Handling per-agent isolation and environment lifecycle in an orchestration library

The author details the architecture of a harness-agnostic orchestration library, focusing on managing agent environments through distinct workspace and runtime abstractions. The system defines four sequential states—unprovisioned, provisioned, started, and retired—to control the lifecycle of each agent instance.

• Provisioning creates the database record and allocates a permanent unique letter, while the 'ensure' command brings agents to a desired floor state defined in configuration files.
• The design separates runtime-specific start/stop logic from runtime-agnostic provisioning, allowing the library to support multiple environments like Docker and host systems.
• Agents are considered subprocesses without their own lifecycle; the library manages only the surrounding environment, remaining harness-agnostic to work with tools like Claude Code or local models.

This approach provides a standardized way to orchestrate diverse agents and manage their isolation, addressing security concerns around skills while avoiding the need to replace existing coding harnesses.