A transparent look inside the Agentic Maturity Advisor
The Agentic Maturity Advisor is itself an example of the governed, observable, traceable agent infrastructure that Composable Stack helps organizations build. This page explains how it works — from identity and behavioral boundaries to conversation architecture and request-level observability.
Every agent in the Composable Stack ecosystem is governed by an Identity Rubric — a declarative specification that defines what the agent is, what it may do, and what it must never do. This pattern comes from the Language-Based Build System (LBBS) Governance Framework.
The Identity Rubric is injected as the system prompt at position [0] in every API request. It is the first thing the model reads before processing any user message.
The advisor uses a Socratic discovery approach — it asks targeted questions before making recommendations. This mirrors how a skilled human consultant operates: understand before you prescribe.
Every message sent to the advisor produces a structured API request to the LLM provider via OpenRouter. Here's what each request contains:
The full Identity Rubric, domain knowledge (5 dimensions, solution partners, challenge profiles, Secure Agentic Factory vision, Two-Tier Architecture), scoring rules, and behavioral guidelines. ~4,000 tokens.
Alternating user and assistant messages from the current session. Each user message is the verbatim text entered. Each assistant message includes the response text.
The latest question or response from the user.
finalAssessment — called when the agent has assessed all 5 dimensions. Outputs structured scores that are saved to the database and displayed as a radar chart.
The model produces two outputs for each response — the visible response textand internal reasoning. The reasoning trace shows the model's thought process: which dimensions it's connecting, what maturity level it's inferring, and why it chose a particular follow-up question.
This reasoning trace is exactly the kind of Chain-of-Thought observability that the maturity model evaluates at Level 3 (IT Integrated) and Level 4 (Sovereign). The advisor practices what it preaches.
Every interaction with the advisor is logged to S3-compatible storage with a structured schema that enables full attribution and auditability:
This log structure answers the core observability questions:
agentic-maturity-advisorThe trace structure above satisfies key requirements under the EU AI Act (2024/1689) and emerging global AI regulations. Each logged field maps to a specific compliance obligation:
Users can inspect the agent's Identity Rubric, see what model is being used, and review the exact data provided to the agent. The "Show Agent Context" panel makes this accessible in real time.
Every interaction is logged with unique requestId, ISO 8601 timestamps, model provenance, token counts, and full input/output content. Logs are immutable in S3-compatible storage.
Chain-of-thought reasoning traces capture the model's internal decision process — why it asked a particular question, what maturity level it inferred, and how it connected user context to recommendations.
The Identity Rubric establishes behavioral boundaries before the agent runs. Agent ID, model version, and provider are documented per-request — enabling vendor accountability and supply chain transparency.
Assessment results are stored in Supabase (PostgreSQL) with Row-Level Security. When a user schedules a consultation, their contact and assessment data are also written to the CRM for follow-up continuity.
This level of transparency, traceability, and governed behavior is what Composable Stack helps organizations achieve for their own agent deployments.