Pylee Context Service

The context and tool layer for agent systems.

Pylee gives agents shared task state and approved MCP tool access, so teams can coordinate reliable workflows across agents, services, and partners.

Keep context, secrets, server configuration, and access rules in one controlled layer, instead of spread across prompts, clients, databases, and ad hoc glue code.

$ Get started Read the docs View GitHub →

CONTEXT · LIVE VIEW ctx_01914f4e…8001

ACTORS

SECTIONS 1.2KB

inputs read

planner.scratchpad read · write

validator read · write

summary read

EVENTS

WRITE planner

ACL_CHG validator

READ summary

WRITE validator

01 · The problem

Agent workflows need shared state and controlled access.

Agent workflows break down when task state lives in prompts, logs, databases, client configuration, and ad hoc integration code.

Pylee gives each workflow a shared context with access rules built in. Internal agents, outside services, partner systems, and reviewers can coordinate through the same task state while each receives the right view of the work.

The same control model applies to tools. Teams can approve MCP servers, manage secrets, pin versions, and decide which agents or services can access each tool.

Prompt conventions

Describe, but don't enforce

Prompts can describe who should see what. They do not enforce access control.

Per client config

MCP setup spread across clients

Server configuration, secrets, and versions repeated in every client. Hard to keep approved or current.

Raw databases

Storage without coordination

A database stores state. Scoped reads, patch updates, leases, conflict handling, and history still have to be built around it.

Pylee handles both layers. Context for shared task state. Registry for approved MCP tools. Use either on its own, or both together.

02 · Pylee Context

Coordinate workflows with shared task state.

Pylee Context gives each workflow a structured JSON context that agents, services, tools, reviewers, and trusted outside systems can share. Each participant gets access to only the sections it needs.

01 / STATE

Structured task state

Each task has one JSON document, organized into named sections such as inputs, planner, validator, and summary. Patch updates replace full document writes.

{

"inputs": { "sku": "M77-A", "dateRange": "2026-04" },

"planner": { "status": "complete", "scratchpad": "…" },

"validator": { "result": "OK" },

"validators_round2": { "result": "PENDING" } // created at runtime

}

02 / ACL

Section level access control

Actors can be granted read or write access to specific sections. Responses are filtered by the service before they reach the client, so clients are not responsible for filtering shared state correctly on their own.

aclReadSections:

planner → [planner, auditor]

validator → [validator, auditor]

summary → [reporter, *]

03 / LEASES

Leases & version checks

Agents can acquire time limited exclusive access to one or more sections while they work. Writes can include an expected version, so concurrent updates do not silently overwrite each other.

planner

validator · 🔒 0:42

summary

04 / HISTORY

Event history

Reads, writes, deletes, and ACL changes are recorded with actor, timestamp, section, and operation metadata.

10:04:12WRITEagent:plannerplanner

10:04:14READagent:validatorplanner

10:04:44WRITEagent:validatorvalidator

10:04:45READuser:alicesummary

05 / STORAGE

Storage backends

Same logical API across SQLite, Postgres, Redis, and in memory storage. Designed to run with storage you control.

SQLite Postgres Redis In memory

06 / TRANSPORT

HTTP and MCP.

A REST API for direct integration, plus an MCP server (stdio or streamable HTTP) for agents and hosts that already speak MCP. Same core operations, both transports.

HTTP

/contextsPOST

/contexts/:idGET

/contexts/:idPATCH

/contexts/:id/leasesPOST

SAME CORE

MCP

create_contextTOOL

get_contextTOOL

update_contextTOOL

acquire_leaseTOOL

03 · Pylee Registry

Manage the MCP servers your agents can use.

Pylee Registry gives teams one place to organize MCP servers and expose approved tools to MCP compatible clients. Configure once, distribute everywhere.

Instead of configuring every MCP server separately in every client, teams manage configuration, secrets, versions, and access from one place. Agents and services connect through Pylee and receive only the tools they are allowed to use.

01 / REGISTRIES

Private registries

Organize MCP servers by team, project, environment, or use case.

team/platform project/atlas env/staging env/prod

02 / CONFIG

Shared configuration

Manage server settings once instead of repeating them across clients. Updates roll out to every connected agent.

03 / SECRETS

Secrets management

Store API keys and environment variables centrally, then inject at runtime. Secrets stay out of client config.

04 / VERSIONS

Version control

Pin teams to approved server versions until a new version is reviewed and released.

05 / ACCESS

Access control

Decide which users, teams, agents, services, or clients can use which servers, enforced at the registry boundary.

06 / ENDPOINT

One connection point.

Connect Claude, Cursor, Codex, VS Code, or any MCP compatible client through one endpoint. Pylee routes each client to the servers it has been granted, with the right config and secrets attached.

CLIENTS

ClaudeMCP

CursorMCP

CodexMCP

VS CodeMCP

PYLEE REGISTRY

APPROVED SERVERS

github-mcpv2.4

postgres-mcpv1.1

internal-toolsv0.9

partner-apiv3.0

04 · How it works

One context, different views.

