PRism - Deployment Risk Intelligence
March 16, 2026 ยท View on GitHub
PRism - Deployment Risk Intelligence
Agentic Pre-Deployment Risk Gate, Powered by Microsoft AI Platform
Every engineer has shipped a breaking change. Tests passed. Linter was clean. And then production went down.
PRism exists because "tests pass" โ "safe to ship."
๐ฌ Watch the 2-minute Demo on YouTube
| ๐๏ธ Architecture | architecture.mermaid |
| ๐ Setup Platform | prism-dev-platform.orangemushroom-cc646ad1.eastus2.azurecontainerapps.io |
| ๐ VS Code Extension | marketplace.visualstudio.com |
| ๐ฌ Demo Video | youtube.com/watch?v=3jAxC7I3zYk |
The Problem
Current CI/CD pipelines are binary and stateless. They ask one question: "Did the tests pass?"
They never ask:
- Has this file caused production incidents before?
- Did test coverage actually drop for these new code paths?
- Are we deploying at 4:58 PM on a Friday before a long weekend?
- Was retry logic silently removed from a payment-critical path?
This makes deployment decisions feel like guesswork โ and sometimes, they are. The result is incidents that were entirely preventable, post-mortems written at 2 AM, and engineers afraid to merge.
PRism changes that. Instead of a binary pass/fail gate, PRism gives every PR a Deployment Confidence Score (0โ100) โ a multi-agent risk assessment that considers code quality, historical incidents, test coverage, and operational timing, all in real time.
How It Works (High-Level Overview)
PRism triggers automatically when a PR is opened or updated. Four specialized AI agents analyze the change in parallel, each returning a structured JSON payload via a shared Data Contract. The Verdict Agent ingests all four payloads and converges on a single governed decision.
Developer opens PR on GitHub
โ
โผ
prism-gate.yml (GitHub Actions)
auto-installed by Setup Wizard
โ
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ORCHESTRATOR AGENT โ
โ (Microsoft Agent Framework) โ
โ Governed by Microsoft Foundry โ
โโโโฌโโโโโโโโโโโฌโโโโโโโโโโโฌโโโโโโโโโโโฌโโโโโโโโโโ
โ โ โ โ
โผ โผ โผ โผ
[Diff [History [Coverage [Timing โ Parallel execution
Analyst] Agent] Agent] Agent]
โ โ โ โ
โโโโโโโโโโโโดโโโโโโโโโโโดโโโโโโโโโโโ
โ
๐ Data Contract
(unified JSON schema)
โ
โผ
VERDICT AGENT
Deployment Confidence Score
+ Risk Brief
+ Rollback Playbook
โ
โโโโโโโโโโโโดโโโโโโโโโโโ
โผ โผ
Score โฅ 70 Score < 70
โ
Greenlight โ Block Deploy
+ Auto-generate
missing tests
via Copilot
+ Rollback plan
See architecture.mermaid for the detailed system diagram (view on GitHub).
The Agents
| Agent | Signal | Hero Tech |
|---|---|---|
| Diff Analyst | Scans PR diff for dangerous patterns โ removed retry logic, missing error handlers, schema changes, hardcoded secrets | GitHub MCP Server + Azure OpenAI |
| History Agent | Correlates changed files with past production incidents via semantic search โ "payment_service.py involved in 4 of last 8 incidents" | Azure MCP Server + Azure AI Search |
| Coverage Agent | Detects test coverage regression; triggers GitHub Copilot Coding Agent to auto-write missing tests and open a new PR | GitHub Copilot Coding Agent |
| Timing Agent | Flags high-risk deployment windows โ Friday deploys, after-hours merges, pre-release proximity, US federal holidays | Microsoft Agent Framework |
| Verdict Agent | Ingests all four JSON payloads, computes Deployment Confidence Score (0โ100), generates risk brief and rollback playbook via GPT-4o-mini with Azure Content Safety guardrails | Microsoft Foundry |
Agent Weights: Diff Analyst 30% ยท History Agent 25% ยท Coverage Agent 25% ยท Timing Agent 20%
The Data Contract
Every specialist agent returns a standardized JSON payload. This enables true parallel execution โ the Orchestrator dispatches all four agents simultaneously and the Verdict Agent aggregates without sequential handoffs.
{
"agent_name": "string",
"risk_score_modifier": 25,
"status": "warning",
"findings": [
"Specific finding 1",
"Specific finding 2"
],
"recommended_action": "Plain-English recommendation for the Verdict Agent."
}
| Field | Type | Description |
|---|---|---|
agent_name | string | Identifier for the agent |
risk_score_modifier | integer 0โ100 | 0 = perfectly safe, 100 = critical failure |
status | enum | "pass" ยท "warning" ยท "critical" |
findings | string[] | Specific, actionable findings |
recommended_action | string | Plain-English recommendation for aggregation |
Sample Output
A PR comment posted automatically by PRism:
๐ฌ PRism Deployment Risk Assessment
Confidence Score: 21 / 100 โ HIGH RISK โ Deploy Blocked
Risk Brief:
โข payment_service.py linked to 4 of the last 8 production incidents
โข Test coverage dropped 9% (3 new functions have no tests)
โข Deployment window: Friday 4:47 PM โ historically high incident rate
โข retry logic removed from a payment-critical path
Action Taken:
โ
Missing tests auto-generated by Copilot โ PR #47 opened for review
๐ Rollback playbook generated โ attached to this PR comment
To override, a maintainer with write access must manually approve.
