GitHub-native AI automation

From issue to
pull request.
Automatically.

ISAA picks up your GitHub issues and delivers production-ready pull requests. AI agents contextualize, plan, implement, and validate every change through your own CI pipeline.

See how it worksGet in touch
api-service#247 — Add rate limiting to /upload endpoint
isaa:trigger
Contextualize
Plan
Implement
Validate
PR
Contextualizediscovery agent
How It Works

Five stages. One pipeline.

Every issue flows through a composable pipeline of stages with configurable gates that enforce quality, require approval, or auto-route on failure.

01
Contextualize
verify repos
02
Plan
plan check
03
Implement
verify build
04
Validate
configurable
05
Deploy

What happens

ISAA discovers related repositories across your org, clones them, and extracts the relevant code, interfaces, and conventions needed to understand the issue.

Agent

Discovery + Contextualizer

Output

Curated context: relevant files, dependencies, coding patterns

In Action

Watch an issue get solved

Follow a rate limiting feature from GitHub issue to merged pull request — fully automated.

Issue created
A developer opens an issue describing the feature needed.
isaa:trigger
Add rate limiting to API endpoints
Public endpoints have no throttling. Add a sliding window rate limiter to GET and POST routes, return 429 when exceeded.
Context discovered
ISAA scans your org, clones related repos, and extracts relevant context.
isaa:discovering
Workspace ready — 3 repos identified
acme/backend-api — target repo
acme/shared-middleware — existing throttling patterns
acme/api-gateway — rate limit headers
Plan generated
The planner explores the codebase and produces a structured implementation plan.
isaa:planning
Plan ready — 3 files across 1 repo
@@ class RateLimiter @@
+ def __init__(self, limit: int, window: int):
+ def is_allowed(self, client_ip: str) -> bool:
Code implemented
The implementation agent writes code and tests following the plan exactly.
isaa:implementing
Validation passed
Linting, tests, and code review all pass. All checks green.
isaa:validating

PR #43 ready for review

+85 −2 across 3 files · All CI checks passing · Closes #42

AI Agents

Five specialized agents,
one pipeline

Each stage runs a dedicated agent with its own tools, permissions, and model. They don't share context — they earn it.

Discovery

Maps dependencies across your entire organization. Identifies which repos matter for this issue.

Contextualizer

Reads your codebase and extracts only what matters — the right files, interfaces, and conventions.

Planner

Produces a structured, verifiable 8-phase plan. Every change is specified, every risk assessed, every test anticipated.

Implementer

Follows the specification exactly. Writes code, writes tests, verifies the build — then commits. No drift.

Validator

Three independent verification layers, ordered fast to thorough. Catches issues before any human sees them.

Multi-provider AI — mix models freelyUse Claude, Gemini, or OpenAI for any agent role. Assign the right model to each task: fast models for discovery, powerful models for planning.
Operators

The building blocks of
every stage

Operators are pluggable work units that run before or after any stage. Chain them to create custom validation, deployment, and notification flows — no pipeline code required.

Any stage
Pre-operators
install-toolsclone-repos
Agent runs
Post-operators
linttestssecurity-scan
Operators that fail can auto-route back to implementation or planning with configurable retry limits

Script

Run any shell command — linters, test suites, builds, infrastructure tools. Auto-installs packages and supports per-command timeouts.

pytest -xeslint .terraform plannpm testruff check

Agent

Run an AI agent as a pipeline step — code review, security audit, API compatibility check, or any reasoning task with full context.

Review for backward compatCheck for secretsValidate API contracts

Webhook

Call external APIs — trigger CI builds, run security scans, notify services. Supports polling for async results and template variables.

POST /api/scanGET /deploy/statusPOST /slack/notify

Git

Pipeline-level git operations — clone discovered repos, push working branches, merge to targets. Coordinates multi-repo workflows automatically.

Clone discovered reposPush branchMerge to main
Workflow Builder

Describe your pipeline.
The AI builds it.

