Back to blog

Introducing Kora: A Workflow Operating System for AI-Ready Operations

For enterprise AI, capability is no longer the hard part - control is. Kora runs critical business processes as governed workflows, introducing AI one reliable step at a time.

Miguel Branco
Miguel Branco
Founder & CEO, RAW Labs
15 min read

Every enterprise is about to face the same question: how do you let AI participate in real work without giving away the operating knowledge that makes the company different?

The answer will not be found by simply picking the best frontier model. Models will change. The durable advantage is the learning loop a company builds around its own work: the workflows it runs, the decisions people make, the exceptions they handle, the evidence they collect, the outcomes they trust, and the private evals that prove whether automation is actually improving against business reality.

That loop cannot be built from chat transcripts alone. It needs the work itself to be modeled.

AI agents are becoming capable enough to read documents, classify requests, draft responses, call tools, inspect systems, and prepare decisions. But in an enterprise, capability is not the same as production readiness. The question is not whether an agent can complete an isolated task. The question is whether the organization can introduce AI safely into the way work already happens, then automate more over time with evidence, controls, and guarantees about what changed, what ran, and what was recorded.

Most important business processes are workflows: handoffs between teams, exceptions routed across systems, approvals that carry accountability, decisions that need evidence, and operational histories that must be understandable after the fact. This is especially true in manufacturing, maintenance, procurement, fulfillment, quality, compliance, and other workflow-heavy environments where the cost of losing control is high.

At RAW Labs, we are introducing Kora: a workflow operating system for important business processes across people, systems, approvals, and AI.

Kora is designed for organizations that want to model the work, model the organization around the work, make execution observable, and introduce AI gradually where it helps. Because Kora tracks workflow activity, releases, tasks, decisions, service operations, agent traces, artifacts, and outcomes, the organization gets something more valuable than a one-off automation: a growing evidence layer for understanding what really happened, replaying the evidence trail, reconstructing operational facts, and improving the system safely over time.

1. The Workflow-to-AI Gap

The current enterprise AI conversation often jumps too quickly from “agents can do useful work” to “agents should own the workflow.” That skips the part that matters most in production: the operating model around the agent.

Organizations already have workflows. They may live in BPMN diagrams, process documents, ticket queues, spreadsheets, inboxes, internal tools, shared habits, or team memory. These workflows encode how the business actually operates: who reviews an exception, which system has the source of truth, where a veto is allowed, what evidence is required, and how the final decision is recorded.

The problem is that these workflows are often brittle.

  • They are difficult to change safely.
  • They are weakly connected to runtime visibility.
  • They are hard to audit after the fact.
  • They depend on ad hoc handoffs across people, systems, and messages.
  • They do not provide a clean path for introducing AI without losing control.

At the same time, many current AI and automation approaches ask enterprises to choose between three imperfect options.

Traditional workflow and BPM suites provide structure, but can be heavy to change and often treat AI as an add-on assistant rather than a first-class participant in the process.

Automation tools are fast for simple chains of actions, but become weaker when the process requires approvals, exceptions, long-running state, release control, and operational evidence.

Agent frameworks give developers flexibility, but usually do not provide the full operating model around identity, access, workflow releases, human review, integration governance, audit, and business ownership.

This creates the workflow-to-AI gap: the gap between what agents can do in isolation and what enterprises need in order to trust AI inside important business processes.

2. What Production AI Workflows Require

If AI is going to participate in operational work, it needs more than a prompt, a tool list, and a chat window.

It needs a process around it.

2.1 The workflow must remain the unit of control

In Kora, an AI agent is not the unit of control. The workflow is.

This distinction matters. A workflow defines where work starts, what data is required, which decisions exist, who or what performs each step, when human review is mandatory, how errors are handled, and what evidence is retained.

Agents can participate in that workflow. They can gather information, draft a recommendation, classify an exception, extract data from documents, or prepare an answer. But the process decides where the agent is allowed to act and where a person must review, approve, reject, or escalate.

2.2 Human accountability must stay visible

Many valuable workflows include judgment, approval, or exception handling. A quality deviation, procurement exception, change-control request, or production escalation is not just a task to complete; it is an accountable business event.

Kora keeps human work first-class. A task can be assigned to a person or an agent through the same workflow model. That allows a team to start with a faithful human process, move one step to an agent when ready, and move it back to a human if the risk profile changes.

This is the practical adoption path for enterprise AI: not all-or-nothing autonomy, but controlled movement of work across humans and agents.

2.3 System interaction must be explicit

Important workflows touch systems of record, internal APIs, messaging channels, documents, provider accounts, and operational tools.

Those interactions should not be hidden inside unstructured agent behavior. Kora models deterministic system interaction through service nodes and operations. External systems and provider-specific behavior are mediated through installed extensions, explicit credentials, and environment-scoped configuration.

The goal is to make system access governable. Teams should be able to answer: which workflow called which system, under which release, with which configured integration, and what result was recorded.

2.4 Change must be reviewable

When a workflow affects real operations, editing the workflow is itself an operational act.

