia: OpenClaw', + asOf: '2026-07-02', + }, + ], + }, + modelAndToolGovernance: { + value: + 'Yes, at the single-operator level: OpenClaw supports per-agent tool allow/deny lists, sandbox-level tool filters, and per-model-provider configuration, so an operator can restrict which tools/models a given agent may use, though this is configured by one trusted operator, not enforced org-wide across multiple admin-managed users.', + detail: + 'Documented as a three-gate system (agent-level tools.allow/deny, sandbox-level tools.allow, and container network access), plus explicit provider/model selection per agent in configuration.', + shortValue: 'Yes, operator-configured per-agent tool/model restrictions', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + credentialGovernance: { + value: + 'No: OpenClaw has no per-role credential-scoping system (there are no multiple roles to scope), and its own security docs flag that home-directory credential paths (~/.aws, ~/.ssh, ~/.npm, etc.) must be explicitly blocked from sandbox mounts as a hardening step, rather than being governed by a built-in fine-grained credential-access policy layer.', + detail: + 'The docs list credential-root directories the sandbox blocks by default (docker.sock, /etc, /proc, /sys, /dev, plus ~/.aws, ~/.cargo, ~/.config, ~/.docker, ~/.gnupg, ~/.netrc, ~/.npm, ~/.ssh), which is a deny-list hardening measure, not a positive credential-governance feature.', + shortValue: 'No: sandbox deny-lists credential paths, no role-scoped governance', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + whiteLabeling: { + value: + 'No: OpenClaw has no documented white-labeling feature. As a personal, self-hosted agent (not a product a business deploys to its own end customers under its own brand), rebranding the product UI/name is not a use case the docs address.', + detail: + 'No public documentation describes replacing OpenClaw branding for a deployed customer-facing product; the concept does not map cleanly onto a personal-assistant tool the way it does for a workflow platform with deployed apps.', + shortValue: 'No white-labeling feature documented', + confidence: 'estimated', + sources: [], + }, + dataRetention: { + value: + 'Yes, operator-configurable: isolated sub-agent/cron sessions are pruned after a retention window (24 hours by default), and because all data lives in local files (session JSONL transcripts, memory Markdown files), the self-hosting operator has full control over retention (including deleting files immediately).', + detail: + "The default 24-hour retention is documented specifically for isolated cron-job sessions; the main session's own history and memory files persist until the operator manually prunes them, giving complete operator-side control rather than a vendor-set policy.", + shortValue: 'Yes, operator-controlled; isolated sessions default to 24h', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/automation/cron-jobs', + label: 'OpenClaw Docs: Scheduled tasks (cron jobs)', + asOf: '2026-07-02', + }, + ], + }, + piiRedaction: { + value: + 'Partial: session logging redacts sensitive tool summaries and URLs by default (logging.redactSensitive: "tools"), but this is generic sensitive-data log redaction, not a dedicated, named PII-detection feature (e.g. SSNs, credit card numbers) applied to conversation content itself.', + detail: + 'The security documentation confirms redaction applies to logging output, not to what the agent itself sees or processes mid-conversation.', + shortValue: 'Partial: log redaction only, not conversation-content PII detection', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + sso: { + value: + 'No: OpenClaw has no SAML/OIDC single sign-on feature. Its access model authenticates individual senders on connected messaging channels (DM pairing, allowlists), a single-operator personal tool, not an organization with a directory of employees signing in via an identity provider.', + detail: + 'SSO/organization-provisioning is structurally out of scope for a "single-user, personal-assistant model" as OpenClaw\'s own security documentation frames it.', + shortValue: 'No: single-operator model has no SSO/IdP concept', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + }, + observability: { + tracingDepth: { + value: + 'Local JSONL session transcripts (per agent, per session) capture the conversation and tool-call history, and a `/subagents` command shows spawned sub-agent status, but there is no customer-facing dashboard or span-level distributed-tracing product; this is raw log-file level detail rather than a rendered trace UI.', + detail: + 'Transcripts are stored at ~/.openclaw/agents//sessions/*.jsonl with sensitive content redacted by default; inspecting them means reading the raw file (or building tooling on top), not a built-in visual trace viewer.', + shortValue: 'Raw JSONL session logs, no dashboard/trace UI', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/gateway/security', + label: 'OpenClaw Docs: Security', + asOf: '2026-07-02', + }, + ], + }, + durabilityModel: { + value: + 'Partial: cron-scheduled jobs run as isolated sessions that start clean and get pruned after a retention window, giving each run a clean, repeatable environment, but no documented automatic retry-with-backoff or checkpoint/replay-of-a-past-run feature was found for either scheduled jobs or interactive chat sessions.', + detail: + 'The cron docs describe delivery diagnostics (intended target, resolved target, fallback delivery used, final delivered state) for message delivery specifically, not a general execution-retry/checkpoint mechanism.', + shortValue: 'Clean isolated cron runs; no documented retry/checkpoint system', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/automation/cron-jobs', + label: 'OpenClaw Docs: Scheduled tasks (cron jobs)', + asOf: '2026-07-02', + }, + ], + }, + failureAlerting: { + value: + 'Partial: cron job runs report delivery diagnostics (whether the agent sent directly, whether fallback delivery was used, the final delivered state) back through the chat channel, but no separate proactive alerting mechanism (email/webhook alert on failure or cost/latency threshold) is documented.', + detail: + 'Failure visibility is folded into the normal chat-delivery flow (the operator sees the delivery outcome in the channel where the job reports), not a distinct alerting/notification product feature.', + shortValue: 'Delivery diagnostics via chat, no separate alerting feature', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/automation/cron-jobs', + label: 'OpenClaw Docs: Scheduled tasks (cron jobs)', + asOf: '2026-07-02', + }, + ], + }, + dataDrains: { + value: + "No: no documented feature to continuously export execution/session data to an external destination (S3, BigQuery, Datadog, webhook, etc). Because all data already lives in local files under the operator's control, any such export would be a user-built script against those local files, not a first-party OpenClaw data-drain feature.", + detail: + "No SIEM/export integration comparable to a hosted platform's log-streaming feature was found in OpenClaw's own documentation.", + shortValue: 'No native export feature; only local files', + confidence: 'estimated', + sources: [], + }, + asyncExecution: { + value: + "Yes: generative media tools (image/video/music generation) explicitly run asynchronously in the background and post results into the chat session when ready, and cron jobs run independently of any single interactive chat session; however, unlike a cloud-hosted platform, the Gateway process itself must remain running on the operator's machine/server for any of this to execute.", + detail: + 'This differs from a fully server-hosted workflow platform in one respect, if the machine running the Gateway is off, no async or scheduled execution happens, since there is no separate cloud execution layer independent of the self-hosted process.', + shortValue: 'Yes, but only while the self-hosted Gateway process is running', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/media-overview', + label: 'OpenClaw Docs: Media overview', + asOf: '2026-07-02', + }, + { + url: 'https://docs.openclaw.ai/automation/cron-jobs', + label: 'OpenClaw Docs: Scheduled tasks (cron jobs)', + asOf: '2026-07-02', + }, + ], + }, + executionLimits: { + value: + 'No fixed platform-wide execution-time or concurrency ceiling is published by OpenClaw itself. Sub-agent nesting is capped at 2 levels deep (depth-2 sessions cannot spawn further sub-agents), and any other limits (request timeouts, rate limits) come from whichever LLM provider API the operator has configured, not from OpenClaw.', + detail: + "Because OpenClaw runs on infrastructure the operator controls, execution-time/concurrency limits are a function of that operator's own hardware and their model provider's API limits, not a documented OpenClaw-side ceiling.", + shortValue: + 'No OpenClaw-side limit; only sub-agent depth cap (2 levels) and provider limits', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/subagents', + label: 'OpenClaw Docs: Sub-agents', + asOf: '2026-07-02', + }, + ], + }, + partialFailureHandling: { + value: + 'Partial: because sub-agents run in isolated sessions, one sub-agent failing does not halt sibling sub-agents or the main session, an implicit form of failure isolation, but there is no documented explicit "route this failed step to an error-handling path while the rest of the run continues" mechanism the way a branching workflow builder offers.', + detail: + 'Isolation here comes from sub-agent session/sandbox separation by design, not from a dedicated try/catch or conditional-branch construct users configure per step.', + shortValue: 'Implicit isolation via sub-agent sessions, no explicit branching error path', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/subagents', + label: 'OpenClaw Docs: Sub-agents', + asOf: '2026-07-02', + }, + ], + }, + }, + support: { + supportChannels: { + value: + 'Community-driven support via official documentation, the GitHub repository/issue tracker, and the broader OpenClaw ecosystem/community channels; no dedicated paid vendor support desk, since there is no vendor selling a support contract.', + detail: + 'The project is community-maintained under Foundation governance; support is the standard open-source model of docs, GitHub issues, and community discussion rather than a ticketed enterprise support line.', + shortValue: 'Docs, GitHub issues, community; no paid vendor support desk', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/openclaw/openclaw', + label: 'openclaw/openclaw (GitHub)', + asOf: '2026-07-02', + }, + ], + }, + sla: { + value: 'Not publicly documented', + detail: + 'No SLA is published, expected for free, self-hosted, community-governed open-source software with no vendor-operated service to guarantee uptime for.', + shortValue: 'No SLA (self-hosted community project)', + confidence: 'unknown', + sources: [], + }, + community: { + value: + "Large and very fast-growing: the GitHub repository reached roughly 382,000 stars as of this check, reported by multiple sources as the fastest-growing and, by some accounts, most-starred non-aggregator open-source project in GitHub's history, alongside an active ClawHub skill-sharing community.", + detail: + 'Reported growth milestones include 9,000 stars in the first 24 hours after launch (as Clawdbot, November 2025) and 247,000+ stars by March 2, 2026; exact current star counts fluctuate and are best checked live on the GitHub repository.', + shortValue: '~382,000 GitHub stars, extremely rapid growth since Nov 2025', + confidence: 'estimated', + sources: [ + { + url: 'https://github.com/openclaw/openclaw', + label: 'openclaw/openclaw (GitHub)', + asOf: '2026-07-02', + }, + { + url: 'https://en.wikipedia.org/wiki/OpenClaw', + label: 'Wikipedia: OpenClaw', + asOf: '2026-07-02', + }, + ], + }, + companyMaturity: { + value: + 'Not a company: OpenClaw is a community open-source project created by developer Peter Steinberger, first published November 2025 (as "Warelay," later "Clawdbot"). It was renamed "Moltbot" on January 27, 2026 after an Anthropic trademark dispute, then "OpenClaw" three days later. Steinberger joined OpenAI in February 2026 and handed governance to the newly formed, independent, non-profit OpenClaw Foundation, which OpenAI sponsors with multi-year funding and security support.', + detail: + 'This is a markedly different maturity profile than an incorporated vendor: under nine months old under its current name as of this check, extremely fast user/star growth, one primary original author, and governance now vested in a young non-profit foundation rather than an operating company with a multi-year track record.', + shortValue: 'Community/non-profit project, <9 months old under current name', + confidence: 'verified', + sources: [ + { + url: 'https://en.wikipedia.org/wiki/OpenClaw', + label: 'Wikipedia: OpenClaw', + asOf: '2026-07-02', + }, + { + url: 'https://openclaw.ai/ecosystem/', + label: 'OpenClaw Ecosystem page', + asOf: '2026-07-02', + }, + ], + }, + academy: { + value: + 'No: OpenClaw has no structured courses, certification program, or formal academy. Learning resources are the official documentation site (docs.openclaw.ai), the GitHub repository, and third-party community blog posts/guides, not a vendor-run curriculum.', + detail: + 'No certification or structured learning-path product was found on official OpenClaw sources, consistent with it being a community open-source project rather than a vendor with a dedicated training business line.', + shortValue: 'No: docs and community guides only, no formal courses/certification', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/', + label: 'OpenClaw Docs home', + asOf: '2026-07-02', + }, + ], + }, + }, + }, +} diff --git a/apps/sim/lib/compare/data/index.ts b/apps/sim/lib/compare/data/index.ts index 96f0d4df511..aaf20b4444c 100644 --- a/apps/sim/lib/compare/data/index.ts +++ b/apps/sim/lib/compare/data/index.ts @@ -1,10 +1,15 @@ export { claudeCoworkProfile } from '@/lib/compare/data/competitors/claude-cowork' +export { crewaiProfile } from '@/lib/compare/data/competitors/crewai' +export { dustProfile } from '@/lib/compare/data/competitors/dust' export { flowiseProfile } from '@/lib/compare/data/competitors/flowise' export { gumloopProfile } from '@/lib/compare/data/competitors/gumloop' +export { langchainProfile } from '@/lib/compare/data/competitors/langchain' export { langflowProfile } from '@/lib/compare/data/competitors/langflow' export { makeProfile } from '@/lib/compare/data/competitors/make' +export { microsoftCopilotProfile } from '@/lib/compare/data/competitors/microsoft-copilot' export { n8nProfile } from '@/lib/compare/data/competitors/n8n' export { openaiAgentkitProfile } from '@/lib/compare/data/competitors/openai-agentkit' +export { openClawProfile } from '@/lib/compare/data/competitors/openclaw' export { pipedreamProfile } from '@/lib/compare/data/competitors/pipedream' export { powerAutomateProfile } from '@/lib/compare/data/competitors/power-automate' export { retoolProfile } from '@/lib/compare/data/competitors/retool' From d466ba02b7a268ddf1ff5b8d89b4bd156ce429fd Mon Sep 17 00:00:00 2001 From: waleed Date: Fri, 3 Jul 2026 07:25:15 -0700 Subject: [PATCH 2/7] fix(comparison): fix two more FAQ text-mangling bugs found during final audit - lowercaseFirst only guarded against 2+ CONSECUTIVE leading capitals (acronyms like "AI"/"SSO"), so CamelCase brand names with a single leading capital (LangChain, OpenClaw, CrewAI) got their first letter wrongly lowercased ("langChain provides..."). Now checks for 2+ uppercase letters anywhere in the leading word, which covers both acronyms and CamelCase brand names. - parseFactValue and summarizeFact's boolean-prefix stripping only recognized "Yes:"/"No:" (colon), but "Yes, ..."