For agentic teams
ChangePilot for agentic teams
The structured-planning workspace your connected agents can actually use. Call it from Claude, Cursor, Goose, or your custom agent — the same structured actions that power our in-product features.
What your connected agents can do today
Three things every agent should know how to do with ChangePilot.
Read history
Search projects, summarize one, or pull the org's outcome history — what actually happened on past work, not what was promised.
Plan changes
Submit a free-form description or pasted task list; receive a structured plan with units, subtasks, risks, regulations, and suggested roles.
Record outcomes
Capture an email decision, add a subtask, propose a status change. Agents stage; humans confirm terminal moves. Low-risk reversible changes can auto-apply as your org's trust tier allows.
Why structure matters more with AI
A general-purpose AI assistant starts every conversation blank. It can read the email in front of it, summarize the meeting in the room, draft a plan from a paragraph. What it cannot do is carry the picture of your org forward — which equipment you own, which vendors you use, which regulations you live under, how long this kind of work really takes in your shop.
ChangePilot is where that picture lives. Each project you plan is built to teach the workspace a little more about your org — so the more history you build, the less your agent has to guess: it can call search_changes to find similar pump replacements you ran before, call get_outcome_history to see how long they actually took versus what you scoped, and surface the risks that fired last time. The plan-shaped data is the thing your agent needs to be useful on the second project, not the first.
We are not trying to be smarter than your agent. We are trying to be the workspace your agent calls.
The workspace your agent calls — not another chat that starts blank
ChangePilot turns messy operational input into governed structure: equipment tags, permit types, vendor engagements, regulatory citations, task evidence, and an audit trail. That structured picture is what your agent needs on project two — not project one.
Three ingestion paths feed the same extractor: describe or paste a plan, import past documents (MOC PDFs, Excel lists, lessons learned), or connect via MCP and let your agent propose changes under the same propose→apply gates as your teammates.
Compounding is the design, not a marketing promise: each project is built to enrich your equipment graph, vendor records, and outcome history. Pre-launch orgs start on industry defaults; the lift-readiness meter shows which intelligence rails unlock as real volume accrues.
Graduated trust — earn slowly, lose fast
ChangePilot does not treat agent autonomy as on/off. Trust is earned per change type, clamped by safety floors, and revocable the moment the track record sours.
Org apply tiers
Admins choose how much agents may auto-apply: off (human approves everything), low-risk auto (comments and dates only), or full auto within the safety floors below. Status changes and anything riskier still wait for a person.
Per-action safety floors
Some changes can never auto-apply: creating new projects, identity writes, audit mutations. Terminal status moves (completing, cancelling) always escalate to a human — for agents and teammates alike.
Track-record clamping
Each agent builds a per-change-type record. Thin or poor history holds auto-apply back; a clean record earns room back up to the kind's floor. Recent rejections tighten faster than old wins forgive — lose fast, earn slowly.
Assisted promotions
In assisted mode, admins review earned-promotion suggestions per agent and change type, approve with one click, and revoke instantly. The system suggests; humans decide.
Quality clamps also hold borderline proposals for review: unsound reasoning, terse rejections, and over-confident calibration. Same governance model for people and agents — permission parity, staged proposals, tamper-evident audit log.
Why industrial discipline matters for agents
Regulated ops solved structured capture, approval chains, evidence on tasks, and audit export before agents existed. Agents multiply the risk: silent mutations, no cross-session memory, no accountability chain.
ChangePilot applies that regulated-industry discipline to agent-operated work: propose→apply gates, tamper-evident agent logs, org-scoped memory your agent can query, and entity extraction that works in any domain. Industrial teams get depth; every team with agents gets the governance shape.
Critically, it is the same governance model for people and agents: permission checks, staged proposals, human approval on terminal changes, and a single audit trail. An agent cannot close a project or bypass a gate that a teammate could not skip either.
Install in 30 seconds — ask your agent
No terminal required. Paste this into Claude Code, Cursor chat, or Claude Desktop — your agent fetches our install manifest and runs the install (with your permission).
Your agent stays in control of the install; you stay in control of permission. Anonymous tier requires no signup (1 call/min, enough to verify). Need higher throughput? Sign up for free and upgrade to 10 calls/min.
Prefer manual install? Per-client config snippets here. Machine-readable manifest at /api/install-mcp.
Discover us via A2A
A2A (Agent-to-Agent v1.0) clients: fetch the Agent Card at GET /.well-known/agent.json (or the v1.0 canonical /.well-known/agent-card.json) and dispatch tasks to POST /api/agent/task with JSON-RPC SendMessage. Same bearer-token auth as MCP, same dispatcher under the hood — A2A is a thin discovery wedge over the existing action layer.
Raw HTTP — for non-MCP integrators
Building a custom agent that doesn't use MCP? Call the JSON-RPC endpoint at /api/mcp/v1 directly. Two auth tiers: anonymous for evaluation (1 call/min per IP), user-tier for org-scoped data (10 calls/min after free signup).
curl -X POST https://changepilot.deltamarksystems.com/api/mcp/v1/auth \
-H "Content-Type: application/json" \
-d '{"tier": "anon"}'
# Returns: { "token": "...", "expires_at": "..." }curl -X POST https://changepilot.deltamarksystems.com/api/mcp/v1 \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "create_change",
"params": {
"description": "Replace seal on pump P-101A during the Q3 shutdown. EHS lead is Maria. Vendor is ABB. Will need hot-work permit."
}
}'
# Returns segmented units, detected entities, risks, regulations,
# clarifying questions if input is ambiguous.curl -X POST https://changepilot.deltamarksystems.com/api/mcp/v1 \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 2,
"method": "search_changes",
"params": {
"entity_label": "P-101A",
"since": "2025-01-01T00:00:00Z"
}
}'
# Returns matching projects in your org (RLS-scoped — no cross-tenant access).Available actions
The headline actions your agent will reach for most. Full reference at /.well-known/changepilot-actions.json.
| Action | Category | What it does | Auth tier |
|---|---|---|---|
create_change | lifecycle | Submit a free-form description, captured email, or pasted task list; receive a planned project with units, subtasks, risks, regulations, and suggested roles. | Anon OK |
search_changes | read | Find existing projects by entity, vendor, regulation, status, assignee, or time window. | User |
summarize_project | read | Generate an LLM-readable executive summary of a project — title, status, key entities, risks, blockers, next milestone. | User |
get_outcome_history | read | Read the org's completed-project history: planned vs actual duration, realized risks, and aggregate calibration. Ground recommendations in what actually happened. | User |
create_action_item | lifecycle | Add a subtask under a project or task. Permission-checked against project membership. | User |
update_project_status | lifecycle | Move a project between statuses. Triggers an audit-log entry. Terminal transitions (completed / cancelled) require human confirmation. | User |
assign_reviewers | routing | Set or change the reviewer / approver list on a project. | User |
submit_for_review | routing | Mark a project ready for downstream approval. Triggers reviewer notifications. Agent stages; human confirms. | User |
attach_email_summary | capture | Capture a summary of an external email as a comment on a project. Send the operational facts, not raw email contents. | User |
assess_risk | analysis | Re-run risk + regulatory detection on a project's current state. Returns updated risk factors and regulatory context. | User |
Anon OK — callable without a signed-in account, rate-limited per IP. User — requires a user-tier token; data is scoped to your org via row-level security. Terminal-state writes (completing, cancelling, regulatory sign-off) always require a human confirmation.
Try it free — your org’s data, your agent
Spin up a free workspace, plan a couple of changes, then point your agent at it. The anonymous tier gets you a feel for the planning surface without signing up.