Second Wind Foundry
Documentation
Second Wind Foundry5 min read

Second Wind Foundry - Architecture

How Second Wind's agentic operating environment powers AI-native products for public accounting.

Abstract

The first wave of AI products answered questions. The current wave - Claude Code, Codex, and their peers - edits files, runs tests, and submits pull requests.

Second Wind operates at a different layer.

Coding agents are scoped to a repository. Second Wind coordinates across an entire workflow: ingesting financial documents, driving real browser sessions, orchestrating parallel specialist agents, managing live processes, and recording a complete evidence trail as it goes. It carries persistent memory across every session; not a fresh context window each time, but a sovereign operating identity that accumulates knowledge of your domain, your codebase, and your decisions.

This document describes a platform built for environments where accuracy must be auditable, failures must be loud, and context must compound over time.

The design principle is simple: nothing executes silently.

1. Architecture: Sovereign Runtime

The execution layer is called the Runtime Conductor: a structured dispatch system that sits between the agent's reasoning loop and the operating environment. The agent issues typed commands; the Conductor validates, executes, and records. Every operation is time-stamped, artifact-tagged, and traceable. The agent cannot act outside the Conductor's scope, and the Conductor cannot act silently.

This is not a plugin architecture. There is no prompt-to-tool bridge that requires the model to guess at a function signature. Commands are parsed from the agent's output as a typed protocol, dispatched to dedicated runners, and their results are returned as first-class context. The feedback loop is tight, observable, and governed.

The following are not conceptual capabilities. They run today.

Code and document editing, with structural awareness

When a specification changes, Second Wind doesn't find-and-replace. It locates the target symbol by semantic anchor, takes an automatic file snapshot, rewrites only the necessary lines using logic-aware diff application, and verifies the result before proceeding. If the edit would break an adjacent structure, it says so. Rollback is only one step away. Large refactors - moving a method, renaming a parameter across forty files, restructuring an interface - execute as a reviewable sequence of idempotent patches.

Parallel specialist orchestration

A single task can decompose into a coordinated team. When tasked with reviewing 400 investor K-1 packages, Second Wind spawns parallel sub-agents - each assigned a bounded subset of documents, each operating with its own context and completion contract. The parent agent waits, collects, and synthesizes. Specialists can be suspended and resumed; their full conversation history persists. Spawn depth is governed at the runtime layer; runaway recursion is rejected before it starts.

Live process management

Second Wind starts and manages real operating system processes - compilers, test runners, build pipelines, dynamic service 'sidecars' - and stays connected to their output streams. A dotnet watch test runner becomes a persistent sentinel: Second Wind monitors its stdout, wakes when tests fail, diagnoses the failure, applies a fix, and confirms green - without human intervention between steps. Long-running processes outlive individual agent turns and are cleaned up safely when the session ends.

Browser and API access

GraphQL queries, REST calls, and paginated API responses are first-class operations. For content that requires JavaScript execution, Second Wind drives a real browser session - navigating portals, filling forms, extracting structured data from rendered tables, and capturing screenshots as evidence. No screen-sharing required. No manual handoff.

Native enterprise tool integration via MCP

Through the Model Context Protocol, Second Wind connects directly to the tools your team already uses - GitHub, Slack, Postgres, and others. A complete workflow - open a pull request, post a Slack summary to the team channel, and write an audit record to the database - happens in a single coordinated agent turn, without custom integration code.

Real-time event handling

Second Wind can open and serve local HTTP and WebSocket endpoints within its own session. A CI/CD callback, an incoming webhook from a financial system, or a real-time event stream becomes an active signal in the agent's reasoning loop - not a trigger for a separate process. Second Wind receives the event, acts on it, and responds - all within the same governed context.

Every command is logged, traced, and artifact-tagged.

Nothing executes silently.

2. Financial and Document Workflows

Second Wind was purpose-built for high-stakes financial workflows where accuracy and traceability are non-negotiable.

Document ingestion. PDF K-1s, trial balances, and partner schedules are ingested natively into the agent's context without routing sensitive documents through third-party services.

Schema-correct generation. Agents produce auditable outputs: IRS XML, structured YAML, and formatted reports that conform to submission schemas validated against canonical field catalogs. Errors are loud; silence indicates correctness.

Transactional integrity. All write operations follow an idempotent, snapshot-and-verify pattern. The runtime takes file snapshots before every edit and exposes rollback paths. The agent is designed to fail visibly, not silently.

Partnership tax. Waterfall allocation engines, K-1/K-2/K-3 generation, and SALT compliance workflows are built natively on this substrate, not wrapped around legacy tools.

3. Security and Identity

Invisible Auth. Secrets never enter the agent's reasoning context. API keys, PATs, and client secrets are injected at the host layer by an authentication service (MSAL/Azure AD). The agent receives identity-bearing tokens; it never handles raw credentials. This is enforced architecturally, not by policy.

Artifact trail. Every command, result, and output is tagged, time-stamped, and written to a structured artifact trail at execution time. The record is append-only, not reconstructed from logs after the fact.

4. Observability

Second Wind is instrumented with OpenTelemetry. Agent turns, reasoning phases, and command execution are wrapped in structured spans for enterprise-grade tracing and diagnostics.

Token cost telemetry is captured in real time, providing per-turn, per-session, and per-model cost attribution across all three AI providers (Anthropic, Gemini, OpenAI). A live dashboard reports cost by session, model, and calendar month, supporting both operational visibility and billing accountability.

5. Scale and Orchestration

SubAgent parallelism. Complex workflows decompose into specialist sub-agents, each with a bounded task, explicit completion contract, and isolated context. A parent agent coordinates, waits, and synthesizes results. Spawn depth is governed; runaway recursion is rejected at the runtime layer.

Swarm topology. Multiple first-class agent instances - operating on different models, different harnesses, or with different context - coordinate via structured background messaging. The orchestrating agent retains authority; workers operate within narrow contractual scopes.

Persistent specialists. Sub-agents can be suspended and resumed, preserving full conversation history. Long-running processes distribute across specialists without context reload.

6. Summary

Second Wind Foundry builds AI-native products that operate, explain, and evolve. Products built on this substrate are self-aware: they can diagnose their own outputs, propose corrections as pull requests, and surface evidence for every conclusion.

The architecture described here runs in production today, across legal, financial, and engineering workflows, with a growing portfolio of domain-specific applications in public accounting.