Kora separates source proposals, immutable releases, environment deployments, and live runs. Conversational authoring and local editing can move quickly, but those edits do not silently change production. A release freezes the workflow source. An environment deployment applies that release to a named target such as production or staging. A live workflow starts from the environment’s current deployment.

This gives teams a disciplined path from design to operation:

  1. Model the process.
  2. Validate the workflow.
  3. Create a release.
  4. Deploy it to an environment.
  5. Observe real runs.
  6. Improve from evidence.

2.5 Evidence must survive the run

Operators and business owners need to know what happened.

Kora separates control-plane audit from runtime evidence. Audit answers who changed access, configuration, releases, deployments, and other security- or governance-relevant state. Runtime evidence explains what happened inside a workflow run: tasks, service calls, decisions, failures, retries, agent traces, artifacts, and outcomes.

This evidence is also what lets a company learn from its own operations. If a workflow records what was requested, what context was available, what a human decided, what an agent recommended, which system calls were made, and what outcome followed, the organization can build private evaluations around the outcomes that actually matter to the business. It can compare proposed automation against real traces. It can replay and reconstruct facts without re-running the original business action. It can improve the workflow from evidence instead of intuition.

This distinction matters because not every useful event belongs in one giant log. The right evidence layer depends on the question:

  • Who deployed this release?
  • What changed between versions?
  • Why did the run fail?
  • Which human task is waiting?
  • What did the agent use?
  • Which system interaction produced the final result?

Kora is designed so those questions can be answered from the product model, not reconstructed from scattered logs and chat transcripts.

3. A Workflow Operating System

Kora brings these requirements into one operating model.

At the product level, Kora combines five layers:

  • workflow design and release management
  • organization, role, and participant modeling
  • integration and connected-account management
  • workflow execution and task handling
  • monitoring, audit, and operational review

Together, these layers let a team move from a documented process to an operational workflow system.

The core object is not an agent. It is a process.

A process describes the workflow graph: starts, tasks, service nodes, decisions, gateways, timers, receives, calls to other workflows, and ends. It defines typed inputs and outputs, state transitions, boundaries, and failure behavior.

Around that process, Kora models the organization:

  • roles, such as reviewer, approver, technician, dispatcher, or escalation owner
  • people, who represent modeled participants in the workflow
  • agents, who can perform selected tasks
  • capabilities, which describe the work a task requires
  • assignments, which decide whether a role is performed by a person or an agent
  • operations, which perform deterministic system actions
  • extensions, which connect Kora to external systems and provider-specific behavior

This model lets the workflow preserve its shape while responsibility changes. A team can keep the same process and move a task from a human reviewer to an AI agent, or from an agent back to a human, without throwing away the workflow itself.

That is the heart of Kora’s architecture: separate the work that needs to happen from the participant that performs it.

4. Conversational Authoring Without Uncontrolled Production Changes

Workflow design often begins in messy reality.

There may be process notes, stakeholder interviews, legacy diagrams, standard operating procedures, exceptions, edge cases, system handoffs, and approval rules. Turning that into an executable workflow is usually the job of a forward deployed engineer, solution architect, automation lead, or technical process owner who understands both the customer and the implementation.

Kora makes that work conversational.

A builder can describe an existing process, paste process notes, upload documentation, ask questions about the workflow, refine responsibilities, identify approval points, add integrations, test parts of the workflow, and compare proposed changes.

But the conversation is not the runtime.

Chat and local workspaces are proposal surfaces. They help a builder create and validate workflow source. They do not make a workflow live by themselves. When the proposal is ready, release creation freezes it into an immutable artifact. Deployment then applies that release to a specific environment.

This is important for enterprise adoption. AI can help design and improve the workflow, but the organization remains in control of when a change becomes operational.

5. Agents Inside Governed Workflows

Kora’s view of AI agents is intentionally pragmatic.

Most organizations will not begin by handing an entire process to an agent. They will start with one useful step.

Common patterns include:

  • Agent draft, human review: the agent prepares work and a human approves, edits, or rejects it.
  • Agent triage, human exception handling: the agent handles low-risk classification or summarization, while unclear or sensitive cases are routed to people.
  • Parallel human and AI work: an agent gathers supporting context while a human team performs judgment-heavy review.
  • Gradual expansion: the organization evaluates outcomes, then expands automation only where evidence supports it.

Kora supports these patterns by making agent work bounded.

An agent task is configured through workflow roles, assignments, capabilities, limits, tools, structured output expectations, sandbox policy, and enabled extensions. The workflow still determines how the result is used, when a human must review, and how exceptions are escalated.

This is different from giving an agent arbitrary tools and hoping the prompt contains enough governance. Kora places the agent inside the business process.

6. Enterprise Integration As A Product Boundary

Enterprise workflows do not run in isolation. They need to call systems, read records, update status, notify people, and exchange data with the tools an organization already uses.

Kora provides two complementary integration paths.