/"No, ..." (comma) is an equally common phrasing already used across ~15 existing facts (stackai, pipedream, workato, zapier, etc.), so those facts kept their leading comma when stitched into an FAQ answer (e.g. "StackAI: , broad support..."). Both now accept either separator. Found by systematically sweeping every "Sim vs X" FAQ answer across all 20 competitor pages for garbled/mis-cased text, not just the 5 newly added ones. --- .../app/(landing)/comparison/fact-status.ts | 12 ++++++----- apps/sim/app/(landing)/comparison/utils.ts | 20 +++++++++++++------ 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/apps/sim/app/(landing)/comparison/fact-status.ts b/apps/sim/app/(landing)/comparison/fact-status.ts index f65dc8a19d7..51f3c6a2b0a 100644 --- a/apps/sim/app/(landing)/comparison/fact-status.ts +++ b/apps/sim/app/(landing)/comparison/fact-status.ts @@ -10,15 +10,17 @@ export interface ParsedFact { // The negative lookahead (?![a-zA-Z]) requires the "Yes"/"No" token to end at a word // boundary, so values like "Not documented" or "Not publicly documented" (which start // with the letters "No" but aren't the boolean token) fall through to 'neutral' instead -// of being misread as a "No" status. -const STATUS_PREFIX = /^(Yes|No)(?![a-zA-Z])(?::\s*)?(.*)$/s +// of being misread as a "No" status. The separator group accepts either a colon +// ("Yes: ...") or a comma ("Yes, but ...") since both are used throughout the dataset. +const STATUS_PREFIX = /^(Yes|No)(?![a-zA-Z])(?:[:,]\s*)?(.*)$/s /** * Splits a {@link Fact.value} string into a status (for a compact icon) and * the remaining descriptive text. Every fact in `apps/sim/lib/compare/data` - * that represents a yes/no capability is written as `"Yes: ..."` / `"No: - * ..."`. This is the single place that convention is parsed, so the - * comparison table and the key-differences strip render it identically. + * that represents a yes/no capability is written as `"Yes: ..."` / `"No: ..."`, + * or occasionally `"Yes, ..."` / `"No, ..."` as a more natural continuation. + * This is the single place that convention is parsed, so the comparison table + * and the key-differences strip render it identically. */ export function parseFactValue(value: string): ParsedFact { const match = value.match(STATUS_PREFIX) diff --git a/apps/sim/app/(landing)/comparison/utils.ts b/apps/sim/app/(landing)/comparison/utils.ts index 04d7fb87c15..caf4b0cd34c 100644 --- a/apps/sim/app/(landing)/comparison/utils.ts +++ b/apps/sim/app/(landing)/comparison/utils.ts @@ -204,21 +204,29 @@ export function ensurePeriod(value: string): string { return /[.!?]$/.test(value) ? value : `${value}.` } -/** Lowercases the first letter of `value`, unless it starts with an acronym (e.g. "AI", "SSO", "MCP"). */ +/** + * Lowercases the first letter of `value`, unless its leading word is an acronym + * (e.g. "AI", "SSO", "MCP") or a CamelCase brand name (e.g. "LangChain", + * "OpenClaw", "CrewAI") - detected by 2+ uppercase letters anywhere in that + * word, not just consecutive at the start, since lowercasing either would + * mangle a proper noun ("langChain", "openClaw"). + */ export function lowercaseFirst(value: string): string { if (value.length === 0) return value - // Leave a leading acronym (2+ consecutive capitals, e.g. "AI", "SSO", "MCP") alone. - if (/^[A-Z]{2,}/.test(value)) return value + const leadingWord = value.match(/^[A-Za-z]+/)?.[0] ?? '' + const upperCaseCount = (leadingWord.match(/[A-Z]/g) ?? []).length + if (upperCaseCount >= 2) return value return value.charAt(0).toLowerCase() + value.slice(1) } /** * Composes {@link firstSentence} + {@link lowercaseFirst} + {@link ensurePeriod} for - * stitching a fact value mid-sentence. Strips a leading "Yes:"/"No:" token first so - * boolean facts don't produce mid-sentence "yes: ..."/"no: ..." fragments. + * stitching a fact value mid-sentence. Strips a leading "Yes:"/"No:" (or the + * comma-separated "Yes,"/"No,") token first so boolean facts don't produce + * mid-sentence "yes: ..."/"no: ..." fragments. */ function summarizeFact(value: string): string { - const stripped = value.replace(/^(Yes|No)(?![a-zA-Z])(?::\s*)?/, '').trim() + const stripped = value.replace(/^(Yes|No)(?![a-zA-Z])(?:[:,]\s*)?/, '').trim() const base = stripped.length > 0 ? stripped : value return ensurePeriod(lowercaseFirst(firstSentence(base))) } From bac8c6f1859b0dc978512d3382c7b13c781e343d Mon Sep 17 00:00:00 2001 From: waleed Date: Fri, 3 Jul 2026 10:51:05 -0700 Subject: [PATCH 3/7] feat(comparison): add sub-workflow composition and loop-block facts - Two new universal comparison facts across all 20 profiles: subWorkflows (calling a saved workflow as a reusable step inside another) and loopIteration (a dedicated sequential for-each/while loop container, distinct from concurrent Parallel execution) - Both are real Sim capabilities (Workflow block, Loop block) verified directly against the codebase and docs.sim.ai - Findings are genuinely mixed, not uniformly favorable: n8n, Zapier, Make, Workato, Retool, Power Automate, Gumloop, Vellum, Stack AI, Tines, Langflow, Flowise, Microsoft Copilot Studio, and LangChain all have some form of sub-workflow calling; Zapier and Gumloop's loop primitives run concurrently rather than sequentially (marked "Partial", not "No"); Pipedream, OpenAI AgentKit, Claude Cowork, CrewAI, Dust, and OpenClaw genuinely lack one or both --- .../comparison/comparison-sections.ts | 2 + .../compare/data/competitors/claude-cowork.ts | 40 ++++++++++++++++++ .../lib/compare/data/competitors/crewai.ts | 40 ++++++++++++++++++ apps/sim/lib/compare/data/competitors/dust.ts | 30 +++++++++++++ .../lib/compare/data/competitors/flowise.ts | 26 ++++++++++++ .../lib/compare/data/competitors/gumloop.ts | 40 ++++++++++++++++++ .../lib/compare/data/competitors/langchain.ts | 31 ++++++++++++++ .../lib/compare/data/competitors/langflow.ts | 26 ++++++++++++ apps/sim/lib/compare/data/competitors/make.ts | 40 ++++++++++++++++++ .../data/competitors/microsoft-copilot.ts | 42 +++++++++++++++++++ apps/sim/lib/compare/data/competitors/n8n.ts | 30 +++++++++++++ .../data/competitors/openai-agentkit.ts | 40 ++++++++++++++++++ .../lib/compare/data/competitors/openclaw.ts | 41 ++++++++++++++++++ .../lib/compare/data/competitors/pipedream.ts | 30 +++++++++++++ .../data/competitors/power-automate.ts | 35 ++++++++++++++++ .../lib/compare/data/competitors/retool.ts | 35 ++++++++++++++++ .../lib/compare/data/competitors/stackai.ts | 30 +++++++++++++ .../sim/lib/compare/data/competitors/tines.ts | 40 ++++++++++++++++++ .../lib/compare/data/competitors/vellum.ts | 35 ++++++++++++++++ .../lib/compare/data/competitors/workato.ts | 40 ++++++++++++++++++ .../lib/compare/data/competitors/zapier.ts | 40 ++++++++++++++++++ apps/sim/lib/compare/data/sim.ts | 27 ++++++++++++ apps/sim/lib/compare/data/types.ts | 4 ++ 23 files changed, 744 insertions(+) diff --git a/apps/sim/app/(landing)/comparison/comparison-sections.ts b/apps/sim/app/(landing)/comparison/comparison-sections.ts index 609955be3db..38c6d919e19 100644 --- a/apps/sim/app/(landing)/comparison/comparison-sections.ts +++ b/apps/sim/app/(landing)/comparison/comparison-sections.ts @@ -67,6 +67,7 @@ export const COMPARISON_SECTIONS: ComparisonSectionDef[] = [ { key: 'versionControlDepth', label: 'Version control' }, { key: 'realtimeCollaboration', label: 'Realtime collaboration' }, { key: 'nativeFileStorage', label: 'Native file storage' }, + { key: 'subWorkflows', label: 'Sub-workflows (composition)' }, ], }), defineSection({ @@ -114,6 +115,7 @@ export const COMPARISON_SECTIONS: ComparisonSectionDef[] = [ { key: 'nativeChatDeployment', label: 'Native chat deployment' }, { key: 'parallelExecution', label: 'Parallel execution' }, { key: 'a2aProtocol', label: 'Agent2Agent (A2A) protocol' }, + { key: 'loopIteration', label: 'Loop / iteration block' }, ], }), defineSection({ diff --git a/apps/sim/lib/compare/data/competitors/claude-cowork.ts b/apps/sim/lib/compare/data/competitors/claude-cowork.ts index 0b4614bea07..429fc7afec0 100644 --- a/apps/sim/lib/compare/data/competitors/claude-cowork.ts +++ b/apps/sim/lib/compare/data/competitors/claude-cowork.ts @@ -309,6 +309,26 @@ export const claudeCoworkProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "No: Claude Cowork has no visual workflow builder and no feature to call one saved task as a reusable step inside another task. Anthropic's own scheduled-tasks documentation describes each scheduled task as its own independent Cowork session with no documented composition or nesting mechanism.", + detail: + "Cowork's closest analog is model-driven 'sub-agent coordination', where Claude itself decides to break a single task into parallel sub-agent workstreams at run time. That is not a user-authored, reusable sub-workflow the way a workflow platform lets you call a saved flow as a step with explicit parent-waits-for-child data passing.", + shortValue: 'No: no task composition, only same-session sub-agents', + confidence: 'estimated', + sources: [ + { + url: 'https://support.claude.com/en/articles/13854387-schedule-recurring-tasks-in-claude-cowork', + label: 'Schedule recurring tasks in Claude Cowork', + asOf: '2026-07-02', + }, + { + url: 'https://support.claude.com/en/articles/13345190-get-started-with-claude-cowork', + label: 'Get started with Claude Cowork', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -534,6 +554,26 @@ export const claudeCoworkProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "No: Claude Cowork has no visual builder and no dedicated for-each/while loop container that iterates a set of steps over a list or fixed count. Anthropic's documentation describes scheduled tasks re-running on a time cadence (hourly/daily/weekly), not a loop node iterating over items within a single run.", + detail: + "The closest documented mechanism is Claude's own model-driven 'parallel workstreams' for breaking one task into concurrent sub-agents, which is the opposite of sequential per-item iteration and is not user-configurable as a loop primitive.", + shortValue: 'No: no loop/for-each container, only time-based re-runs', + confidence: 'estimated', + sources: [ + { + url: 'https://support.claude.com/en/articles/13854387-schedule-recurring-tasks-in-claude-cowork', + label: 'Schedule recurring tasks in Claude Cowork', + asOf: '2026-07-02', + }, + { + url: 'https://support.claude.com/en/articles/13345190-get-started-with-claude-cowork', + label: 'Get started with Claude Cowork', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/crewai.ts b/apps/sim/lib/compare/data/competitors/crewai.ts index 40b91cdf7f0..7c53ed3f598 100644 --- a/apps/sim/lib/compare/data/competitors/crewai.ts +++ b/apps/sim/lib/compare/data/competitors/crewai.ts @@ -321,6 +321,26 @@ export const crewaiProfile: CompetitorProfile = { confidence: 'estimated', sources: [], }, + subWorkflows: { + value: + 'No: no documented feature to call one Flow as a waiting sub-step inside another Flow', + detail: + 'CrewAI Flows orchestrate Crews and plain Python steps via @start/@listen/@router decorators, but no CrewAI source describes a dedicated primitive for invoking one saved Flow as a nested, synchronous sub-step of another Flow with the parent waiting on the child and exchanging state. A Flow can call a Crew (which is a form of composition), and community discussion covers Flows calling Crews or Crews/Tasks calling Flows, but not a first-class call-another-flow block.', + shortValue: 'No, Flows compose Crews but no documented nested-Flow-as-step feature', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/flows', + label: 'Flows - CrewAI Docs', + asOf: '2026-07-02', + }, + { + url: 'https://community.crewai.com/t/flows-calling-crews-or-crews-tasks-calling-flows/3684', + label: 'Flows calling Crews or Crews/Tasks calling Flows - CrewAI Community', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -542,6 +562,26 @@ export const crewaiProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'No: Flows have no dedicated for-each/while loop decorator, only manual state-tracked routing', + detail: + "CrewAI's own Flows documentation has no built-in loop/for-each container; repeating steps requires manually tracking an iteration counter in the Flow's state and looping back through @router/@listen methods until a condition is met, or calling a Crew's kickoff_for_each() to run a full crew once per item in a list. Neither is a single named, sequential loop block comparable to a visual builder's Loop node.", + shortValue: 'No dedicated loop node; manual state-router loops or kickoff_for_each', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/concepts/flows', + label: 'Flows - CrewAI Docs', + asOf: '2026-07-02', + }, + { + url: 'https://community.crewai.com/t/loops-in-a-flow/1306', + label: 'Loops in a flow - CrewAI Community', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/dust.ts b/apps/sim/lib/compare/data/competitors/dust.ts index f13e2893f64..cf8ac12f772 100644 --- a/apps/sim/lib/compare/data/competitors/dust.ts +++ b/apps/sim/lib/compare/data/competitors/dust.ts @@ -324,6 +324,21 @@ export const dustProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + 'Yes: a "Run agent" tool lets one Dust agent call another saved agent as a step, waiting for it to finish and receiving its output back before continuing', + detail: + 'By default the called agent runs in a separate conversation and returns its output to the calling agent, which then continues processing (the calling agent can also enable a handoff mode where the called agent responds directly to the user instead). Recursion is capped at a maximum depth of 4 nested calls.', + shortValue: '"Run agent" tool calls a saved agent as a step and returns its output', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/run-agent', + label: 'Run agent | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -547,6 +562,21 @@ export const dustProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + loopIteration: { + value: + 'No: Dust has no dedicated for-each/while loop container; its tools page lists default tools (data visualization, web search, file/image creation, agent memory, run-agent), third-party integrations, remote MCP servers, and Dust Apps, none of which is a loop/iterator block', + detail: + "Dust's agent builder is tool-and-instruction driven rather than a step-sequence canvas, so repeated execution over a list or count relies on the model's own reasoning (or delegating subtasks to sub-agents) rather than an explicit loop container that guarantees sequential per-item iteration.", + shortValue: "No dedicated loop/for-each block found in Dust's tool catalog", + confidence: 'estimated', + sources: [ + { + url: 'https://docs.dust.tt/docs/tools', + label: 'Tools | Dust Docs', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/flowise.ts b/apps/sim/lib/compare/data/competitors/flowise.ts index 7fb7c6c83aa..faf5c04b730 