How We Run a 12-Agent Internal Ops Platform (And What It Taught Us)
A multi-agent ops platform for a small company is a set of narrow, single-purpose AI agents that each handle one recurring task, wired so a human approves anything that leaves the building. At Trenith we run one internally, called Trenith HQ, with 12 agents that triage leads, draft replies, review code, write drafts, and compile reports. The controls that make it safe are simple: every outbound action waits for human approval, each agent has a budget, and a kill switch stops everything at once. Here is how it is built and what it taught us.
What Trenith HQ is: 12 agents running real operations, not a demo
Trenith HQ is our own internal operations platform, and it runs the studio day to day. It is not a sandbox we spun up to have something to show. Twelve agents sit on a Postgres database, usually on Supabase, with row-level security and versioned migrations, and act on real leads, real code, and real client updates.
We built it because the founders were the bottleneck. Much of their day went to triage, first-draft writing, and status compilation: tasks a machine can start, as long as a person finishes them. Agents do the first 80 percent of a task and stop. A human does the last 20 percent, the part that carries judgment, so nothing the platform touches goes out the door on its own.
The roster: lead triage, reply drafting, code review, content, reporting
The 12 agents are narrow on purpose. A narrow agent is easier to reason about, budget, and switch off. The core roster:
- Lead triage. Reads inbound inquiries, classifies them by fit and urgency, and tags the ones worth a founder's time.
- Reply drafting. Writes a first-draft response to a lead or client, in our voice, that a human edits and sends.
- Code review. Reads a pull request and flags likely bugs, missing tests, and security issues before a person reviews it.
- Content. Produces first drafts of articles, changelog notes, and outreach copy.
- Reporting. Compiles weekly numbers and project status from the database into something readable in two minutes.
The rest handle data cleanup, scheduling, and internal search. Each owns a single lane.
The three controls that make it safe: human approval, per-agent budgets, kill switch
Most of the engineering in Trenith HQ is not the agents. It is the controls around them.
Human approval on every outbound action. No agent sends an email, posts a message, merges code, or writes to a client-facing system without a person clicking approve. Internal drafting and analysis run freely, but the moment an action would leave the company, it queues for review. This one rule removes most of the risk.
Per-agent budgets. Every agent has a spending cap on model calls. If an agent loops or gets stuck, it burns its budget and stops instead of running up a bill. Budgets also make cost legible: we can see which agent is expensive and decide whether it earns its keep.
A kill switch. One control halts every agent at once. If something looks wrong, we stop the whole platform in one action and investigate, rather than chasing 12 processes. It is a circuit breaker, there because we assume things will occasionally go wrong. These are the same patterns we build into client work.
What agents are genuinely good at, from daily use
Agents are strong at one shape of work: reading a pile of input and producing a structured first pass. Sorting 40 inbound messages by fit and urgency is tedious for a person and fast for an agent, and a wrong tag is cheap to fix. The same logic applies to first drafts and to a first code-review pass that flags obvious bugs before a senior engineer looks. Assembling a report is deterministic enough to trust when the source of truth is a Postgres schema you own.
Where they fail and why every outbound action is human-approved
The failures are as consistent as the wins. Agents state wrong things with full confidence: a triage agent misreads a lead, a reporting agent phrases a number in a misleading way, a drafting agent invents a plausible-sounding detail. None is catastrophic alone, but any is embarrassing if it reaches a client unedited. Agents also drift, wandering off the point when the goal is fuzzy.
This is why every outbound action is human-approved. We do not trust the agents to be right. We trust them to be useful, and we put a person between them and anyone who matters. An unapproved draft that is wrong costs nothing; a sent message that is wrong costs trust.
What building this taught us about client agent work
Running our own platform changed how we scope client work.
Narrow beats general. The agents that earn their place do one job. One clever agent that does everything is something you cannot budget, test, or trust.
The controls are the product. Approval gates, budgets, audit logs, and a kill switch are not overhead you bolt on at the end. They are most of the value, because they are what let a business actually run the thing. That is the core of how we approach AI workflow automation.
A human handoff path is non-negotiable. Our shipped AI chatbots and assistants always include a way to reach a person, and the same principle governs internal agents. We proved this in products like SquadPax, our React Native app on the App Store, whose coach uses retrieval augmented generation over a user's training history rather than inventing answers.
Own your data and your keys. When we build for clients, the cloud account and keys belong to the client: we stand up production infrastructure as part of a build, and you own it. Trenith is not a hosting company and does not resell infrastructure.
How to start small if you want the same for your business
You do not need 12 agents. You need one, aimed at your most tedious recurring task, with the controls in place from day one:
- Pick one task with cheap failure. Lead triage and first-draft replies are good starts.
- Keep the agent narrow. One job, clear inputs, clear outputs.
- Put the human gate in first. Before the agent can touch anything outbound, a person approves it.
- Add a budget and a stop control. A per-task spending cap and a way to switch it off.
- Measure whether it earns its keep. If an agent does not save real time, cut it.
If you want help scoping that first agent honestly, a paid audit is the cleanest way to start, at $1,500. For wider budget context: a website plus CRM build runs $6,000 to $15,000, an AI workflow build $8,000 to $25,000, and a SaaS MVP $18,000 to $50,000. Larger custom builds start at $25,000 after a paid discovery. Once live, monthly hosting for a small app is commonly tens to low hundreds of dollars a month across providers, billed to accounts you own. We can stay on for upkeep through a Monthly Engineering Retainer, but we are not a managed-hosting provider and do not sell an uptime SLA.
FAQ
What is a multi-agent ops platform for a small company? It is a small set of narrow AI agents that each handle one recurring task, connected to your data and wrapped in controls: human approval on anything outbound, a budget per agent, and a switch to stop everything. It is internal tooling, not a product your customers see.
Is it safe to let AI agents run business operations? It is safe when no agent can act on the outside world without a person approving it. Keep agents on internal reading and drafting, gate every outbound action, and let budgets and a kill switch bound a bad run.
How much does it cost to build an AI agent workflow? At Trenith an AI workflow build runs $8,000 to $25,000 depending on scope, and a standalone paid audit is $1,500. You can start with one agent and one task rather than a full platform.
Keep reading
Trenith is an engineering studio for startups. We build SaaS platforms, AI integrations, and cloud infrastructure.