← Back to projects
Operations
ERP Operations Copilot
Agentic operations over business entities through governed MCP tools, with specialist routing and a human-in-the-loop approval boundary for risky writes.
How it works
A DeepAgents-based Python agent coordinates user-facing orchestration and MCP calls (via LangChain MCP adapters); the Java MCP server owns MySQL-backed business data and approval enforcement. Mongo stores agent threads; sandbox and chart services run as explicit supporting services; analytics questions route to the NL2SQL agent.
DeepAgentsFastAPISpring AI MCPJava 21MySQLDocker
Capabilities
- DeepAgents-based orchestration with specialist routing and role-shaped (least-privilege) tool access via a static catalog, not prompt-based guessing.
- Human-in-the-loop approval for risky writes: canonical-payload hashing, actor/session/tool binding, TTL, and one-time consumption.
- Spring Boot / Spring AI MCP server owning business data and approval enforcement (10 read / 4 write tools).
- Trace-grounded answers marked authoritative, derived, or unverified.
- Docker-sandboxed analysis per session and a proactive monitoring/alert center.
Evidence
- Write tools require approval IDs bound to actor, session, tool, and canonical payload.
- Approval is deliberately excluded from the agent's own toolset — humans retain control.
- Routing/tool-choice evals verify the agent picks the intended specialist and tool.
Try this
- Ask for low-stock inventory or supplier performance.
- Request a purchase-order update and inspect the approval step.
- Verify that write execution fails without a valid approval.