100644 --- a/apps/sim/lib/compare/data/competitors/flowise.ts +++ b/apps/sim/lib/compare/data/competitors/flowise.ts @@ -225,6 +225,19 @@ export const flowiseProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + subWorkflows: { + value: + "Yes: Flowise's Execute Flow node calls another saved Chatflow or Agentflow as a step, passes it input, waits for the child flow to finish, and receives its final output back to continue the parent flow.", + shortValue: 'Yes, via the Execute Flow node', + confidence: 'verified', + sources: [ + { + url: 'https://docs.flowiseai.com/using-flowise/agentflowv2', + label: 'Flowise Docs: Agentflow V2 (Execute Flow node)', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -431,6 +444,19 @@ export const flowiseProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "Yes: Flowise's Agentflow V2 has a dedicated Iteration node that takes an array and executes a nested sub-flow of steps once per item, running sequentially. Its separate Loop node instead jumps backward to re-run an earlier node (a retry cycle, not a collection iterator).", + shortValue: 'Yes, via the Iteration node (separate Loop node is retry-only)', + confidence: 'verified', + sources: [ + { + url: 'https://docs.flowiseai.com/using-flowise/agentflowv2', + label: 'Flowise Docs: Agentflow V2 (Iteration and Loop nodes)', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/gumloop.ts b/apps/sim/lib/compare/data/competitors/gumloop.ts index 8a7e87af167..e981d5e9ec4 100644 --- a/apps/sim/lib/compare/data/competitors/gumloop.ts +++ b/apps/sim/lib/compare/data/competitors/gumloop.ts @@ -326,6 +326,26 @@ export const gumloopProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + subWorkflows: { + value: + "Yes: a dedicated 'Subflow' feature lets any saved workflow be dropped in as a reusable node inside another workflow, with Input/Output nodes to pass parameters in and return values out", + detail: + "Gumloop docs describe Subflows as workflows that 'show up in your node library just like native nodes' once built, so they can be dragged onto the canvas of any other flow, wired to Input nodes for parameters and Output nodes for return values. When a list is connected to a Subflow node it runs once per list item (Loop Mode) rather than a single time. Public docs do not explicitly state whether the parent execution blocks until the subflow completes, but since a Subflow is embedded as a node in the parent's directed graph (not invoked over a separate async webhook call), later nodes depending on its outputs necessarily wait for it to resolve.", + shortValue: 'Yes: Subflow node calls a saved workflow as a step', + confidence: 'verified', + sources: [ + { + url: 'https://docs.gumloop.com/core-concepts/subflows', + label: 'Subflows - Gumloop docs', + asOf: '2026-07-02', + }, + { + url: 'https://www.gumloop.com/university/lessons/subflows', + label: 'Gumloop University: Subflows', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -566,6 +586,26 @@ export const gumloopProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "Partial: Gumloop's only documented iteration primitive is 'Loop Mode', the same mechanism already covered under parallelExecution, which auto-triggers when a list is connected to a node or Subflow and runs that node once per list item. Per Gumloop's own docs this is concurrent (2 items at once on Free, 15 on Pro), not a strictly one-at-a-time sequential container, and there is no separate while-loop or fixed-iteration-count node documented, only iteration over an existing list.", + detail: + "Gumloop docs describe Loop Mode as processing 'multiple items simultaneously' with concurrency capped by plan tier, distinct from a classic for-each node that guarantees one iteration finishes before the next starts. No dedicated while-loop (condition-based) or fixed-count repeat node was found in public docs; all iteration is driven by connecting a list as input.", + shortValue: 'Partial: list-driven Loop Mode is concurrent, not a sequential loop node', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.gumloop.com/core-concepts/loop_mode', + label: 'Loop Mode - Gumloop docs', + asOf: '2026-07-02', + }, + { + url: 'https://www.gumloop.com/university/lessons/lists-loop-mode', + label: 'Gumloop University: Lists & Loop mode', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/langchain.ts b/apps/sim/lib/compare/data/competitors/langchain.ts index 7b74b598e08..4c67f3c060c 100644 --- a/apps/sim/lib/compare/data/competitors/langchain.ts +++ b/apps/sim/lib/compare/data/competitors/langchain.ts @@ -341,6 +341,21 @@ export const langchainProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "Yes: LangGraph's subgraph feature lets a compiled graph be added directly as a node in a parent graph via add_node, the parent waits for the subgraph to finish before continuing, and when state keys overlap the subgraph reads from and writes to the parent's state channels automatically; when schemas differ, a wrapper node function maps parent state to subgraph input and back", + detail: + 'This is a code-level composition primitive (one compiled graph nested inside another), not a drag-and-drop "call another workflow" block in a visual builder, but it satisfies the same synchronous parent-waits-for-child, data-in/data-out contract.', + shortValue: 'Yes, LangGraph subgraphs: compiled graph nested as a node, parent waits', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/oss/python/langgraph/use-subgraphs', + label: 'Subgraphs - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -562,6 +577,22 @@ export const langchainProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'No: there is no dedicated for-each/while/Loop container node. Sequential repetition over a list, a fixed count, or a condition is built by wiring a conditional edge back to an earlier node (a cycle in the graph) with the loop-continuation check written in a routing function, capped by a default recursion_limit of 25 super-steps unless raised', + detail: + 'This is a general graph-cycle capability, not a purpose-built "Loop"/"Repeat" block a builder drops in and configures declaratively; a developer writes the state counter, the exit condition, and the conditional edge by hand. The Send API covers the concurrent/parallel case, sequential iteration is left to hand-built cycles.', + shortValue: + 'No dedicated loop block; sequential iteration is a hand-built conditional-edge cycle', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.langchain.com/oss/python/langgraph/use-graph-api', + label: 'Use the graph API - Docs by LangChain', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/langflow.ts b/apps/sim/lib/compare/data/competitors/langflow.ts index 3c5f4cacd13..bbe75ea5e52 100644 --- a/apps/sim/lib/compare/data/competitors/langflow.ts +++ b/apps/sim/lib/compare/data/competitors/langflow.ts @@ -251,6 +251,19 @@ export const langflowProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + subWorkflows: { + value: + "Yes: Langflow's Run Flow component runs another saved flow as a subprocess of the current flow, dynamically generating input and output fields from the target flow's graph so the parent flow passes data in and receives the child flow's outputs back. It can also be attached to an Agent component as a callable tool.", + shortValue: 'Yes, via the Run Flow component', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langflow.org/run-flow', + label: 'Langflow Docs: Run Flow component', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -465,6 +478,19 @@ export const langflowProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: Langflow ships a dedicated Loop component that takes a list of JSON or Table items (for example CSV rows), passes items one at a time through its Item output port to a chain of connected components, and loops back until every item is processed sequentially, before emitting the aggregated result from its Done port.', + shortValue: 'Yes, via the Loop component (sequential, Item/Done ports)', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langflow.org/loop', + label: 'Langflow Docs: Loop component', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/make.ts b/apps/sim/lib/compare/data/competitors/make.ts index 696fe808b18..cc2c20efe3c 100644 --- a/apps/sim/lib/compare/data/competitors/make.ts +++ b/apps/sim/lib/compare/data/competitors/make.ts @@ -372,6 +372,26 @@ export const makeProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "Yes: Make's 'Call a Scenario' subscenario module lets a parent scenario invoke a saved sub-scenario as a step, passing structured inputs and, in synchronous mode, pausing until the sub-scenario finishes and returns outputs via a 'Return outputs' module.", + detail: + "Make's Subscenarios feature supports two modes: synchronous, where the parent calls the sub-scenario and pauses execution until it completes and returns output; and asynchronous, where the parent continues immediately without waiting. Each call creates its own separately logged run, and an error in the sub-scenario propagates back to the parent's error handling. This is a dedicated composition feature, distinct from triggering an unrelated scenario via a plain webhook.", + shortValue: 'Yes: Call a Scenario module runs a sub-scenario as a step', + confidence: 'verified', + sources: [ + { + url: 'https://help.make.com/subscenarios', + label: 'Subscenarios - Make Help Center', + asOf: '2026-07-02', + }, + { + url: 'https://help.make.com/scenario-inputs-and-scenario-outputs', + label: 'Scenario inputs and scenario outputs - Make Help Center', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -599,6 +619,26 @@ export const makeProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: Make has two dedicated Flow Control loop modules. The Iterator takes an existing array and outputs each element as a separate bundle, running every downstream module once per item, sequentially. The Repeater generates a fixed number of bundles from scratch (a numeric counter, no source array needed), also processed one at a time.', + detail: + "Per Make's Help Center, the Iterator splits an array into individual bundles that flow through the rest of the scenario one item at a time, while the Repeater runs a specified number of repetitions (its 'repeats' field) with each bundle carrying an incrementing counter item. Both are sequential, item-by-item execution; Make's separate Router feature (used for branching, not looping) is also documented as processing routes sequentially rather than in parallel.", + shortValue: 'Yes: Iterator (array loop) and Repeater (counted loop)', + confidence: 'verified', + sources: [ + { + url: 'https://help.make.com/iterator', + label: 'Iterator - Make Help Center', + asOf: '2026-07-02', + }, + { + url: 'https://www.make.com/en/help/tools/flow-control', + label: 'Flow control - Make Help Center', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts b/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts index f96aa653b55..5f496d47044 100644 --- a/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts +++ b/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts @@ -359,6 +359,27 @@ export const microsoftCopilotProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + 'Yes: agent flows built in the flow designer include a built-in child-flow action, alongside loop and branch control structures, that calls another published flow as a step, waits for it to finish, and passes/receives data, distinct from an agent merely calling a flow as a tool at the conversation level', + detail: + 'Vendor documentation on the agent flow designer lists control structures for looping and branching, data operations, date and time functions, and child flows as the built-in action categories available when composing a flow, the same child-flow composition model Power Automate uses for its underlying flow engine.', + shortValue: 'Yes, a built-in child-flow action calls and awaits another flow', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/flow-designer', + label: + 'Edit and manage your agent flow in the designer - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/microsoft-copilot-studio/advanced-use-flow', + label: 'Call an agent flow from an agent - Microsoft Copilot Studio | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -641,6 +662,27 @@ export const microsoftCopilotProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: agent flows include a built-in Loop action supporting both For each (iterating a known collection) and Do until (repeating until a condition becomes true) patterns, running sequentially by default with an optional parallel/concurrency mode (a configurable degree-of-parallelism setting) for iterations that are fully independent', + detail: + 'Vendor and third-party guidance both note that operations accumulating a value or depending on order must stay Sequential, since turning on parallel mode risks race conditions on shared variables and API throttling; Do until loops also require a maximum iteration count and timeout to prevent runaway execution.', + shortValue: 'Yes, a Loop action with For each/Do until, sequential by default', + confidence: 'verified', + sources: [ + { + url: 'https://www.candede.com/articles/copilot-studio-workflow-engine-loop-component/', + label: 'Mastering Copilot Studio Workflows: The Loop Component', + asOf: '2026-07-02', + }, + { + url: 'https://www.microsoft.com/en-us/power-platform/blog/power-automate/parallel-actions/', + label: + 'Add parallel branches in flows and five new services - Microsoft Power Platform Blog', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/n8n.ts b/apps/sim/lib/compare/data/competitors/n8n.ts index 3d01ad1474c..0b6503c99cd 100644 --- a/apps/sim/lib/compare/data/competitors/n8n.ts +++ b/apps/sim/lib/compare/data/competitors/n8n.ts @@ -338,6 +338,21 @@ export const n8nProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "Yes: the Execute Sub-workflow node calls a saved workflow as a step in another workflow, with a 'Wait for Sub-Workflow Completion' option so the parent pauses until the child finishes, passing data in via the child's trigger and receiving data back from the child's last node.", + detail: + "The child workflow starts with a 'When Executed by Another Workflow' trigger that defines the expected input fields. When 'Wait for Sub-Workflow Completion' is enabled, the parent blocks until the sub-workflow finishes and receives whatever data the sub-workflow's final node outputs; disabling it lets the parent continue without waiting.", + shortValue: 'Yes, Execute Sub-workflow node with wait-for-completion option', + confidence: 'verified', + sources: [ + { + url: 'https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.executeworkflow/', + label: 'Execute Sub-workflow | Nodes | n8n Docs', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -618,6 +633,21 @@ export const n8nProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "Yes: the Loop Over Items (Split in Batches) node iterates a list in fixed-size batches, running each batch sequentially through a 'loop' output and combining results through a 'done' output once all batches complete.", + detail: + "Loop Over Items processes a configurable batch size per iteration and re-enters the loop until every input item has passed through, rather than fanning items out concurrently. n8n's docs note this is the primary