Black Unicorn Command Centre

Most multi-agent deployments fail because the infrastructure isn't mature. Teams stitch together frameworks, APIs, and custom code without thinking about governance, audit, memory, capacity, or human oversight. They bolt those layers on later. That's when things get expensive and fragile.

We asked ourselves a different question: what would it actually take to run 25 AI agents in production, with governance, memory, and security as first-class citizens from day one? BUCC is the answer.

The Black Unicorn Command Centre is a full-stack, self-hosted multi-agent operations platform. Not a framework wrapper. Not a research project. A production system that has been running our internal fleet for 18 months. We're showing it publicly because the community needs to see what production multi-agent operations actually look like — and because BUCC is the reference implementation behind our Agentic Framework Design & Operations service.

The receipts: - 390+ API endpoints across platform, governance, content, and lifecycle domains - 130 relational tables tracking agent state, work assignments, governance decisions, approvals, audit trails, and financials - 25-agent fleet across finance, cybersecurity, research, ops, comms, and planning - 3-layer LLM routing distributing inference across L1 local Ollama, L2 subscription, and L3 pay-per-token providers - 3 approval tiers: T1 auto-execute, T2 notify, T3 block-until-approved - 5 circuit breakers (CB-1 through CB-5) for graduated governance control, from soft pause to hard stop - 3-tier persistent memory via mem0: Tier 1 global, Tier 2 agent-specific, Tier 3 session - 9-widget CEO Dashboard surfacing fleet health, approvals, security, financials, and ops in real time

Governance-first design. Governance isn't a feature you add after shipping. It's an architecture question. CB-1 through CB-5 fire on policy violations before actions reach the world. The T1/T2/T3 classification makes human oversight proportional to risk instead of either rubber-stamping everything or blocking everything.

Fail-closed security. The Data Sanitization Proxy classifies and routes outbound LLM calls. Sensitive contexts route to L1-only (DSP-high). Every decision, action, approval, and error is written to a tamper-evident audit trail. When the system can't decide, it stops.

Memory as infrastructure. Agents in isolation are amnesiacs running in parallel. Real fleets remember. The 3-tier memory lets agents learn from past work, coordinate on shared goals, and stop restarting cold on every task. Tier 1 holds global knowledge, Tier 2 holds agent-specific learning, Tier 3 holds session context.

Human oversight by design. The CEO Dashboard, the approvals queue, and the Ops Center are not bolted-on admin pages. They're the operating surface. The fleet is steered, not just observed.

The stack: Next.js operator UI, FastAPI control plane, PostgreSQL state, mem0 memory layer, OpenClaw agent runtime, Docker Compose deployment. 26 operator pages, 47 FastAPI routers, 88 backend services, 70+ skill documents across the fleet.

This isn't theoretical. It's running right now.