{"id":"azure-samples-agent-architecture-review-sample","name":"agent-architecture-review-sample","homepage":null,"repo_url":"https://github.com/Azure-Samples/agent-architecture-review-sample","category":"ai-ml","subcategories":[],"tags":["agent-architecture","architecture-review","risk-analysis","diagram-generation","excalidraw","mcp","fastapi","azure-openai","microsoft-foundry"],"what_it_does":"An open-source sample “Architecture Review Agent” that accepts architectural descriptions (YAML/Markdown/plaintext/files), parses and/or uses LLM inference to produce a structured risk analysis and recommendations, and generates interactive Excalidraw diagrams (with PNG export). It can run as a local CLI, a FastAPI-based web app (custom REST endpoints), or as a Microsoft Foundry hosted agent exposing an OpenAI Responses-compatible `/responses` endpoint.","use_cases":["Generate structured architecture reviews and prioritized risk/recommendation reports from design docs","Auto-produce editable architecture diagrams (Excalidraw) from input descriptions","Support pipeline/tooling integration via REST endpoints (web app) or `/responses` (hosted agent)","Assist developers in identifying architectural risks (e.g., component mapping, fan-in/fan-out, orphan detection) from textual system descriptions"],"not_for":["Replacing formal architecture governance/security reviews in regulated contexts without human validation","Handling sensitive secrets in untrusted input without proper redaction and data handling controls","Guaranteeing correctness/compliance of generated analyses (outputs depend on parsing rules + LLM inference)"],"best_when":"You need quick, iterative architecture feedback and diagram generation from semi-structured inputs, and you can provide Azure OpenAI/Microsoft Foundry model access plus (optionally) an Excalidraw MCP server.","avoid_when":"You need strict determinism, formal verification, or strong privacy guarantees for highly sensitive content; also avoid using the Excalidraw MCP connection with SSL verification disabled except in tightly controlled environments.","alternatives":["Other diagram/ADR generation tools with rule-based analysis","LLM-based architecture review SaaS/tools with explicit audit/compliance controls","Custom internal services using FastAPI + OpenAPI docs + your own model gateway and diagram renderer"],"af_score":47.0,"security_score":59.8,"reliability_score":30.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:22:46.368922+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["API key or Azure AD (for the Web App deployment)","Microsoft Foundry managed identity (for Hosted Agent deployment)","Azure OpenAI API key (for LLM inference; as configured in .env)"],"oauth":false,"scopes":false,"notes":"Authentication is described at a high level: Web App supports “API key or Azure AD” and Hosted Agent uses system-managed identity. No concrete OAuth scope model or fine-grained authorization details were provided in the excerpt."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Pricing is not specified in the provided content; costs likely depend on Azure OpenAI usage and Azure/App Service or Microsoft Foundry infrastructure."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":47.0,"security_score":59.8,"reliability_score":30.0,"mcp_server_quality":40.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":20.0,"tls_enforcement":80.0,"auth_strength":70.0,"scope_granularity":30.0,"dependency_hygiene":55.0,"secret_handling":60.0,"security_notes":"TLS is implied via HTTPS endpoints; however, the README describes an environment flag (ARCH_REVIEW_NO_SSL_VERIFY=1) that disables SSL verification for the Excalidraw MCP server connection, which materially increases risk if enabled outside tightly controlled troubleshooting. Authentication appears to support API key/Azure AD for the web app and managed identity for hosted agents, but fine-grained scope/authorization details are not provided. Secret handling guidance is limited in the excerpt; secrets are configured via .env (risk depends on logging practices not shown).","uptime_documented":0.0,"version_stability":50.0,"breaking_changes_history":50.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["May require disabling SSL verification via ARCH_REVIEW_NO_SSL_VERIFY to work in certain corporate proxy scenarios—this can weaken security if used broadly.","LLM inference paths can produce variable results; outputs depend on input quality and model deployment.","No explicit mention of rate limiting behavior, retry/idempotency semantics for API calls, or structured error codes in the provided README excerpt."]}}