Tech Stack
| Category | Technology |
|---|---|
| Agent Orchestration | Microsoft Agent Framework (Semantic Kernel) |
| AI Models | Azure OpenAI GPT-4o-mini (Sweden Central) via Microsoft Foundry |
| Platform & Governance | Microsoft Azure AI Foundry (azure-ai-projects) |
| Observability | OpenTelemetry + Azure Monitor / Application Insights |
| Content Safety | Azure Content Safety |
| Tool Connectivity | Azure MCP Server ยท GitHub MCP Server |
| Semantic Incident Search | Azure AI Search (BM25 + semantic ranking) |
| Incident Ingestion | Azure Functions (Timer + Event Grid + HTTP triggers) |
| Code Generation | GitHub Copilot Coding Agent (auto-generates missing tests) |
| Cloud Infrastructure | Azure Container Apps ยท Azure PostgreSQL ยท Azure Container Registry |
| Infrastructure as Code | Bicep + PowerShell deploy scripts |
| Backend | Python 3.12 / FastAPI / Uvicorn |
| Database | SQLite (dev) ยท PostgreSQL via asyncpg (production) |
| Authentication | GitHub OAuth2 ยท JWT (PyJWT) ยท Fernet AES encryption |
| IDE Integration | VS Code Extension (TypeScript) |
| CI/CD | GitHub Actions (self-dogfooding with prism-gate.yml) |
Project Structure
PRism/
โโโ .github/
โ โโโ workflows/
โ โ โโโ ci.yml # PRism dogfeeds its own CI gate
โ โ โโโ prism-gate.yml # Workflow auto-installed in customer repos
โ โ โโโ deploy-azure.yml # Deploy orchestrator to Azure Container Apps
โ โ โโโ deploy-platform.yml # Deploy platform to Azure Container Apps
โ โโโ CODEOWNERS
โโโ agents/
โ โโโ orchestrator/ # Parallel dispatch, FastAPI webhook server (:8000)
โ โโโ diff_analyst/ # Dangerous pattern scanner (heuristics + LLM)
โ โโโ history_agent/ # Azure AI Search incident correlator
โ โโโ coverage_agent/ # Test regression detector + Copilot trigger
โ โโโ timing_agent/ # Deploy window risk (pure deterministic)
โ โโโ verdict_agent/ # Score aggregator + Foundry governance
โ โโโ shared/ # AgentResult + VerdictReport data contracts
โโโ platform/
โ โโโ server/ # FastAPI onboarding backend (:8080)
โ โ โโโ routers/ # auth, github_setup, azure_setup, registrations
โ โ โโโ services/ # auth_service, github_service, azure_service, db
โ โโโ frontend/ # Setup wizard (vanilla HTML/CSS/JS)
โโโ mcp_servers/
โ โโโ azure_mcp_server/ # Azure AI Search wrapper + incident ingestion
โ โโโ github_connector/ # GitHub MCP server configuration
โโโ foundry/
โ โโโ deployment_config/ # Bicep IaC templates + deploy/cleanup scripts
โโโ function_deploy/ # Azure Function app (incident ingestion triggers)
โโโ vscode_extension/ # PRism Confidence Sidebar (TypeScript)
โโโ tests/ # Unit + integration test suite
โโโ architecture.mermaid # System architecture diagram
โโโ requirements.txt
โโโ .env.example
Hackathon
AI Dev Days Hackathon โ Microsoft, February 10 โ March 15, 2026
Challenge: Automate and Optimize Software Delivery โ Agentic DevOps
Target prizes: Grand Prize (Agentic DevOps) ยท Best Multi-Agent System ยท Best Enterprise Solution ยท Best Azure Integration
๐ฌ Watch our 2-minute Demo Video on YouTube
PRism directly addresses the challenge criteria: intelligent CI/CD pipelines with agent orchestration, automated incident response, and real-time reliability monitoring โ with a pre-deployment risk gate that tests against real-world production state, not just isolated code.
For Judges: Download our VS Code extension and experience PRism from your own workspace. We cover up to 500 analysis runs using PRism's own Azure OpenAI model deployed on Microsoft Foundry โ no Azure subscription required on your end. You can also try the live Setup Platform to onboard a repo in under 3 minutes.
Team
Built by The Good Data Lab for the Microsoft AI Dev Days Hackathon 2026.
| Member | Owns |
|---|---|
| Ishan Soni | Orchestrator ยท Verdict Agent ยท Timing Agent ยท Foundry Governance ยท VS Code Extension ยท GitHub Actions & CI/CD ยท PR Comment Posting |
| Simarpreet Purba | History Agent ยท Azure MCP Server ยท Landing/Setup Platform ยท Incident Ingestion Pipeline ยท OAuth Flows ยท Bicep IaC |
| Gurinayat Mangat | Diff Analyst Agent ยท LLM Analysis ยท GitHub MCP Client ยท Heuristic Pattern Detection ยท PR Comment CI Risk Brief ยท Demo Video |
| Favour Ejike | Coverage Agent ยท Copilot Integration ยท Test Coverage Detection ยท Demo Video |
License
MIT โ see LICENSE