Inspiration
Orbit Guardian began with a question that felt increasingly relevant as AI coding agents became more capable:
What happens when an AI agent breaks software?
Modern agents can modify code, update configurations, launch experiments, and trigger pipelines with very little human involvement. They are becoming powerful contributors to software teams, but unlike human developers, they can make mistakes at machine speed and scale. A single bad change can cascade through pipelines, waste compute resources, block downstream workflows, and leave engineers digging through logs trying to reconstruct what happened.
We felt that the industry was building increasingly powerful autonomous agents, but very few tools existed to supervise them when things went wrong. Most observability tools focus on prompts, tokens, and tool calls. They tell you what an agent did, but not necessarily why a failure occurred, what else is affected, or what should happen next.
Our original vision was ambitious: a fully autonomous GitLab Duo-powered reliability agent that could react to commits, investigate failures, reason over GitLab Orbit, and guide recovery with minimal human intervention.
As we explored GitLab's Agent Platform, Duo Chat, Orbit, Skills, and AI Catalog capabilities, we discovered that some of the autonomy we envisioned depended on platform capabilities, entitlements, and APIs that were not fully available in our hackathon environment. Rather than building around assumptions or creating a simulated experience, we pivoted toward something we believed was more valuable: a system that could be demonstrated honestly, tested rigorously, and integrated with real GitLab workflows today.
The result became Orbit Guardian: a reliability engineering layer for autonomous software agents.
What it does
Orbit Guardian helps developers understand, investigate, and recover from failures caused by autonomous agents.
When a pipeline fails, Orbit Guardian transforms the failure from a simple error message into a structured incident investigation. It gathers evidence, queries GitLab Orbit to understand relationships across the codebase, identifies downstream impact, estimates wasted compute, and generates actionable recovery guidance.
Instead of telling developers:
"The pipeline failed."
Orbit Guardian answers:
- Why did it fail?
- What components are affected?
- Which workflows are blocked?
- Who owns the impacted systems?
- How severe is the incident?
- What is the safest recovery path?
The project exposes the same investigation engine through multiple interfaces:
- A Python CLI for direct investigations
- GitLab CI/CD integration for failure-driven workflows
- GitLab Duo Chat Skills for conversational investigation and review
- Incident dashboards and telemetry
- GitLab Issues and Merge Requests for operational recovery
In the showcase scenario, an autonomous research agent introduces a schema mismatch into a machine learning workflow. Orbit Guardian investigates the failure, uses GitLab Orbit to understand blast radius, identifies affected components, creates recovery guidance, and helps developers safely restore the system.
How we built it
Orbit Guardian was built as a modular Python application tightly integrated with GitLab services.
At its core is an investigation engine that orchestrates several responsibilities:
- Failure analysis
- Orbit graph traversal
- Impact assessment
- Recovery planning
- Incident reporting
- GitLab integration
GitLab Orbit serves as the contextual backbone of the system. Orbit Guardian uses Orbit to understand relationships between files, functions, workflows, ownership, and dependencies. This allows the project to perform blast-radius analysis rather than relying solely on log inspection.
We integrated with GitLab APIs to retrieve pipeline data, job traces, merge requests, repository state, and incident metadata. Investigation results can be published back into GitLab as Issues and Merge Requests, allowing recovery workflows to live alongside the development process.
To make the system accessible, we created GitLab Duo Chat Skills that allow developers to investigate incidents and review fixes through natural language. Rather than creating a separate application, Orbit Guardian becomes part of the developer workflow.
Throughout development we prioritized reproducibility and honesty. Every major capability was backed by tests, real GitLab integrations, or documented fallbacks. If Orbit data is unavailable, the system says so. If credentials are missing, the system warns the user. We wanted reliability engineering software that behaves like reliability engineering software.
Challenges we ran into
The biggest challenge was balancing ambition with reality.
