Architecture

Conductor's architecture prioritizes transparency, data sovereignty, and user control through layered separation of concerns and local-first execution.

System Layers

Presentation Layer

User interface

Browser-native interface that renders within the browser's side panel environment. Manages user interactions, displays conversation state, and provides real-time visibility into agent operations.

  • ·Persistent session management with local-only storage
  • ·Real-time streaming display with operation transparency
  • ·User intervention controls at every decision point
  • ·Zero external dependencies for core functionality

Orchestration Layer

Coordination

Stateful coordination layer that manages concurrent operations, enforces access policies, and routes communication between interface components and external services.

  • ·Multi-window session coordination and conflict prevention
  • ·Streaming protocol management with provider abstraction
  • ·State consistency across browser lifecycle events
  • ·Secure credential handling with no persistence of secrets

Execution Environment

Page automation

Isolated runtime context for page-level operations. Provides deterministic primitives for reading, interacting with, and extracting data from web pages.

  • ·Isolated execution context prevents page interference
  • ·Deterministic selectors and interaction primitives
  • ·Structured responses with validation and error handling
  • ·Reversible operations with state tracking

Capability System

Permission model

Composable permission framework that controls which operations are available during agent sessions. Capabilities are declared at session start and remain immutable.

  • ·Explicit capability enablement with no runtime escalation
  • ·Capability schemas define available operations and arguments
  • ·Dependency resolution for composite capabilities
  • ·Extensibility through defined interfaces

Persistence Layer

Data sovereignty

Local-first storage system for session state, captured artifacts, and user preferences. All data remains under user control with no server-side dependencies.

  • ·Client-side encryption for sensitive session data
  • ·Structured artifact storage with version control
  • ·Export capabilities for compliance and audit
  • ·Configurable retention policies

Request Flow

Request processing follows a six-stage pipeline designed for transparency, security validation, and complete auditability.

1

Request Initiation

User submits a request through the interface. The system constructs context including session history, active capabilities, and page state.

2

Coordination

The orchestration layer validates capabilities, acquires necessary locks, and prepares the request for external processing with streaming enabled.

3

Streaming Response

External language model processes the request and streams responses. Tokens and operation intents flow back in real time for immediate user visibility.

4

Operation Dispatch

When operations are requested, the system validates against active capabilities, then dispatches to the appropriate execution context with structured parameters.

5

Result Integration

Operation results are validated, logged to the transcript, and made available as context for subsequent processing.

6

Artifact Persistence

Session-scoped data is written to local storage with encryption and linked to the conversation for later retrieval or export.

Security Model

Conductor's security architecture implements defense-in-depth principles with explicit capability grants, isolation boundaries, and comprehensive audit trails.

Least Privilege

Capabilities must be explicitly enabled. No ambient authority. Operations execute only within declared permission boundaries.

Data Sovereignty

All session data, credentials, and artifacts remain local. No server-side processing or cloud storage dependencies.

Auditability

Every operation is logged with full parameter visibility. Transcripts provide complete forensic trails for compliance and debugging.

User Control

Streaming visibility allows real-time intervention. Users can pause, modify, or terminate operations before execution completes.

Isolation

Execution contexts are isolated from page state. Operations cannot be influenced by page scripts or access page memory.

Determinism

Operations use stable identifiers and synchronous primitives. Sessions can be replayed for verification and debugging.

Deployment & Compliance

Network Architecture

Conductor operates entirely client-side with no backend infrastructure dependencies. Network communication is limited to user-configured LLM provider APIs. No telemetry, analytics, or session data leaves the client environment.

Data Residency

All session state, artifacts, and configuration remain in browser-local storage. API credentials are encrypted at rest and never transmitted except directly to user-specified provider endpoints. Export capabilities enable data portability for archival and compliance workflows.

Audit & Forensics

Complete operation logs with parameter visibility support forensic analysis. Transcripts include capability declarations, operation requests, results, and timing data. Sessions can be exported for compliance review or long-term retention.

Integration Questions?

For enterprise deployment guidance, security questionnaires, or compliance documentation, consult the Documentation or review available operational capabilities.