built-in mechanism for iterative processing, distinct from the Parallel-style concurrent fan-out other flow-logic nodes provide.", + shortValue: 'Yes, Loop Over Items node, sequential batch iteration', + confidence: 'verified', + sources: [ + { + url: 'https://docs.n8n.io/integrations/builtin/core-nodes/n8n-nodes-base.splitinbatches/', + label: 'Loop Over Items (Split in Batches) | Nodes | n8n Docs', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/openai-agentkit.ts b/apps/sim/lib/compare/data/competitors/openai-agentkit.ts index 55b940ce72f..7e33952a221 100644 --- a/apps/sim/lib/compare/data/competitors/openai-agentkit.ts +++ b/apps/sim/lib/compare/data/competitors/openai-agentkit.ts @@ -319,6 +319,26 @@ export const openaiAgentkitProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "No: Agent Builder's node reference (Start, Agent, Note, File search, Guardrails, MCP, If/else, While, Human approval, Transform, Set state) has no node that calls a separate saved workflow as a nested step and waits for it to finish. Composition across agents happens via handoffs between Agent nodes within the same workflow canvas, not by invoking another independently saved workflow as a reusable child step.", + detail: + 'A workflow can call other agents through handoffs (execution transfers to another Agent node, carrying conversation state), but that is agent-to-agent handoff inside one workflow graph, not a documented call-another-workflow-and-return block. The only way to reuse a workflow elsewhere is to export it as Agents SDK code and call that code from other code, which is a code-level reuse pattern rather than a visual sub-workflow step.', + shortValue: 'No dedicated call-sub-workflow node found', + confidence: 'estimated', + sources: [ + { + url: 'https://developers.openai.com/api/docs/guides/node-reference', + label: 'Node reference | OpenAI API', + asOf: '2026-07-02', + }, + { + url: 'https://developers.openai.com/api/docs/guides/agent-builder', + label: 'Agent Builder | OpenAI API', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -556,6 +576,26 @@ export const openaiAgentkitProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "Yes: Agent Builder has a dedicated 'While' logic node that loops on a custom Common Expression Language (CEL) condition, re-running the connected steps sequentially each pass until the condition is false.", + detail: + "The While node is condition-based rather than an explicit for-each-over-a-list container: iterating over a list means writing a CEL expression that checks an index or remaining-items condition against a Set-state variable, and incrementing that variable each pass, rather than dropping in a purpose-built for-each block. Iterations run one after another (sequential), matching the node palette's lack of any fan-out/parallel node.", + shortValue: 'Yes, via the While logic node (condition-based, sequential)', + confidence: 'verified', + sources: [ + { + url: 'https://developers.openai.com/api/docs/guides/node-reference', + label: 'Node reference | OpenAI API', + asOf: '2026-07-02', + }, + { + url: 'https://community.openai.com/t/agent-builder-while-loop-transform-and-set-state-an-example/1362386', + label: 'OpenAI Community: Agent Builder - While Loop, Transform and Set State example', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/openclaw.ts b/apps/sim/lib/compare/data/competitors/openclaw.ts index 9a5b3685fb5..e4167c64db8 100644 --- a/apps/sim/lib/compare/data/competitors/openclaw.ts +++ b/apps/sim/lib/compare/data/competitors/openclaw.ts @@ -342,6 +342,26 @@ export const openClawProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "No: OpenClaw's optional Lobster workflow shell has no documented step type for invoking another saved workflow file as a nested sub-step. Sub-agents (sessions_spawn) delegate a task to a whole separate agent session, not a call-and-wait step inside a defined multi-step pipeline.", + detail: + "Lobster's documented step types are run/command (shell/CLI), pipeline (native stages like llm.invoke), and approval (gates); none of them reference invoking a second .lobster/YAML/JSON workflow file as a step. Sub-agents are the closest related feature but compose whole agent sessions, not saved workflow definitions, and even that requires an explicit sessions_yield to block for a result rather than a built-in composition primitive.", + shortValue: 'No: no documented call-another-workflow step in Lobster', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/lobster', + label: 'OpenClaw Docs: Lobster', + asOf: '2026-07-02', + }, + { + url: 'https://docs.openclaw.ai/tools/subagents', + label: 'OpenClaw Docs: Sub-agents', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -562,6 +582,27 @@ export const openClawProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "No: neither the core agent loop nor the optional Lobster workflow shell has a dedicated for-each/while loop container. Lobster's own maintainers describe its steps as executing strictly top to bottom with no way to jump back to a previous step, and a GitHub feature-request proposal for adding loop/flow-control (a next field enabling backward jumps and max_iterations) is explicitly framed as not yet implemented.", + detail: + 'Lobster documents only run/command, pipeline, and approval step types plus a boolean condition gate; a maintainer-filed proposal (openclaw/lobster issue #38) states plainly that "steps execute top to bottom. There\'s no way to jump back to a previous step" and lists step flow control/loops as a future addition, not a shipped feature.', + shortValue: 'No: Lobster steps run top to bottom, no loop construct shipped', + confidence: 'verified', + sources: [ + { + url: 'https://docs.openclaw.ai/tools/lobster', + label: 'OpenClaw Docs: Lobster', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/openclaw/lobster/issues/38', + label: + 'openclaw/lobster GitHub issue #38: Human-in-the-loop workflows: structured input requests, conditionals, and step flow control', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/pipedream.ts b/apps/sim/lib/compare/data/competitors/pipedream.ts index a578a0a1f02..839211d0efc 100644 --- a/apps/sim/lib/compare/data/competitors/pipedream.ts +++ b/apps/sim/lib/compare/data/competitors/pipedream.ts @@ -309,6 +309,21 @@ export const pipedreamProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + 'No: Pipedream\'s documented mechanism for connecting workflows is $.send.emit(), which is explicitly asynchronous ("Destination delivery is asynchronous: emits are sent after your workflow finishes"). This triggers a separate listener workflow after the emitting workflow completes; it is not a step that calls a saved workflow synchronously, waits for it, and receives its return value.', + detail: + 'No Pipedream documentation describes a "call workflow" or "execute sub-workflow" step. Community help threads confirm the emit-and-listen pattern is the standard workaround for chaining workflows, not true parent-waits-for-child composition.', + shortValue: 'No, only async emit-to-listener chaining', + confidence: 'estimated', + sources: [ + { + url: 'https://pipedream.com/docs/destinations/emit', + label: 'Pipedream Docs: Destinations (emit)', + asOf: '2026-07-03', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -495,6 +510,21 @@ export const pipedreamProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'No: Pipedream\'s control flow docs list If/Else, Delay, Filter, and End Workflow as available operators, and the control flow overview page states "more operators (including parallel and looping) are coming soon" even after the Parallel operator itself shipped, indicating a dedicated sequential Loop/Repeat/For Each container is still not released as of this check.', + detail: + 'No page exists for a Loop or Repeat control-flow operator (a guessed docs URL for it 404s), and long-running community threads confirm the standard workaround is iterating over an array inside a Node.js or Python code step rather than using a native loop block.', + shortValue: 'No native loop block; only code-step iteration workaround', + confidence: 'estimated', + sources: [ + { + url: 'https://pipedream.com/docs/workflows/building-workflows/control-flow', + label: 'Pipedream Docs: Control Flow overview', + asOf: '2026-07-03', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/power-automate.ts b/apps/sim/lib/compare/data/competitors/power-automate.ts index 636081715da..1554c0d64d4 100644 --- a/apps/sim/lib/compare/data/competitors/power-automate.ts +++ b/apps/sim/lib/compare/data/competitors/power-automate.ts @@ -340,6 +340,21 @@ export const powerAutomateProfile: CompetitorProfile = { confidence: 'estimated', sources: [], }, + subWorkflows: { + value: + 'Yes: Power Automate supports child flows via the built-in "Run a Child Flow" action, which calls another flow as a step, waits for it to finish, and can pass inputs and receive its outputs back into the parent flow.', + detail: + 'Child flows must use the "Manually trigger a flow" trigger and must be part of a solution to be callable this way; this is distinct from firing an independent flow asynchronously via HTTP/webhook.', + shortValue: 'Yes, via the "Run a Child Flow" action', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/power-automate/create-child-flows', + label: 'Create child flows - Power Automate | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -595,6 +610,26 @@ export const powerAutomateProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: Power Automate provides built-in loop containers, the "Apply to each" action iterates over a list/array and the "Do until" action repeats a set of actions until a condition or state is met, each running its iterations sequentially by default.', + detail: + 'Apply to each can optionally run with concurrency (parallel iteration) via a setting, but sequential execution is the default behavior; Do until requires a defined exit condition and has a configurable iteration/timeout limit.', + shortValue: 'Yes, via "Apply to each" and "Do until" actions', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/power-automate/apply-to-each', + label: 'Use the Apply to each action - Power Automate | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-control-flow-loops', + label: 'Repeat actions with loops in workflows - Azure Logic Apps | Microsoft Learn', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/retool.ts b/apps/sim/lib/compare/data/competitors/retool.ts index f5a0047377b..2d837a6e772 100644 --- a/apps/sim/lib/compare/data/competitors/retool.ts +++ b/apps/sim/lib/compare/data/competitors/retool.ts @@ -320,6 +320,26 @@ export const retoolProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + 'Yes: the Workflow block runs another saved workflow as a step, passing data to it and receiving its returned data back, so the parent workflow can compose child workflows rather than duplicating logic.', + detail: + 'The Workflow block supports two execution modes: Finished, where the calling workflow pauses until the triggered workflow run completes, and Queued, where the calling workflow continues immediately while the triggered run is queued.', + shortValue: 'Yes, Workflow block calls and waits on another workflow', + confidence: 'verified', + sources: [ + { + url: 'https://docs.retool.com/workflows/guides/blocks/run-workflow', + label: 'Run another workflow with the Workflow block | Retool Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.retool.com/workflows/reference/objects/block/run-workflow', + label: 'The Workflow block | Retool Docs', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -549,6 +569,21 @@ export const retoolProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: a dedicated Loop block runs an embedded set of blocks once per item in an array, referencing each item and its index via value and index.', + detail: + 'The Loop block supports Sequential mode (each iteration completes before the next starts, with an optional delay to avoid rate limits), Parallel mode (all iterations run simultaneously), and Batch mode (a configurable number of iterations run in parallel per batch, default batch size 10) before moving to the next batch.', + shortValue: 'Yes, Loop block with sequential, parallel, and batch modes', + confidence: 'verified', + sources: [ + { + url: 'https://docs.retool.com/workflows/guides/blocks/logic/loop', + label: 'Loop block | Retool Docs', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/stackai.ts b/apps/sim/lib/compare/data/competitors/stackai.ts index 87b649582bd..7f20eeb6818 100644 --- a/apps/sim/lib/compare/data/competitors/stackai.ts +++ b/apps/sim/lib/compare/data/competitors/stackai.ts @@ -280,6 +280,21 @@ export const stackaiProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + subWorkflows: { + value: + "Yes: an AI Agent node can invoke a separately saved StackAI workflow as a Subflow Tool. The parent agent passes input into the subflow, waits for it to run to completion, and receives the subflow's output node result back before continuing, rather than only firing an async webhook-triggered run.", + detail: + 'Subflow Tools are configured on the AI Agent node; each must connect to an output node to complete, and the docs describe subflows running "collaboratively" where one subflow\'s output can inform whether/how another is invoked. Whether a Subflow Tool can be reused unmodified across multiple different parent workflows was not independently confirmed.', + shortValue: 'Yes, via Subflow Tools on the AI Agent node', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.stackai.com/workflow-builder/core-nodes/ai-agent-node/subflow-tools', + label: 'Subflow Tools docs', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -484,6 +499,21 @@ export const stackaiProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: the Loop Subflow node iterates over a list of inputs, running its Loop branch once per item sequentially, with the current item exposed via a current_item variable. A separate Done branch runs once after all iterations finish, collecting any outputs explicitly emitted inside the loop.', + detail: + 'This is a sequential, one-item-at-a-time iterator distinct from the parallel/concurrent execution StackAI exposes separately through parallel Subflow Tool calls or parallel Project runs inside a loop.', + shortValue: 'Yes, via the Loop Subflow node', + confidence: 'verified', + sources: [ + { + url: 'https://docs.stackai.com/workflow-builder/utils-logic-and-others/logic/loop-subflow', + label: 'Loop Subflow docs', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/tines.ts b/apps/sim/lib/compare/data/competitors/tines.ts index 44ac2899985..7b6b030e335 100644 --- a/apps/sim/lib/compare/data/competitors/tines.ts +++ b/apps/sim/lib/compare/data/competitors/tines.ts @@ -322,6 +322,26 @@ export const tinesProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "Yes: Tines' Send to Story action lets a parent Story call a separate sub-Story as a reusable step. The sub-story is configured with a webhook input action and a message-only output action; the parent's Send to Story action passes a payload, execution blocks until the sub-story finishes, and the sub-story's output event is returned to the calling action.", + detail: + 'This is synchronous parent-waits-for-child composition with data passed in and returned, distinct from firing