A planning agent writes a proposed plan to the task context. A validation agent reviews the plan through its permitted view. An external service checks selected fields and writes back a limited result. A summary agent prepares the reviewer view.

planner: write with version check org_acme:agent:planner

# One agent writes, with version check
PATCH /api/v1/contexts/ctx_01914f…
x-actor-id: org_acme:agent:planner
{
  "patch": [{ "op": "replace",
              "path": "/planner/status",
              "value": "complete" }],
  "expectedVersion": 3
}
→ 200 OK // version=4

validator: read, scoped to visible sections org_acme:agent:validator

# Another agent reads: ACLs scope the response
GET /api/v1/contexts/ctx_01914f…
x-actor-id: org_acme:agent:validator

→ {
    "planner": { "status": "complete",
                  "result": "..." },
    // planner.scratchpad filtered by service
    "_meta": { "visibleSections": ["planner", "validator"],
               "partial": true }
  }

What's happening here

Qualified actor IDs: orgId:type:name identifies who is making the call. Pylee uses this to evaluate access.
Version checks: expectedVersion: 3 means the write fails if someone else advanced the context. Concurrent updates do not silently overwrite each other.
Service side filtering: the validator does not see the planner's scratchpad. The response is shaped before it leaves the service.
Honest _meta: partial: true tells the caller the response was filtered, so they know they are seeing a scoped view.

05 · Use Pylee with the stack you have

Not an agent framework. The layer around the choices you make.

Pylee does not decide how agents plan, route work, choose models, or call tools. It provides the context and tool access layer around those choices.

01 / FRAMEWORKS

Use it with what you already have.

LangGraph, CrewAI, AutoGen, custom orchestrators, raw model calls, MCP clients, or plain HTTP. Pylee plugs in alongside.

02 / SCOPE

Different actors, different views.

The same task context appears differently to a planner, a validator, a summary writer, and a reviewer, with no client side filtering required.

03 / BOUNDARIES

Workflows that cross things.

Multi agent workflows that span services, partners, or tools need a shared place to coordinate. In process memory stops being enough.

04 / TRUST

State you can hand to an auditor.

Section level access, an event history of every operation, and secrets behind service boundaries for teams where "who saw what, when" is a real question.

Pylee is not an agent framework. It provides shared context and approved tool access for the agents, frameworks, and services you already use, with secrets, versions, and access rules behind service boundaries.

06 · Who it's for

Built for teams moving beyond single agent prototypes.

Different teams adopt different parts of Pylee depending on what they're building. The pieces compose.

Developers w/ MCP

Use Registry when client configuration, secrets, and server versions become hard to manage across tools and team members.

Registry

Agent workflow teams

Use Context when agents and services need shared state, scoped access, version checks, and conflict handling without bespoke filtering in every client.

Context

Platform teams

Provide both. Shared task context and approved tools for internal agent projects, with a single layer the rest of the org builds on.

Both

Cross org workflows

Share only what you need. Give partners and outside services access to the context sections and tools they need, without exposing the full workflow.

Both

Security focused teams

Behind service boundaries. Keep secrets, tool access, and task state out of client conventions. Inspect every read and write through the event history.

Both

07 · Use either, or both

Context, Registry, or both.

Use either service on its own, or use them together when workflows need both shared state and approved tools.

Pylee Context

Coordinates the state of the work with scoped access, patch updates, version checks, leases, and event history.

Pylee Registry

Controls the tools available to that work, including approved MCP servers, secrets, versions, configuration, and access.

08 · FAQ

Common questions.

Is Pylee an agent framework?

No. Pylee provides shared context and approved tool access for the agents, frameworks, and services you already use.

Do I need both Context and Registry?

No. Context is for shared task state. Registry is for MCP servers and tool access. They work together when you need both.

Can Pylee coordinate with agents or services outside my organization?

Yes. You can give outside agents, services, partners, or reviewers access to only the context sections and tools they need.

Why not just use a database for context?

You can. Pylee Context provides the coordination behavior teams usually build around a database, including scoped access, patch updates, version checks, leases, event history, identity, and a stable API.

Why not configure MCP servers directly in each client?

Direct configuration works for small setups. It gets harder when teams need shared secrets, approved versions, access control, and consistent configuration across many users, clients, agents, or services.

Can I run it in my own infrastructure?

Yes. Pylee is designed to run with storage you control, with SQLite for local, Postgres or Redis for production, and in memory storage for tests.

Build reliable agent workflows with shared context and approved tools.

Use Pylee Context for shared task state, scoped access, leases, versioned updates, and event history. Use Pylee Registry for MCP servers, secrets, versions, configuration, and access.

$ Get started Read the docs View GitHub →

Tweaks

Accent

Background FX

Scanlines

Noise

Ambient grid