Our original goal was to build a deeply autonomous GitLab Duo-powered agent capable of reacting to failures, reasoning over Orbit, and coordinating recovery workflows with minimal human involvement. We spent significant time exploring GitLab Agents, Skills, Duo Chat, Orbit APIs, MCP integrations, and AI Catalog workflows.
As development progressed, we encountered practical constraints. Some desired capabilities depended on platform features that were unavailable in the hackathon environment, while others required permissions, entitlements, or APIs that could not be reliably exercised. We quickly realized that it would be easy to create the appearance of autonomy without actually delivering it.
Instead of taking that route, we chose a more difficult path: making every claim verifiable.
That decision reshaped the project. We removed assumptions, hardened integrations, added extensive testing, introduced honesty guards, and clearly separated real functionality from future ambitions. The result was a system that became less flashy on paper but substantially stronger in practice.
Another challenge was understanding how GitLab Orbit should fit into the product. Orbit is not an agent; it is a graph. The value comes from using that graph to answer meaningful operational questions. Designing those workflows, translating graph context into actionable recommendations, and keeping everything understandable to developers required multiple architectural revisions.
Ultimately, the project evolved from an idea about autonomous agents into a project about trust, evidence, and reliability.
Accomplishments that we're proud of
The accomplishment we are most proud of is that Orbit Guardian became a real system rather than remaining a concept.
The project performs real investigations against GitLab workflows, executes real Orbit queries, creates real GitLab artifacts, and produces actionable reports grounded in evidence. The demo is not driven by mock screenshots or fictional architecture diagrams. It is driven by a working implementation.
We are also proud of the engineering discipline behind the project. Rather than hiding limitations, we built explicit honesty mechanisms into the system. Orbit Guardian distinguishes between graph-grounded investigations and fallback behavior, warns when credentials are unavailable, and avoids presenting synthetic evidence as real analysis.
Another accomplishment is the developer experience. The same engine powers command-line workflows, GitLab integrations, dashboards, and Duo Chat Skills. This creates a consistent experience regardless of where a developer chooses to interact with the system.
Most importantly, we believe Orbit Guardian demonstrates a new category of tooling. Software teams increasingly supervise autonomous agents alongside human developers. Orbit Guardian explores what reliability engineering looks like in that future.
What we learned
We learned that the future of software development is not simply about creating more capable agents. It is about creating systems that help humans trust those agents.
We learned that reliability engineering principles become even more important when software is modified by autonomous systems. Knowing what failed is useful. Understanding why it failed, what it affects, and how to recover safely is far more valuable.
We also learned that context matters. Logs alone are rarely enough. GitLab Orbit provides relationships, dependencies, ownership, and structure. When combined with investigation workflows, that context transforms debugging into understanding.
Perhaps the most important lesson was that credibility is a feature. It is easy to build a demo that appears intelligent. It is much harder to build one that is transparent about its evidence, limitations, and assumptions. Over the course of this project we repeatedly chose reliability over theatrics, and the resulting system became stronger because of it.
What's next for Orbit Guardian
Orbit Guardian represents the first step toward a broader vision: reliability engineering for autonomous software systems.
In the near term, we want deeper integration with GitLab's Agent Platform, Skills ecosystem, and AI Catalog experiences. Our original vision of a more autonomous Duo-powered reliability agent remains compelling, and the current architecture was intentionally designed to support that evolution as platform capabilities mature.
We also want to expand beyond schema mismatches and pipeline failures into richer classes of incidents, including dependency regressions, configuration drift, deployment failures, and cross-service impact analysis.
Longer term, we envision Orbit Guardian becoming an AI reliability engineer operating alongside development teams. As autonomous coding agents become more common, organizations will need systems that can monitor those agents, understand the consequences of their actions, and guide safe recovery when things go wrong.
Today, software teams supervise human contributors.
Tomorrow, they will supervise autonomous contributors as well.
Orbit Guardian is our attempt to build the reliability layer that future demands.
Log in or sign up for Devpost to join the conversation.