an independent story asynchronously via a plain webhook.', + shortValue: 'Yes: Send to Story calls a sub-story, waits, returns data', + confidence: 'verified', + sources: [ + { + url: 'https://www.tines.com/docs/stories/send-to-story/', + label: 'Send to Story | Docs | Tines', + asOf: '2026-07-02', + }, + { + url: 'https://www.tines.com/docs/stories/apis/', + label: 'Workflows as APIs | Docs | Tines', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -530,6 +550,26 @@ export const tinesProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: Tines actions (including Event Transform in message-only mode and Send to Story) support a Loop attribute that points at a list or object field on the incoming event and invokes the action once per element, exposing a LOOP object for the current item on each pass. This is a per-action for-each attribute rather than a separate visual loop container block, and executes one item at a time rather than concurrently, distinct from the separate Explode/Implode parallel fan-out mechanism.', + detail: + 'Tines caps a single loop at fewer than 20,000 elements. The dedicated concurrent-fan-out counterpart is Explode/Implode, documented separately as parallelExecution.', + shortValue: 'Yes: per-action Loop attribute, for-each over a list', + confidence: 'estimated', + sources: [ + { + url: 'https://www.tines.com/university/advanced/looping/', + label: 'Looping in Tines | Tines University', + asOf: '2026-07-02', + }, + { + url: 'https://www.tines.com/docs/actions/types/send-to-story/', + label: 'Send to Story | Docs | Tines', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/vellum.ts b/apps/sim/lib/compare/data/competitors/vellum.ts index 841aef53645..fb62c76ed39 100644 --- a/apps/sim/lib/compare/data/competitors/vellum.ts +++ b/apps/sim/lib/compare/data/competitors/vellum.ts @@ -280,6 +280,26 @@ export const vellumProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + subWorkflows: { + value: + 'Yes: Vellum has a Subworkflow node that executes a deployed or inline workflow as a step inside a parent workflow, waiting for it to finish and passing/receiving data through defined inputs and outputs.', + detail: + 'Both "Deployed Subworkflows" (calling a separately versioned, released workflow) and "Inline Subworkflows" (defined within the parent workflow for modularization/reuse) are documented; the Agent Node can also register subworkflows as callable tools.', + shortValue: 'Dedicated Subworkflow node', + confidence: 'verified', + sources: [ + { + url: 'https://docs.vellum.ai/developers/workflows-sdk/api-reference/nodes/subworkflow-deployment-node', + label: 'Subworkflow Deployment Node - Vellum Documentation', + asOf: '2026-07-02', + }, + { + url: 'https://docs.vellum.ai/product/workflows/nodes/agent-node', + label: 'Agent Node - Vellum Documentation', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -504,6 +524,21 @@ export const vellumProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "No: Vellum's only documented list-iteration mechanism is the Map Node, which executes a subworkflow once per array item concurrently (up to 96 parallel executions) rather than as a dedicated sequential for-each/while container; no separate While/loop node is documented.", + detail: + 'The Map Node is already the mechanism counted under parallelExecution (concurrent fan-out plus Merge Strategy join). Vellum documentation does not describe a way to force single-lane sequential iteration or a distinct while/repeat-until construct.', + shortValue: 'Only a concurrent Map Node, no sequential loop', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.vellum.ai/product/workflows/nodes/map-node', + label: 'Map Node - Vellum Documentation', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/workato.ts b/apps/sim/lib/compare/data/competitors/workato.ts index a591fc6c03f..e82eeae7801 100644 --- a/apps/sim/lib/compare/data/competitors/workato.ts +++ b/apps/sim/lib/compare/data/competitors/workato.ts @@ -330,6 +330,26 @@ export const workatoProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + subWorkflows: { + value: + "Yes: Recipe Functions' Call Recipe Function (Synchronously) action adds a step that calls another saved recipe as a child, passing input via that recipe's Input schema, waiting for it to finish, and returning its output through the Response schema back into the parent recipe's data pills; an asynchronous 'fire-and-forget' variant is also available for cases where the parent should not wait.", + detail: + "This supersedes the older Callable Recipes connector (legacy recipes still run, but new ones must use Recipe Functions). The synchronous call is subject to a timeout, after which Workato's docs recommend the async variant instead.", + shortValue: 'Yes: Call Recipe Function step, sync or async, with I/O', + confidence: 'verified', + sources: [ + { + url: 'https://docs.workato.com/features/callable-recipes/call-recipe-action.html', + label: 'Callable Recipes - Call Recipe Actions | Workato Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.workato.com/connectors/recipe-functions/actions/call-recipe-function-synchronously.html', + label: 'Recipe Functions - Call Recipe Function Synchronously | Workato Docs', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -590,6 +610,26 @@ export const workatoProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "Yes: a dedicated 'Repeat for each' loop block executes a nested set of steps once per item in a given list, sequentially rather than concurrently, with each iteration's data pills scoped to that item; Workato also offers a separate 'Repeat while' loop for condition-based looping, and 'Repeat for each in batches' for grouping items into fixed-size batches (default 100) per iteration when downstream systems can't accept single-record calls.", + detail: + 'Docs explicitly frame Repeat for each as sequential, one item at a time, contrasting it with bulk/batch transfer; concurrent/parallel execution of loop iterations is not offered by this construct.', + shortValue: 'Yes: Repeat for each/while loop blocks, sequential', + confidence: 'verified', + sources: [ + { + url: 'https://docs.workato.com/recipes/repeat-for-each.html', + label: 'Repeat for each loop | Workato Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.workato.com/recipes/loops.html', + label: 'Repeat while loop | Workato docs', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/competitors/zapier.ts b/apps/sim/lib/compare/data/competitors/zapier.ts index febca9cfe33..097d52c0eae 100644 --- a/apps/sim/lib/compare/data/competitors/zapier.ts +++ b/apps/sim/lib/compare/data/competitors/zapier.ts @@ -323,6 +323,26 @@ export const zapierProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + 'Yes: Sub-Zaps by Zapier let a Zap call a saved Sub-Zap as a dedicated step ("Call a Sub-Zap" action). The parent Zap waits for the Sub-Zap to finish, sends data into it via a "Start a Sub-Zap" trigger, and receives data back via a "Return from Sub-Zap" step.', + detail: + 'Sub-Zaps are built once and reused across multiple parent Zaps, avoiding copy-paste duplication of the same step sequence.', + shortValue: 'Yes, via Sub-Zaps (Call a Sub-Zap action)', + confidence: 'verified', + sources: [ + { + url: 'https://help.zapier.com/hc/en-us/articles/32283713627533-Understanding-Sub-Zaps', + label: 'Understanding Sub-Zaps', + asOf: '2026-07-02', + }, + { + url: 'https://help.zapier.com/hc/en-us/articles/8496308527629-Create-reusable-Zap-steps-with-Sub-Zaps', + label: 'Create reusable Zap steps with Sub-Zaps', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -553,6 +573,26 @@ export const zapierProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + "Partial: Looping by Zapier provides a dedicated loop step that repeats a set of follow-up actions over a text list, line items, or a numeric range, up to 500 iterations. Zapier's own documentation states iterations execute concurrently in parallel by default, not sequentially, and this holds even when the loop is nested inside a Path configured to run sequentially. There is no official setting to force strictly sequential iteration order.", + detail: + 'Zapier\'s help center: "All iterations of the loop execute in parallel (simultaneously), not one after another" and "Loops always run in parallel (simultaneously). This happens even if the loop is nested within a Path configured to run sequentially." Community workarounds (incremental delay steps, webhook-based looping) exist but are not a native sequential mode.', + shortValue: 'Yes, but iterations run in parallel by default, not sequentially', + confidence: 'verified', + sources: [ + { + url: 'https://help.zapier.com/hc/en-us/articles/42969233918477-Understanding-Looping-by-Zapier', + label: 'Understanding Looping by Zapier', + asOf: '2026-07-02', + }, + { + url: 'https://help.zapier.com/hc/en-us/articles/8496106701453-Loop-your-Zap-actions', + label: 'Loop your Zap actions', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/sim.ts b/apps/sim/lib/compare/data/sim.ts index 58d129afcce..c0861e5bfdc 100644 --- a/apps/sim/lib/compare/data/sim.ts +++ b/apps/sim/lib/compare/data/sim.ts @@ -298,6 +298,20 @@ export const simProfile: CompetitorProfile = { }, ], }, + subWorkflows: { + value: + "Yes: a Workflow block calls another saved workflow as a step, waits for it to finish, runs its latest deployed version, and maps parent variables into the child's input form", + detail: 'Self-references are blocked to prevent infinite recursion.', + shortValue: 'Workflow block calls a saved workflow as a reusable step', + confidence: 'verified', + sources: [ + { + url: 'https://docs.sim.ai/workflows/blocks/workflow', + label: 'Sim Docs: Workflow block', + asOf: '2026-07-02', + }, + ], + }, }, aiCapabilities: { multiLlmSupport: { @@ -532,6 +546,19 @@ export const simProfile: CompetitorProfile = { }, ], }, + loopIteration: { + value: + 'Yes: a Loop container block runs the blocks inside it repeatedly (For a fixed count, ForEach over a collection, While a condition holds, or Do-While), running iterations one after another; concurrent fan-out is a separate Parallel block', + shortValue: 'Native Loop block: For, ForEach, While, Do-While', + confidence: 'verified', + sources: [ + { + url: 'https://docs.sim.ai/workflows/blocks/loop', + label: 'Sim Docs: Loop block', + asOf: '2026-07-02', + }, + ], + }, }, integrations: { integrationCount: { diff --git a/apps/sim/lib/compare/data/types.ts b/apps/sim/lib/compare/data/types.ts index 705177d6d04..86675e9af65 100644 --- a/apps/sim/lib/compare/data/types.ts +++ b/apps/sim/lib/compare/data/types.ts @@ -64,6 +64,8 @@ export interface ComparisonFacts { dataTables: Fact /** An inline rich-text/WYSIWYG markdown editor for documents stored in the platform, versus a plain textarea or raw-source view only. */ richTextEditor: Fact + /** Calling one saved workflow as a reusable step inside another workflow (composition/nesting), versus only being able to duplicate or manually re-wire the same logic per workflow. */ + subWorkflows: Fact } aiCapabilities: { multiLlmSupport: Fact @@ -90,6 +92,8 @@ export interface ComparisonFacts { parallelExecution: Fact /** Support for the Agent2Agent (A2A) protocol, the emerging open standard for one AI agent to discover and call another agent as a peer, distinct from ordinary MCP tool-calling. */ a2aProtocol: Fact + /** A dedicated for-each/while loop container that iterates a set of steps over a list or a fixed count, distinct from a Parallel block's concurrent fan-out. */ + loopIteration: Fact } integrations: { integrationCount: Fact From 2f9214292109820b819d79f1ecafddc4c42f9c25 Mon Sep 17 00:00:00 2001 From: waleed Date: Fri, 3 Jul 2026 11:00:28 -0700 Subject: [PATCH 4/7] feat(comparison): add third-party integration vetting fact New universal comparison fact across all 20 profiles: thirdPartyVetting, whether a platform's integrations/tools/skills come from a vetted first-party catalog vs. an open marketplace where any third party can publish executable code with lighter or no vendor security review. Directly relevant given OpenClaw's ClawHub marketplace has documented incidents (283 skills, ~7.1% of the registry, found leaking credentials; 24 accounts distributing 600+ malicious skills before scanning existed). Findings are honest and mixed, not uniformly favorable: Gumloop, Retool, and Tines are first-party-only like Sim (marked "Yes"); n8n, Zapier, Make, Workato, and OpenAI AgentKit have partial vetting on an open or semi-open ecosystem; Pipedream and OpenClaw are open marketplaces with documented security incidents. --- .../comparison/comparison-sections.ts | 1 + .../compare/data/competitors/claude-cowork.ts | 25 +++++++++++++++ .../lib/compare/data/competitors/crewai.ts | 20 ++++++++++++ apps/sim/lib/compare/data/competitors/dust.ts | 20 ++++++++++++ .../lib/compare/data/competitors/flowise.ts | 27 ++++++++++++++++ .../lib/compare/data/competitors/gumloop.ts | 20 ++++++++++++ .../lib/compare/data/competitors/langchain.ts | 22 +++++++++++++ .../lib/compare/data/competitors/langflow.ts | 31 +++++++++++++++++++ apps/sim/lib/compare/data/competitors/make.ts | 20 ++++++++++++ .../data/competitors/microsoft-copilot.ts | 21 +++++++++++++ apps/sim/lib/compare/data/competitors/n8n.ts | 25 +++++++++++++++ .../data/competitors/openai-agentkit.ts | 30 ++++++++++++++++++ .../lib/compare/data/competitors/openclaw.ts | 22 +++++++++++++ .../lib/compare/data/competitors/pipedream.ts | 20 ++++++++++++ .../data/competitors/power-automate.ts | 21 +++++++++++++ .../lib/compare/data/competitors/retool.ts | 20 ++++++++++++ .../lib/compare/data/competitors/stackai.ts | 20 ++++++++++++ .../sim/lib/compare/data/competitors/tines.ts | 20 ++++++++++++ .../lib/compare/data/competitors/vellum.ts | 20 ++++++++++++ .../lib/compare/data/competitors/workato.ts | 25 +++++++++++++++ .../lib/compare/data/competitors/zapier.ts | 25 +++++++++++++++ apps/sim/lib/compare/data/sim.ts | 15 +++++++++ apps/sim/lib/compare/data/types.ts | 2 ++ 23 files changed, 472 insertions(+) diff --git a/apps/sim/app/(landing)/comparison/comparison-sections.ts b/apps/sim/app/(landing)/comparison/comparison-sections.ts index 38c6d919e19..ce4609a451e 100644 --- a/apps/sim/app/(landing)/comparison/comparison-sections.ts +++ b/apps/sim/app/(landing)/comparison/comparison-sections.ts @@ -92,6 +92,7 @@ export const COMPARISON_SECTIONS: ComparisonSectionDef[] = [ { key: 'modelAndToolGovernance', label: 'Model & tool governance' }, { key: 'credentialGovernance', label: 'Credential governance' }, { key: 'sso', label: 'Single sign-on (SSO)' }, + { key: 'thirdPartyVetting', label: 'Vetted first-party integrations' }, { key: 'piiRedaction', label: 'PII redaction' }, { key: 'dataRetention', label: 'Custom data retention' }, { key: 'whiteLabeling', label: 'White-labeling' }, diff --git a/apps/sim/lib/compare/data/competitors/claude-cowork.ts b/apps/sim/lib/compare/data/competitors/claude-cowork.ts index 429fc7afec0..eea83f2680a 100644 --- a/apps/sim/lib/compare/data/competitors/claude-cowork.ts +++ b/apps/sim/lib/compare/data/competitors/claude-cowork.ts @@ -874,6 +874,31 @@ export const claudeCoworkProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'Partial: Anthropic maintains first-party catalogs (anthropics/skills, anthropics/knowledge-work-plugins, the 11 plugins bundled into Cowork), but the plugin/skill ecosystem is open by design. Any