Tell the Workflow Builder agent what you need — validation steps, deployment hooks, approval gates — and it generates a production-ready pipeline tailored to your stack.

Workflow Builder
Y
I need a workflow for our inventory API. Run eslint and pytest after implementation, push the branch, and verify no hardcoded secrets.
I've created a workflow with two validation steps — eslint for linting and pytest for tests — both with auto-retry routing back to implementation. I've added a security scan operator that checks for hardcoded secrets using pattern matching. The branch pushes automatically after validation passes.
Y
Add a human approval gate after planning, and use opus for the planner.
Done. The planning gate is now set to human — the pipeline will pause and wait for /approve before implementation begins. The planner agent has been upgraded to claude-opus-4-6.
Generated PipelineLive preview
Agents
Planner (opus)Implementer (sonnet)Discovery (haiku)
Validation
eslintpytestsecret-scan
Gates
after_planning: humanafter_validating: bypass
Completion
Push branchCreate PR → mainClose issue

API validations

Webhook operators call your APIs, poll for results, and feed responses into downstream steps.

Infrastructure checks

Run Terraform plan, Kubernetes validation, or any CLI tool as a pipeline step with auto-retry.

Test suites

pytest, npm test, go test — any language. Failures route back to implementation with context.

AI code review

Insert an AI reviewer at any point — security audit, API compatibility, or custom quality checks.

Multi-repo discovery

Automatically discover and clone related repos across your org for cross-service context.

Custom extensions

When built-in operators aren't enough, the builder generates Python extensions for your domain.

Human-in-the-Loop

AI proposes. You decide.

Review plans before implementation, answer agent questions, retry with feedback, or revert changes — all from GitHub issue comments.

ISAA bot
isaabot
Plan ready for review — 3 files across 1 repo.
src/middleware.py · src/routes.py · src/config.py
Reply /approve to proceed or /replan with feedback.
Y
you
/replan Also add rate limit headers (X-RateLimit-Remaining) to responses
ISAA bot
isaabot
Updated plan — 4 files. Added src/responses.py for rate limit headers. Reply /approve to proceed.
Y
you
/approve
ISAA bot
isaabot
Implementation complete — 4 files changed, PR #43 created. All checks passing.
Available Commands
/approveAccept plan, start implementation
/replanRe-plan with your feedback
/rejectReject the plan entirely
/retryRe-plan after validation failure
/revertUndo ISAA commits
/revalidateRe-run validation
/abortStop processing this issue
Per-repo control: Set require_plan_approval: true in repos.yaml, or add the isaa:require-approval label to any issue. Use isaa:skip-approval to bypass.
Enterprise

Built for teams.
Your infrastructure.

ISAA runs entirely inside your network. No SaaS dependency, no data exfiltration risk, no vendor lock-in.

Self-hosted, air-gapped ready

Deploy as a Docker container or Helm chart. Your source code never leaves your network. No inbound ports — just outbound HTTPS.

Bring your own keys

Use your existing Anthropic, Google, or OpenAI API keys. No proxy, no middleman, no token markup. Direct API calls from your infrastructure.

Crash recovery built in

If a worker crashes, it restarts mid-pipeline exactly where it left off. State is persisted in GitHub comments — no external database needed.

Distributed by default

Run multiple workers across teams or regions. Per-issue locking, automatic coordination, reconciliation loop for missed webhooks.

Full audit trail

Every decision, plan, and code change is recorded as a GitHub comment. Compliance-ready — no separate logging system needed.

Heartbeat monitoring

Continuous health reporting with stale pipeline detection. Workers automatically reclaim abandoned issues after configurable timeouts.

Proprietary License

All rights reserved. Any use — commercial or non-commercial — requires a license agreement. Contact us for pricing and terms.

Enterprise packages

Deployment assistance, custom agent configuration, workflow design, CI integration, and ongoing support with SLA.

Get in touch →

Get in touch

Interested in ISAA for your team? Tell us about your use case and we'll get back to you within 24 hours.