Product · Architecture

The on-premiseagentic platform.

huoku aggregates scattered company knowledge into a single index, runs configurable agents on top of it, and keeps the whole stack inside your own Kubernetes cluster. One Helm chart. Production-grade security. No external dependencies.

Start with a conversationBrowse the architecture
01 Architecture02 Agents03 Workflows04 Integrations05 Security
Architecture

How huoku works.

Both halves of the platform work as one: a knowledge pipeline that turns your sources into a searchable index, and agents that use that index to reason and call tools.

01 · Knowledge Pipeline

From sources to index

Satellite crawlers watch your connected systems for new, updated, and deleted documents. Content is parsed, chunked intelligently, run through DataGuard for PII masking, embedded into vectors, and indexed in OpenSearch.

SourcesCrawlPII MaskEmbedIndex
huoku knowledge collections view
SourcesConfluence · SharePoint · Slack · Teams · Kafka · Windows file shares · local file systems — and many more
FormatsPDF · DOCX · XLSX · plain text · Confluence pages · OCR — and many more
02 · Agents

From index to action

Agents don't just retrieve information — they call APIs, combine sources, and execute workflows in the background. Managed from a single panel.

  1. 1A trigger initiates the workflow — incoming email, API call, Kafka event, webhook, or a schedule.
  2. 2The agent activates, accesses the knowledge base, and reasons about what to do.
  3. 3The agent executes skills (multi-step workflows) and uses tools (actions via connectors).
  4. 4It can delegate to sub-agents for specialized tasks.
  5. 5Actions are delivered — email sent, API called, event published, webhook fired.
huoku AI agents admin panel
TriggersSchedule · Email · Kafka · Webhook · REST · On-demand
ActionsAPI call · Email · Event · Webhook · Sub-agent · Database
Agent configuration

Your agents. Your rules.

Every agent in huoku is independently configurable. Admins create and manage agents through a visual editor — no coding, no DevOps tickets.

Agent management interface
  • System prompt
    Behavior instructions and persona, scoped per agent.
  • Knowledge access
    Which knowledge collections the agent can see.
  • Skills
    Multi-step workflows the agent can execute.
  • Tools
    Concrete actions — email, REST, Kafka, webhook.
  • Triggers
    What activates the agent: schedule, event, query.
  • LLM model
    Model and temperature per agent, switchable at runtime.
  • Sub-agents
    Delegate specialized tasks to specialized agents.
  • Identity
    Custom name, icon, color for every agent.
  • Welcome prompts
    Localized greetings and example prompts.
Autonomous workflows

Agents that don't wait to be asked.

The real leverage of an agent platform isn't answering one question well — it's running agents that do their own work on a schedule, react to events, and deliver results before anyone notices the problem. huoku's workflow engine turns any agent into a 24/7 worker.

huoku workflows admin panel
Nightly triggerHealth Assistant

Daily sick-leave report

Aggregates absences from HR systems, flags patterns, drops a summary in Teams every morning.

Hourly triggerPredictive Maintenance

Check machine metrics, alert if needed

Reads OPC-UA streams against the threshold playbook, opens a work order when an anomaly crosses confidence 0.9.

Nightly triggerProcurement Assistant

Watch new Hilma announcements

Pulls the latest public-tender notices, filters by relevance, drafts a go/no-go memo for the procurement lead.

Anatomy of a workflow
01

Trigger

Schedule (cron-like), Kafka event, webhook, REST call, or on-demand from chat. The strip says how it starts.

02

Agent

Any configured agent can be wired to a workflow — reusing the same knowledge access, tools, and identity.

03

Owner

Every workflow runs under an identity. Permissions and audit logs follow the owner — not a service account.

All runs land in monitoring with full traces. If a step fails, you see exactly where — and which retry policy fired.

Integrations

Connects to everything. Depends on nothing.

The same agent answers an employee in chat, responds to a REST call from an integration, and listens on Kafka for real-time workflows. One management plane, many channels.

For humans

Chat interface

Browser-based chat for employees. Conversation history, source citations with PDF page numbers, agent-specific welcome prompts. Each user sees only the data they're authorized to.

  • Source citations on every answer
  • Per-user conversation history
  • Agent-specific welcome messages and example prompts
  • User permissions inherited down to chunk level
huoku chat interface for employees
For programmatic systems

Protocols and APIs

REST API

Programmatic access for custom integrations.

Kafka

Event-driven integration for real-time workflows.

MCP

Exposes knowledge to huoku's own agents — and optionally to external AI assistants.

A2A

Agent-to-agent interoperability for multi-agent systems.

LLM support

One platform, any model.

Cloud providers for top-tier performance, local models via Ollama and vLLM for air-gapped environments. Models are switchable at runtime — no restarts required.

  • OpenAI (GPT-4 and others)
  • Anthropic (Claude)
  • Azure OpenAI
  • Ollama (fully local, air-gapped)
  • vLLM (high-performance local inference)
LLM model management view
Security

Security is not a feature. It's the architecture.

Every chunk, query, and answer carries an identity. Permissions follow the data from source system to final answer — without unbundling or duplicating your existing access model.

Identity providers and federations management
01 · Authentication

Identity and access

  • Keycloak OIDC with PKCE
  • Role-based access control — Admin, User, Viewer
  • Document-level security — results filtered by user permissions
  • Agent-level permissions — each agent's knowledge and tools controlled independently
  • Per-user chat isolation
PII redaction rules management
02 · Data protection

Your data stays under your control

  • DataGuard PII masking in the knowledge pipeline — sensitive identifiers never enter the index
  • Data never leaves your network — all processing on your own infrastructure
  • Permissions follow the data from source system to final answer
  • No backend service directly exposed to the internet
Distributed tracing waterfall view
03 · Compliance

Every step, auditable

  • GDPR-ready with audit logging
  • Full audit trail of all agent activity, tool invocations, and search queries
  • Air-gapped deployment option with local models
  • EU AI Act requirements satisfied at the structural level
Start with a conversation

AI on your own infrastructure.
On your terms.

Tell us briefly about your environment and your goals — we'll come back within two business days with a concrete next step.

On-premise · Production-grade
sales@huoku.ai