developer can host a plugin marketplace as a git repo and users add it via `/plugin marketplace add`, with no Anthropic approval queue or review gate before installation.', + detail: + 'Third-party community sites (ClawHub, skills.sh, and others) distribute unvetted, community-authored skills for Claude Code/Cowork. Security researchers have found real, documented incidents in this ecosystem: Snyk\'s ToxicSkills audit of ~3,984 skills on ClawHub and skills.sh found 1,467 with security flaws and confirmed 76 active malicious payloads built for credential theft, backdoors, and data exfiltration; Koi Security separately audited all 2,857 skills on ClawHub and flagged 341 as malicious, 335 tied to one coordinated campaign ("ClawHavoc"). These incidents are in the broader Claude Skills/plugin ecosystem rather than Anthropic\'s own first-party catalog.', + shortValue: 'Partial: first-party catalog + open, unvetted plugin ecosystem', + confidence: 'verified', + sources: [ + { + url: 'https://code.claude.com/docs/en/plugin-marketplaces', + label: 'Create and distribute a plugin marketplace', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/anthropics/skills', + label: 'anthropics/skills: Public repository for Agent Skills', + asOf: '2026-07-02', + }, + { + url: 'https://snyk.io/blog/toxicskills-malicious-ai-agent-skills-clawhub/', + label: 'Snyk: ToxicSkills - malicious AI agent skills on ClawHub', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/crewai.ts b/apps/sim/lib/compare/data/competitors/crewai.ts index 7c53ed3f598..d0ff90cb955 100644 --- a/apps/sim/lib/compare/data/competitors/crewai.ts +++ b/apps/sim/lib/compare/data/competitors/crewai.ts @@ -883,6 +883,26 @@ export const crewaiProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'Partial: the core crewai-tools package is maintainer-reviewed, but the Enterprise Tool Repository lets any org publish public tools with only automated security checks, and CrewAI also supports the open, community-run MCP server ecosystem', + detail: + "CrewAI's official crewai-tools GitHub repository is a first-party, contribution-reviewed catalog (community pull requests are merged by CrewAI maintainers). Separately, CrewAI's own Enterprise docs describe a Tool Repository where any user with org permissions can publish a tool with the --public flag, making it installable by other users; the docs state only that 'every published version undergoes automated security checks' before install, with no described human/editorial review process. CrewAI also documents first-class support for the Model Context Protocol, giving agents access to 'thousands of tools from hundreds of MCP servers built by the community,' which are third-party code not authored or reviewed by CrewAI. No CrewAI-specific documented security incident (malicious tool, credential leak via a community tool or MCP server) was found in public sources at the time of this research.", + shortValue: 'Partial, reviewed core repo + open public Tool Repository + community MCP', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.crewai.com/en/enterprise/guides/tool-repository', + label: 'CrewAI Enterprise Tool Repository docs', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/crewAIInc/crewAI-tools', + label: 'crewAI-tools GitHub repository', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/dust.ts b/apps/sim/lib/compare/data/competitors/dust.ts index cf8ac12f772..b91e7ad60a1 100644 --- a/apps/sim/lib/compare/data/competitors/dust.ts +++ b/apps/sim/lib/compare/data/competitors/dust.ts @@ -876,6 +876,26 @@ export const dustProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'Partial: native data connections (Slack, Notion, GitHub, Salesforce, and 50+ others) are first-party and built/maintained by the Dust team, but agent tools can also be extended with any external MCP server by pasting its public URL, with no Dust-led vetting or review of that server', + detail: + 'Docs describe adding a remote MCP server as entering "the MCP server\'s public URL" for any MCP server available on the internet, with workspace admins responsible for choosing and authenticating servers; there is no formal Dust review process described, unlike the fully managed first-party connectors. No publicly documented security incident specifically involving a malicious or compromised third-party MCP server on Dust was found.', + shortValue: 'First-party connectors, open bring-your-own-URL MCP tools', + confidence: 'verified', + sources: [ + { + url: 'https://docs.dust.tt/docs/remote-mcp-server', + label: 'Adding an MCP Server', + asOf: '2026-07-02', + }, + { + url: 'https://docs.dust.tt/docs/connections', + label: 'Connections', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/flowise.ts b/apps/sim/lib/compare/data/competitors/flowise.ts index faf5c04b730..81f75b64d26 100644 --- a/apps/sim/lib/compare/data/competitors/flowise.ts +++ b/apps/sim/lib/compare/data/competitors/flowise.ts @@ -719,6 +719,33 @@ export const flowiseProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Yes: Flowise's nodes (LLMs, tools, vector stores, document loaders) live in the packages/components/nodes folder of the core FlowiseAI/Flowise monorepo. New nodes are contributed via GitHub pull request and reviewed/merged by the Flowise team before shipping in an official release, rather than published independently by third parties into an open, unreviewed marketplace. The separate Marketplace feature distributes JSON chatflow/agentflow templates, not installable executable code packages.", + detail: + 'Flowise has still had first-party security issues: CVE-2025-59528 (CVSS 10.0) was a critical unauthenticated remote code execution flaw in the official CustomMCP node, where user-supplied mcpServerConfig input was passed into a JavaScript Function() constructor; patched in 3.0.6, but VulnCheck observed in-the-wild exploitation starting April 2026 against thousands of still-exposed instances. This was a bug in vetted, first-party code, not a malicious third-party community node.', + shortValue: + 'Yes, nodes are PR-reviewed into the core repo, no open community-node marketplace', + confidence: 'verified', + sources: [ + { + url: 'https://docs.flowiseai.com/contributing/building-node', + label: 'Flowise Docs: Building Node', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p', + label: 'GitHub Security Advisory GHSA-3gcm-f6qx-ff7p (CVE-2025-59528)', + asOf: '2026-07-02', + }, + { + url: 'https://www.csoonline.com/article/4155680/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows.html', + label: + 'CSO Online: Hackers exploit a critical Flowise flaw affecting thousands of AI workflows', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/gumloop.ts b/apps/sim/lib/compare/data/competitors/gumloop.ts index e981d5e9ec4..956072d12a5 100644 --- a/apps/sim/lib/compare/data/competitors/gumloop.ts +++ b/apps/sim/lib/compare/data/competitors/gumloop.ts @@ -931,6 +931,26 @@ export const gumloopProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Yes: Gumloop's 100+ built-in integrations are first-party nodes authored and maintained by Gumloop. Custom Nodes (user-written code steps) are built privately per account or team and shared only with named teammates or an org/link, not published to a public, searchable registry of third-party installable nodes. The separate Community Templates gallery is workflow templates (built from Gumloop's own nodes), and submissions go through a Gumloop content-quality review before listing.", + detail: + "No public marketplace was found where an unaffiliated third-party developer publishes a Custom Node for arbitrary other users to discover and install, unlike an open community-node ecosystem. No documented security incidents involving Gumloop's Custom Nodes or Community Templates were found in public sources as of this check.", + shortValue: 'Yes: first-party nodes, private custom nodes, reviewed templates', + confidence: 'verified', + sources: [ + { + url: 'https://docs.gumloop.com/nodes/custom_node_details', + label: 'Custom Node Builder - Gumloop docs', + asOf: '2026-07-02', + }, + { + url: 'https://www.gumloop.com/blog/announcing-community-templates', + label: 'Announcing Community Templates - Gumloop blog', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/langchain.ts b/apps/sim/lib/compare/data/competitors/langchain.ts index 4c67f3c060c..c6ea48633ec 100644 --- a/apps/sim/lib/compare/data/competitors/langchain.ts +++ b/apps/sim/lib/compare/data/competitors/langchain.ts @@ -897,6 +897,28 @@ export const langchainProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Partial: the core langchain and langchain-core packages plus a set of popular integrations are maintained and security-reviewed by LangChain's own team, but the much larger integration surface lives in the community-driven langchain-community package (and hundreds of separately published community PyPI packages), which LangChain's own security policy states is not eligible for its bug bounty program", + detail: + "LangChain's published security policy explicitly excludes langchain-community from bug bounty eligibility due to its community-driven nature, while still accepting and addressing reports for it, indicating a lighter, best-effort review tier for community-contributed integration code compared to the core libraries and officially maintained popular integrations. No source found for a distinct, documented incident of a malicious or credential-stealing community-published LangChain integration package; the closest public security incident (CVE-2025-68664, a serialization-injection vulnerability nicknamed LangGrinch, CVSS 9.3) was in the core langchain-core library itself, not a third-party community integration.", + shortValue: + 'Partial: core/popular integrations vendor-reviewed; langchain-community is community-maintained, excluded from bug bounty', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langchain.com/oss/python/security-policy', + label: 'Security policy - Docs by LangChain', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/advisories/GHSA-c67j-w6g6-q2cm', + label: + 'LangChain serialization injection vulnerability (CVE-2025-68664) - GitHub Advisory Database', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/langflow.ts b/apps/sim/lib/compare/data/competitors/langflow.ts index bbe75ea5e52..8c1f37a63ac 100644 --- a/apps/sim/lib/compare/data/competitors/langflow.ts +++ b/apps/sim/lib/compare/data/competitors/langflow.ts @@ -762,6 +762,37 @@ export const langflowProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + thirdPartyVetting: { + value: + 'Partial: most built-in integration bundles are contributed as pull requests to the official langflow-ai/langflow codebase and merged by the core maintainers, but Langflow also ships a community Store where users can share and install flows and components with lighter, informal vetting, plus a custom-component system that lets any user author and run their own Python code with full server access. Langflow has disclosed a real security incident tied to this code-execution model: CVE-2025-3248, an unauthenticated remote code execution flaw in the custom-component code-validation endpoint (fixed in 1.3.0), which was actively exploited in the wild to deploy the Flodrix botnet on unpatched instances.', + detail: + 'Langflow documents that it does not enforce isolation between users or restrict local disk/network access, so both bundle and custom-component code run with the same trust level as the core server.', + shortValue: + 'Partial: reviewed bundles plus a lighter-vetted community Store and custom code', + confidence: 'verified', + sources: [ + { + url: 'https://docs.langflow.org/components-bundle-components', + label: 'Langflow Docs - About bundles', + asOf: '2026-07-02', + }, + { + url: 'https://docs.langflow.org/components-custom-components', + label: 'Langflow Docs - Create custom Python components', + asOf: '2026-07-02', + }, + { + url: 'https://docs.langflow.org/security', + label: 'Langflow Docs - Security', + asOf: '2026-07-02', + }, + { + url: 'https://github.com/langflow-ai/langflow/security/advisories/GHSA-vwmf-pq79-vjvx', + label: 'GitHub Security Advisory GHSA-vwmf-pq79-vjvx (CVE-2025-3248)', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/make.ts b/apps/sim/lib/compare/data/competitors/make.ts index cc2c20efe3c..b4eb5d80636 100644 --- a/apps/sim/lib/compare/data/competitors/make.ts +++ b/apps/sim/lib/compare/data/competitors/make.ts @@ -1018,6 +1018,26 @@ export const makeProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'Partial: any developer can build a custom Make app, but publishing it to the public Apps Marketplace requires passing a Make QA code review before it becomes available to all users', + detail: + "Make's Developer Hub documents an open custom-app development model (any third-party developer can build and privately use a custom app), combined with a gated marketplace: to share an app with all Make users, the developer must request an app review, and Make's QA team examines the app's code against app standards and best practices (including sanitization of sensitive data such as API keys/tokens) before publishing it publicly. This is a lighter-touch, code-reviewed model rather than either a fully closed first-party catalog or a fully open, unreviewed community marketplace. No publicly documented security incident specifically involving malicious or credential-leaking third-party Make apps/marketplace listings was found.", + shortValue: 'Partial: open custom apps, but QA-reviewed before public marketplace listing', + confidence: 'verified', + sources: [ + { + url: 'https://developers.make.com/custom-apps-documentation/app-review/overview', + label: 'App review overview - Make Developer Hub', + asOf: '2026-07-02', + }, + { + url: 'https://developers.make.com/custom-apps-documentation/apps-marketplace/terms-and-conditions', + label: 'Apps Marketplace terms and conditions - Make Developer Hub', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts b/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts index 5f496d47044..55c8304bb4c 100644 --- a/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts +++ b/apps/sim/lib/compare/data/competitors/microsoft-copilot.ts @@ -1029,6 +1029,27 @@ export const microsoftCopilotProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'Partial: the primary connector catalog (1,000+ connectors) is Microsoft-certified, requiring code/security review, functional verification, and malware scanning before publication, including connectors submitted by third-party (independent) publishers, but any maker can also build an uncertified custom connector against an arbitrary API for their own tenant, and security researchers at Zenity have documented that custom connectors can bypass Power Platform Data Loss Prevention policies to reach connectors an admin has explicitly blocked', + detail: + "Microsoft's own connector certification docs describe scanning all submitted connector code for malware or viruses and a functional/security review before a connector joins the shared, browsable catalog. Custom connectors skip that review entirely unless separately submitted for certification, and Zenity's published research specifically demonstrates using a custom connector to reach a DLP-blocked connector, a documented real-world weakness in the uncertified path