Service nodes call operations for deterministic work: API calls, data transforms, file extraction, system updates, provider calls, and other side-effecting behavior. Operations receive typed input and return typed output back into workflow state.

Installed extensions provide environment-scoped provider behavior. An extension can expose functions for operations, tools or skills for agent tasks, settings views, callbacks, schedules, and integration-specific state. Organizations can manage extension installs centrally, including configuration, grants, enabled state, and registered capabilities.

This gives customers a way to connect external systems without turning provider access into unstructured agent context. Credentials and provider state remain managed configuration. Agents and scripts receive only the specific access their workflow step is allowed to use.

7. Releases, Environments, And Operational Control

Kora treats workflow change as a first-class product concern.

A release is an immutable snapshot of authored workflow source. It can include process definitions, modeled participants, roles, capabilities, operations, decisions, templates, scripts, source files, and other definition-time inputs. Creating a release does not make it live.

An environment is a deployment target and runtime configuration scope. A production environment can have its own runtime variables, secret definitions, extension installs, policies, and live deployment pointer. Deploying a release to an environment validates and applies that release against the environment’s current configuration.

If deployment fails, Kora records the failed attempt and leaves the previous live pointer unchanged. Returning to a historical workflow is also explicit: deploy the historical release again, or materialize its source, edit it, create a new release, and deploy that.

This is deliberately different from silently mutating live behavior in place. The product model gives operators a trail of what changed, what was applied, where it was applied, and which release was live when work ran.

8. Security And Governance Posture

Kora is designed for business-critical workflow operation, so identity, authorization, tenant isolation, secrets, sandboxing, and audit are part of the operating model rather than afterthoughts.

Current product posture includes:

  • local authentication and OIDC-based SSO modes depending on deployment configuration
  • Kora-owned sessions, memberships, roles, org context, and authorization checks
  • organization-scoped API keys
  • tenant isolation through organization-scoped authorization and storage controls
  • managed secret storage rather than raw secrets in workflow source or prompts
  • explicit sandbox policy for hosted agent and service execution
  • opaque, scoped, expiring links for human review and artifact delivery
  • fail-closed behavior for security-sensitive configuration
  • append-only audit records for control-plane and security-relevant actions

The important product point is not a generic compliance claim. The point is that governance is built into the workflow operating model. Access, releases, deployments, environments, tasks, artifacts, integrations, and runtime evidence are all part of the same controlled system.

9. Where Kora Fits First

Kora is strongest where the workflow is important, cross-system, approval-heavy, and a good candidate for gradual AI assistance.

Good first use cases include:

  • manufacturing quality deviation or non-conformance handling
  • production or maintenance escalation
  • change-control approval
  • procurement or fulfillment exception handling
  • document intake and review
  • support escalation with human approval
  • compliance review handoff
  • operational incident triage and escalation

These workflows tend to share the same pattern:

  1. Something important happens in an enterprise system.
  2. The process routes through known steps.
  3. One or more humans review, approve, veto, or escalate.
  4. The run must be visible and auditable.
  5. One step can later move to an agent without redesigning the whole workflow.

That is why Kora’s recommended adoption path is incremental:

  1. Mirror the existing workflow.
  2. Prove reliability and visibility.
  3. Introduce agents selectively.
  4. Expand to more workflows and deeper integrations.

This path respects how serious operations actually change. It gives customers value before full autonomy, and it gives them evidence before broader rollout.

10. Why We Are Building Kora

We believe enterprise AI adoption will not be won by the most autonomous demo. It will be won by systems that let organizations introduce intelligence without losing operational discipline.

Agents need context, tools, and memory. But they also need boundaries: workflows, roles, approvals, releases, environments, audit, and evidence. Without those boundaries, AI remains impressive in isolated demos and risky in production.

The deeper opportunity is compounding. Every workflow run can teach the organization something: which cases were easy, which required judgment, which agent recommendation was accepted, which exception path mattered, and which outcome became ground truth. Over time, that becomes a private learning loop around the company’s own work. Human expertise does not disappear into a generic model; it becomes structured, reviewable, and reusable inside the company’s own operating system.

Kora is our answer to that problem.

It is a workflow operating system for organizations that need real work to run reliably. It starts from existing processes, keeps humans and approvals first-class, connects enterprise systems through explicit integration boundaries, and gives AI a governed place to participate.

The goal is not to replace business process discipline with agents.

The goal is to make business processes executable, observable, reviewable, and AI-ready.

That is the foundation we believe enterprises need for the next phase of agentic operations.

11. What We Want To Build With Customers

The best first Kora conversations are not abstract AI strategy conversations. They start with a real workflow.

Bring the quality exception process. Bring the production escalation path. Bring the change-control approval flow. Bring the procurement exception that crosses three systems and four teams. Bring the document review process where AI can help, but where a person still needs to own the final decision.

Kora is built for that kind of work: specific enough to model, important enough to govern, and valuable enough to improve over time.

If you have a workflow where reliability, approvals, integration, and gradual AI adoption all matter at once, we would like to talk.

Filed under announcements kora ai-agents