rather than a hypothetical one.", + shortValue: 'Certified catalog is vetted; uncertified custom connectors can bypass DLP', + confidence: 'estimated', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/connectors/custom-connectors/submit-certification', + label: 'Get your connector certified - Overview | Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://zenity.io/blog/research/microsoft-power-platform-dlp-bypass-uncovered-finding-3-custom-connectors', + label: + 'AI Agent Security | Microsoft Power Platform DLP Bypass Uncovered - Finding #3 - Custom Connectors | Zenity', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/n8n.ts b/apps/sim/lib/compare/data/competitors/n8n.ts index 0b6503c99cd..c749b410ca0 100644 --- a/apps/sim/lib/compare/data/competitors/n8n.ts +++ b/apps/sim/lib/compare/data/competitors/n8n.ts @@ -1003,6 +1003,31 @@ export const n8nProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'Partial: n8n ships built-in first-party nodes plus an open community-node ecosystem published to public npm, where only a subset carry an official "verified" review', + detail: + "Beyond its built-in nodes, n8n lets any developer publish a community node as a public npm package that other users install by name; only nodes n8n manually reviews for quality and security (and which forgo runtime dependencies) earn the verified shield icon and are installable/discoverable from n8n Cloud, while unverified community nodes can still be installed on self-hosted instances (or disabled via N8N_COMMUNITY_PACKAGES_ENABLED). n8n's own docs warn that community nodes run with the same level of access as n8n itself, including decrypted credentials during execution. In January 2026, researchers documented a real supply-chain attack in which malicious npm packages posing as n8n community nodes (one mimicking a Google Ads integration) stole OAuth tokens from the credential store; the primary malicious package had over 3,400 weekly downloads before removal.", + shortValue: 'First-party nodes plus an open, lightly-vetted npm community marketplace', + confidence: 'verified', + sources: [ + { + url: 'https://docs.n8n.io/integrations/community-nodes/risks', + label: 'Risks when using community nodes | n8n Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.n8n.io/integrations/creating-nodes/build/reference/verification-guidelines/', + label: 'Verification guidelines | n8n Docs', + asOf: '2026-07-02', + }, + { + url: 'https://thehackernews.com/2026/01/n8n-supply-chain-attack-abuses.html', + label: 'n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/openai-agentkit.ts b/apps/sim/lib/compare/data/competitors/openai-agentkit.ts index 7e33952a221..d4209b0f697 100644 --- a/apps/sim/lib/compare/data/competitors/openai-agentkit.ts +++ b/apps/sim/lib/compare/data/competitors/openai-agentkit.ts @@ -953,6 +953,36 @@ export const openaiAgentkitProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Partial: pre-built Connector Registry entries (Dropbox, Google Drive, SharePoint, Teams) and the ChatGPT Apps directory go through OpenAI identity verification and app review, but Agent Builder's MCP node and the Agents SDK can connect to any third-party MCP server with no vendor vetting pipeline documented", + detail: + "OpenAI's own Connector Registry connectors and ChatGPT Apps directory submissions require developer identity verification and pass through an OpenAI app-review process before listing, per the App submission guidelines. But Agent Builder's MCP node and the Agents SDK let a builder point at any hosted MCP server, first-party or community-run, with no described OpenAI review of that server's code. This client-only MCP model mirrors the wider MCP ecosystem, where unreviewed community servers have shipped malicious behavior elsewhere (for example, an unofficial third-party Postmark MCP server was found in September 2025 silently BCC'ing all outgoing email to an attacker). No security incident specific to OpenAI's own Connector Registry, Apps directory, or Agent Builder MCP integration was found in public reporting as of this writing.", + shortValue: 'Partial: reviewed first-party catalog, but open MCP server connections', + confidence: 'estimated', + sources: [ + { + url: 'https://developers.openai.com/apps-sdk/app-submission-guidelines', + label: 'App submission guidelines | Apps SDK | OpenAI Developers', + asOf: '2026-07-02', + }, + { + url: 'https://developers.openai.com/apps-sdk/guides/security-privacy', + label: 'Security & Privacy | Apps SDK | OpenAI Developers', + asOf: '2026-07-02', + }, + { + url: 'https://openai.com/index/developers-can-now-submit-apps-to-chatgpt/', + label: 'Developers can now submit apps to ChatGPT | OpenAI', + asOf: '2026-07-02', + }, + { + url: 'https://authzed.com/blog/timeline-mcp-breaches', + label: 'A Timeline of Model Context Protocol (MCP) Security Breaches', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/openclaw.ts b/apps/sim/lib/compare/data/competitors/openclaw.ts index e4167c64db8..5f83985e56b 100644 --- a/apps/sim/lib/compare/data/competitors/openclaw.ts +++ b/apps/sim/lib/compare/data/competitors/openclaw.ts @@ -922,6 +922,28 @@ export const openClawProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'No: Skills mainly come from ClawHub, an open marketplace where any third-party developer can publish and any user can install executable Markdown/code Skill packages, not a first-party catalog authored by OpenClaw. Independent research documented 283 ClawHub skills (about 7.1% of the registry) leaking API keys and other credentials, and a separate scan found 24 accounts distributing over 600 malicious skills before scanning existed.', + detail: + 'OpenClaw has since added a ClawScan pipeline (static analysis, VirusTotal, and NVIDIA SkillSpector as of June 2026) that assigns each published skill a Clean/Suspicious/Malicious verdict and a Skill Card, but its own docs still tell users to treat third-party skills as untrusted code, and the marketplace remains open to any publisher rather than vendor-authored.', + shortValue: + 'No: open ClawHub marketplace, documented credential-leak and malware incidents', + confidence: 'verified', + sources: [ + { + url: 'https://snyk.io/blog/openclaw-skills-credential-leaks-research/', + label: 'Snyk: 280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII', + asOf: '2026-07-02', + }, + { + url: 'https://openclaw.ai/blog/openclaw-nvidia-skill-security', + label: + 'OpenClaw Blog: OpenClaw Collaborates with NVIDIA for Stronger Agent Skill Security', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/pipedream.ts b/apps/sim/lib/compare/data/competitors/pipedream.ts index 839211d0efc..c774e6e5c3f 100644 --- a/apps/sim/lib/compare/data/competitors/pipedream.ts +++ b/apps/sim/lib/compare/data/competitors/pipedream.ts @@ -868,6 +868,26 @@ export const pipedreamProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'No: Pipedream is built around an open component registry where any developer can publish integration components to the public pipedreamhq/pipedream GitHub repo for anyone else to run, and users can also write and execute their own arbitrary custom code steps.', + detail: + 'Community-contributed components go through automated checks (linting and other CI checks a contributor can also run locally via pnpm) rather than a documented manual first-party security review before a submission becomes runnable by other users. No publicly documented security incident specific to a malicious or compromised Pipedream component was found as of this check.', + shortValue: 'No, open community component registry', + confidence: 'estimated', + sources: [ + { + url: 'https://pipedream.com/docs/components/guidelines', + label: 'Pipedream Docs: Components Guidelines & Patterns', + asOf: '2026-07-02', + }, + { + url: 'https://pipedream.com/community', + label: 'Pipedream Community', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/power-automate.ts b/apps/sim/lib/compare/data/competitors/power-automate.ts index 1554c0d64d4..b7120f1846a 100644 --- a/apps/sim/lib/compare/data/competitors/power-automate.ts +++ b/apps/sim/lib/compare/data/competitors/power-automate.ts @@ -998,6 +998,27 @@ export const powerAutomateProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Partial: the certified connector catalog (1,400+ connectors, including third-party 'Independent Publisher' submissions) goes through a Microsoft Certification team review, identity/credential verification of the publisher, and swagger/endpoint/security validation before being listed. However, any user or org can also build and share 'custom connectors' that call arbitrary APIs, and these bypass the certification catalog entirely with no Microsoft security review. Security researchers at Zenity documented that custom connectors can be used to reach connectors otherwise blocked by Data Loss Prevention (DLP) policies, a real, publicly documented DLP-bypass finding tied to the custom-connector path specifically.", + detail: + "This is not an open, install-anything marketplace like n8n community nodes: independent publishers must pass identity verification and a Microsoft-run technical/security review to appear in the shared connector catalog. The gap is the separate custom-connector mechanism, which lets any maker define and use an unreviewed connector inside their own environment, and which Zenity's research showed can be abused to bypass connector-level DLP blocks.", + shortValue: 'Certified catalog is vetted; custom connectors bypass review and DLP', + confidence: 'verified', + sources: [ + { + url: 'https://learn.microsoft.com/en-us/connectors/custom-connectors/certification-submission-ip', + label: 'Independent publisher certification process - Microsoft Learn', + asOf: '2026-07-02', + }, + { + url: 'https://zenity.io/blog/research/microsoft-power-platform-dlp-bypass-uncovered-finding-3-custom-connectors', + label: + 'AI Agent Security | Microsoft Power Platform DLP Bypass Uncovered - Finding #3 - Custom Connectors | Zenity', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/retool.ts b/apps/sim/lib/compare/data/competitors/retool.ts index 2d837a6e772..6622061091b 100644 --- a/apps/sim/lib/compare/data/competitors/retool.ts +++ b/apps/sim/lib/compare/data/competitors/retool.ts @@ -893,6 +893,26 @@ export const retoolProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Yes: Retool's built-in integrations (Resources) are a first-party catalog of roughly 50 databases/APIs/cloud services built and maintained by Retool itself, not an open marketplace of third-party-submitted connectors. Retool separately offers Custom Component Libraries, which let a customer's own developers pull in npm packages to build custom UI components, but these are private to the authoring organization by default (or explicitly made public by that org) and are not a shared registry where other Retool customers install code published by unrelated third parties.", + detail: + "Retool documents that a custom component loads into a sandboxed iframe, and its own custom-component-guide plus a community forum thread ('Custom Component Vulnerabilities') flag that developers should run npm audit on the dependencies they pull into their own component libraries. This is a supply-chain caution for self-authored code, not a documented incident involving a shared marketplace, since no such public component marketplace exists.", + shortValue: 'Yes, first-party integration catalog, no public component marketplace', + confidence: 'verified', + sources: [ + { + url: 'https://retool.com/integrations', + label: 'Retool Integrations', + asOf: '2026-07-02', + }, + { + url: 'https://docs.retool.com/apps/guides/custom/custom-component-libraries/', + label: 'Build custom React components', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/stackai.ts b/apps/sim/lib/compare/data/competitors/stackai.ts index 7f20eeb6818..a18a1d6db1a 100644 --- a/apps/sim/lib/compare/data/competitors/stackai.ts +++ b/apps/sim/lib/compare/data/competitors/stackai.ts @@ -792,6 +792,26 @@ export const stackaiProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Yes: StackAI's 70+ app integrations (databases, cloud storage, CRMs, communication tools) are built and maintained by StackAI's own team, not an open community marketplace. Users needing an unlisted service fall back to a built-in Custom API node or connect their own MCP servers, rather than installing code published by other third-party users.", + detail: + 'No public marketplace or community-node registry (like n8n community nodes) was found where outside developers publish installable integrations for other StackAI users. MCP support lets a workspace point at third-party MCP servers, but that is a user-configured connection to an external server the user chooses, not a shared plugin store with lighter vendor review. No StackAI-specific security incident involving its integrations or MCP connections was found in public sources.', + shortValue: 'Yes, first-party catalog only', + confidence: 'estimated', + sources: [ + { + url: 'https://docs.stackai.com/workflow-builder/apps', + label: 'StackAI Apps documentation', + asOf: '2026-07-02', + }, + { + url: 'https://docs.stackai.com/workflow-builder/apps/mcp', + label: 'StackAI MCP documentation', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/tines.ts b/apps/sim/lib/compare/data/competitors/tines.ts index 7b6b030e335..79ef1dbb91e 100644 --- a/apps/sim/lib/compare/data/competitors/tines.ts +++ b/apps/sim/lib/compare/data/competitors/tines.ts @@ -897,6 +897,26 @@ export const tinesProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Yes: Tines' executable actions (HTTP Request, webhooks, email, Send to Story, AI Agent, etc.) are a fixed, first-party set built and maintained by Tines itself, not a plugin/node marketplace; integrations with third-party tools are done by pointing the generic HTTP Request action at that tool's API, or by importing a pre-built 'Story' (a workflow template/JSON config, not installable code) from the community Story Library. No mechanism exists for a third party to publish executable custom actions/nodes that other tenants install.", + detail: + "The public Story Library has a 'Community selection' of user-submitted Story templates alongside Tines-authored ones, but these are shareable workflow configurations built from the same fixed first-party action set, not third-party executable plugins with their own code/dependencies (unlike n8n community nodes or a skill/plugin registry). No public vetting process for community Story submissions is documented, and no publicly documented security incident involving Tines' Story Library or action set was found.", + shortValue: 'Yes: fixed first-party action set, no plugin marketplace', + confidence: 'verified', + sources: [ + { + url: 'https://www.tines.com/library', + label: 'Story Library | Tines', + asOf: '2026-07-02', + }, + { + url: 'https://www.tines.com/docs/actions/overview', + label: 'Actions overview | Docs | Tines', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/vellum.ts b/apps/sim/lib/compare/data/competitors/vellum.ts index fb62c76ed39..c3068717aaa 100644 --- a/apps/sim/lib/compare/data/competitors/vellum.ts +++ b/apps/sim/lib/compare/data/competitors/vellum.ts @@ -832,6 +832,26 @@ export const vellumProfile: CompetitorProfile = { confidence: 'unknown', sources: [], }, + thirdPartyVetting: { + value: + "Yes: Vellum's tool ecosystem is closed and vendor/partner controlled, not an open marketplace. Its own 100+ native integrations are built and maintained by Vellum, its Composio partnership adds access to Composio's curated tool library (not third-party developer submissions reviewed loosely), and 'Custom Nodes' are authored by the customer's own team for internal reuse rather than published to a shared public marketplace for other tenants to install.", + detail: + "No documentation was found describing a public marketplace or community-node/plugin registry where independent third-party developers publish executable code that other Vellum customers can browse and install, unlike ecosystems such as n8n community nodes. Custom Nodes extend a single customer's own workflows and are not distributed to other organizations. No publicly documented security incidents involving Vellum's integration or tool ecosystem were found.", + shortValue: 'Closed first-party/partner catalog, no open plugin marketplace', + confidence: 'estimated', + sources: [ + { + url: 'https://www.vellum.ai/blog/vellum-composio-new-partnership-for-ai-agent-building', + label: 'Vellum + Composio: Build Powerful AI Agents Faster', + asOf: '2026-07-02', + }, + { + url: 'https://docs.vellum.ai/developers/workflows-sdk/tutorials/custom-nodes', + label: 'Custom Nodes - Vellum Documentation', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/workato.ts b/apps/sim/lib/compare/data/competitors/workato.ts index e82eeae7801..41ab4614aad 100644 --- a/apps/sim/lib/compare/data/competitors/workato.ts +++ b/apps/sim/lib/compare/data/competitors/workato.ts @@ -1007,6 +1007,31 @@ export const workatoProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + 'Partial: Workato has a large first-party catalog of native, Workato-built connectors, plus an open Community Library where any developer with Connector SDK access can build and publish a connector that other users install with no formal Workato security review, alongside an invite-only Partner Connector tier that does get Workato code review.', + detail: + "Workato's own docs distinguish three tiers: native connectors are built and maintained by Workato directly; Partner Connectors go through Workato's partnership program with dedicated developer accounts and code review by Workato engineers on the initial version and subsequent updates; and Community Connectors are built by any community member and published to the Community Library with no formal Workato security review, explicitly labeled 'intended as examples only.' Installing a community connector requires full Connector SDK privileges, and Workato's own guidance tells users to independently evaluate and test a community connector's code before releasing it workspace-wide, since 'notwithstanding any Security Review conducted or any label provided by Workato, Workato does not certify, warrant or support any Community Listings, Partner Connectors or No Code Connectors.' No specific publicly documented incident (e.g., a malicious published community connector or a credential leak traced to one) was found; a Workato blog post on general AI/MCP security risk raises malicious lookalike marketplace tools as a theoretical/industry-wide concern, not a confirmed Workato-specific incident.", + shortValue: 'Partial: first-party catalog plus open, lightly-vetted community library', + confidence: 'verified', + sources: [ + { + url: 'https://docs.workato.com/developing-connectors/community/community.html', + label: 'Community connectors | Workato Docs', + asOf: '2026-07-02', + }, + { + url: 'https://docs.workato.com/developing-connectors/community/community-listing.html', + label: 'Contributing your connector | Workato Docs', + asOf: '2026-07-02', + }, + { + url: 'https://www.workato.com/product-hub/community-connectors/', + label: 'Workato Community Connectors: What you need to know', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/competitors/zapier.ts b/apps/sim/lib/compare/data/competitors/zapier.ts index 097d52c0eae..8e8d2da1e00 100644 --- a/apps/sim/lib/compare/data/competitors/zapier.ts +++ b/apps/sim/lib/compare/data/competitors/zapier.ts @@ -942,6 +942,31 @@ export const zapierProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Partial: Zapier's App Directory is an open developer ecosystem, not a closed first-party catalog. Any developer can build an integration on the Zapier Developer Platform and submit it for public listing; Zapier's review checks publishing/technical requirements (HTTPS-only endpoints, no hardcoded credentials, OAuth verification) rather than a deep security audit, and Zapier explicitly tells customers these apps are 'owned and operated by third parties' and that users are responsible for evaluating trust in the developer.", + detail: + "Zapier's own Partner Program docs describe review turnaround of up to 21 business days against publishing standards, and OAuth verification is framed as 'a helpful start' rather than a guarantee of an app's suitability. No documented security incident specifically tied to a malicious third-party app published in the App Directory was found; separate publicly reported incidents (a 2025 repository breach exposing debug logs, and a 2025 npm supply-chain compromise of Zapier's own published packages) involved Zapier's internal infrastructure and package registry, not the App Directory's third-party integration ecosystem.", + shortValue: 'Partial: open app directory, lighter technical review', + confidence: 'verified', + sources: [ + { + url: 'https://platform.zapier.com/publish/integration-publishing-requirements', + label: 'Integration publishing requirements', + asOf: '2026-07-02', + }, + { + url: 'https://docs.zapier.com/platform/publish/partner-program', + label: 'Partner Program', + asOf: '2026-07-02', + }, + { + url: 'https://help.zapier.com/hc/en-us/articles/17709950386573-Data-safety-when-using-Zapier-embedded-in-other-apps', + label: 'Data safety when using Zapier embedded in other apps', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/sim.ts b/apps/sim/lib/compare/data/sim.ts index c0861e5bfdc..44d9d2815b1 100644 --- a/apps/sim/lib/compare/data/sim.ts +++ b/apps/sim/lib/compare/data/sim.ts @@ -899,6 +899,21 @@ export const simProfile: CompetitorProfile = { }, ], }, + thirdPartyVetting: { + value: + "Yes: every one of Sim's 302 blocks is first-party authored and code-reviewed through the standard pull-request process in the main Sim repository; there is no public marketplace where an arbitrary third party can publish and have other users install executable tool code without going through Sim's own review", + detail: + "Custom code steps run inside Sim's own isolated-vm sandbox rather than as an installable third-party skill package, so the supply-chain trust boundary is Sim's codebase review, not an open registry.", + shortValue: 'All 302 blocks are first-party authored and code-reviewed', + confidence: 'verified', + sources: [ + { + url: 'https://github.com/simstudioai/sim/tree/main/apps/sim/blocks/blocks', + label: 'Sim codebase: first-party block directory', + asOf: '2026-07-02', + }, + ], + }, }, observability: { tracingDepth: { diff --git a/apps/sim/lib/compare/data/types.ts b/apps/sim/lib/compare/data/types.ts index 86675e9af65..0b35b3fc91f 100644 --- a/apps/sim/lib/compare/data/types.ts +++ b/apps/sim/lib/compare/data/types.ts @@ -130,6 +130,8 @@ export interface ComparisonFacts { piiRedaction: Fact /** SAML/OIDC single sign-on with organization auto-provisioning on first login. */ sso: Fact + /** Whether integrations/tools/skills come from a vetted first-party catalog authored and reviewed by the vendor, versus an open marketplace where any third party can publish and users install executable code from unvetted authors. */ + thirdPartyVetting: Fact } /** * Production-readiness signals that matter once feature parity is From 7d25608e081829a33843f32948ff6c8ffd8c818a Mon Sep 17 00:00:00 2001 From: waleed Date: Fri, 3 Jul 2026 11:07:09 -0700 Subject: [PATCH 5/7] fix(comparison): correct n8n supply-chain attack download count Independently re-verified the cited Hacker News article: the primary malicious package had 4,241 downloads listed (not "3,400 weekly" as previously written, a number not actually supported by the source). --- apps/sim/lib/compare/data/competitors/n8n.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/sim/lib/compare/data/competitors/n8n.ts b/apps/sim/lib/compare/data/competitors/n8n.ts index c749b410ca0..695bcc83c67 100644 --- a/apps/sim/lib/compare/data/competitors/n8n.ts +++ b/apps/sim/lib/compare/data/competitors/n8n.ts @@ -1007,7 +1007,7 @@ export const n8nProfile: CompetitorProfile = { value: 'Partial: n8n ships built-in first-party nodes plus an open community-node ecosystem published to public npm, where only a subset carry an official "verified" review', detail: - "Beyond its built-in nodes, n8n lets any developer publish a community node as a public npm package that other users install by name; only nodes n8n manually reviews for quality and security (and which forgo runtime dependencies) earn the verified shield icon and are installable/discoverable from n8n Cloud, while unverified community nodes can still be installed on self-hosted instances (or disabled via N8N_COMMUNITY_PACKAGES_ENABLED). n8n's own docs warn that community nodes run with the same level of access as n8n itself, including decrypted credentials during execution. In January 2026, researchers documented a real supply-chain attack in which malicious npm packages posing as n8n community nodes (one mimicking a Google Ads integration) stole OAuth tokens from the credential store; the primary malicious package had over 3,400 weekly downloads before removal.", + "Beyond its built-in nodes, n8n lets any developer publish a community node as a public npm package that other users install by name; only nodes n8n manually reviews for quality and security (and which forgo runtime dependencies) earn the verified shield icon and are installable/discoverable from n8n Cloud, while unverified community nodes can still be installed on self-hosted instances (or disabled via N8N_COMMUNITY_PACKAGES_ENABLED). n8n's own docs warn that community nodes run with the same level of access as n8n itself, including decrypted credentials during execution. In January 2026, researchers documented a real supply-chain attack in which malicious npm packages posing as n8n community nodes (one mimicking a Google Ads integration) stole OAuth tokens from the credential store; the primary malicious package had 4,241 downloads listed before removal.", shortValue: 'First-party nodes plus an open, lightly-vetted npm community marketplace', confidence: 'verified', sources: [ From 0a9b77702c31de72d0f08ce413c5e80721abac9f Mon Sep 17 00:00:00 2001 From: waleed Date: Fri, 3 Jul 2026 11:10:00 -0700 Subject: [PATCH 6/7] fix(comparison): fix duplicated competitor name in first FAQ answer Every competitor's oneLiner is already a complete "{Name} is ..." sentence, so prepending "${name} is " before it was always redundant. Before this session's lowercaseFirst fix, the duplication rendered in mixed case ("Zapier is zapier is a cloud-based...") and was easy to miss; the CamelCase-name fix made it fully literal and obvious ("CrewAI is CrewAI is..."), which is what Cursor Bugbot caught. Fixed by using the oneLiner directly (via ensurePeriod) instead of re-prepending the name. Verified fixed across all 20 pages via live curl, not just the CrewAI case Cursor flagged. --- apps/sim/app/(landing)/comparison/utils.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/sim/app/(landing)/comparison/utils.ts b/apps/sim/app/(landing)/comparison/utils.ts index caf4b0cd34c..1c896d501fe 100644 --- a/apps/sim/app/(landing)/comparison/utils.ts +++ b/apps/sim/app/(landing)/comparison/utils.ts @@ -118,7 +118,7 @@ export function buildComparisonFaqs(competitor: CompetitorProfile): ComparisonFa const faqs: ComparisonFaq[] = [ { question: `Is Sim a good alternative to ${name}?`, - answer: `Sim is an open-source AI workspace where teams build, deploy, and manage AI agents visually, conversationally, or with code. ${name} is ${lowercaseFirst(competitor.oneLiner)} Teams considering a switch typically weigh licensing (Sim is Apache 2.0 and self-hostable), pricing model, and how AI-native the platform's agent-building experience is.`, + answer: `Sim is an open-source AI workspace where teams build, deploy, and manage AI agents visually, conversationally, or with code. ${ensurePeriod(competitor.oneLiner)} Teams considering a switch typically weigh licensing (Sim is Apache 2.0 and self-hostable), pricing model, and how AI-native the platform's agent-building experience is.`, }, { question: `What is the main difference between Sim and ${name}?`, From 652e373ce7aa304db6952a8f97ace347852a428b Mon Sep 17 00:00:00 2001 From: waleed Date: Fri, 3 Jul 2026 11:19:41 -0700 Subject: [PATCH 7/7] improvement(comparison): cite Sim's own docs alongside code for 4 facts Added docs.sim.ai citations (Roles and Permissions, BYOK, Debugging retrieval, Function block) as primary sources for rbac, byok, kbChunkVisibility, and customCodeSteps, which previously cited only GitHub source code with no user-facing documentation reference. Verified all 4 doc URLs resolve (200). --- apps/sim/lib/compare/data/sim.ts | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/apps/sim/lib/compare/data/sim.ts b/apps/sim/lib/compare/data/sim.ts index 44d9d2815b1..5f42af4ec43 100644 --- a/apps/sim/lib/compare/data/sim.ts +++ b/apps/sim/lib/compare/data/sim.ts @@ -511,6 +511,11 @@ export const simProfile: CompetitorProfile = { shortValue: 'Chunk-level search results and a dedicated chunk editor', confidence: 'verified', sources: [ + { + url: 'https://docs.sim.ai/knowledgebase/debugging-retrieval', + label: 'Sim Docs: Debugging retrieval', + asOf: '2026-07-02', + }, { url: 'https://github.com/simstudioai/sim/blob/main/apps/sim/app/workspace/[workspaceId]/knowledge/[id]/[documentId]/components/chunk-editor/chunk-editor.tsx', label: 'Sim codebase: chunk editor', @@ -604,6 +609,11 @@ export const simProfile: CompetitorProfile = { shortValue: 'Code-execution block for custom logic', confidence: 'verified', sources: [ + { + url: 'https://docs.sim.ai/workflows/blocks/function', + label: 'Sim Docs: Function block', + asOf: '2026-07-02', + }, { url: 'https://github.com/simstudioai/sim/blob/main/apps/sim/blocks/registry-maps.ts', label: 'Sim codebase: block registry', @@ -711,6 +721,11 @@ export const simProfile: CompetitorProfile = { shortValue: 'BYOK exempts credit caps; multi-key round-robin rotation', confidence: 'verified', sources: [ + { + url: 'https://docs.sim.ai/platform/costs#bring-your-own-key-byok', + label: 'Sim Docs: Bring Your Own Key (BYOK)', + asOf: '2026-07-02', + }, { url: 'https://github.com/simstudioai/sim/blob/main/apps/sim/lib/billing/calculations/usage-monitor.ts', label: 'Sim codebase: BYOK usage-monitor logic', @@ -766,6 +781,11 @@ export const simProfile: CompetitorProfile = { shortValue: 'Workspace and org-level role permissions', confidence: 'verified', sources: [ + { + url: 'https://docs.sim.ai/platform/permissions', + label: 'Sim Docs: Roles and Permissions', + asOf: '2026-07-02', + }, { url: 'https://github.com/simstudioai/sim/blob/main/packages/db/schema.ts', label: 'Sim codebase: permissionTypeEnum, role columns',