Production-ready is a property of your repo, not a property of the framework you picked.

Because the framework is the easy choice and the deployment is the hard one. LangGraph, CrewAI, AutoGen, and Pydantic AI are all capable of getting to production on most workloads. The 95 percent of pilots that stall stall on missing artifacts, not on the wrong import. A team can wire LangGraph correctly and still not have a rubric, a case set, a CI gate, a runbook, or a failure playbook in their repo. That team has a framework. They do not have a production-ready agent. The 7-file rubric distinguishes those two states; a star count does not.

rubric.yaml at the repo root, eval/cases.yaml, .github/workflows/eval.yml, agents/contracts.py (or wherever your tool input/output pydantic models live), ops/runbook.md, ops/failure_playbook.md, and ARCHITECTURE.md at the repo root. The paths are not sacred but the existence of each artifact is. If your team uses different conventions (eval/test_cases.json, .gitlab-ci/eval.yml, docs/architecture/00-overview.md), edit the script. The discipline is the same: name the file, commit it, link it from the on-call rotation.

First, every file has at least one commit by a human author email in the last 30 days. A frozen architecture doc that has not changed since kickoff is a signal that the system has drifted past what the doc describes. Second, model_primary appears exactly once in rubric.yaml, so swapping providers is a one-line PR. Third, no vendor-attached runtime strings appear in pyproject.toml, package.json, or go.mod. Those three together rule out the failure modes most stuck pilots share: an outdated mental model, a hard-coded model name, and a license-attached runtime that cannot be moved.

No, intentionally. PIAS has shipped agents on Pydantic AI (Monetizy.ai), LangGraph + Bedrock (Upstate Remedial), Anthropic with custom orchestration (OpenLaw), and a custom DAG with multi-model inference (OpenArt). All four pass the 7-file rubric on their respective repos. The framework choice is downstream of the workload. The artifacts in the repo are upstream of every framework choice. Treating production-ready as a property of the framework gets the question backwards.

Stars and downloads measure adoption among hobbyists and pilots, not survival rate to production. A framework can have 24,800 stars and a 4 to 8 week median time-to-production for the teams that adopt it, which is not a slot a CTO can plan against without a rubric on her own deployment. The metric you want is whether the seven files land in your repo, with human commits, on the timeline you accepted at scoping. Stars are downstream of marketing budget. Files are downstream of an engineer.

From the week-0 scoping call with your product lead, written into a one-page memo. rubric_min_score 0.82 and ragas faithfulness 0.78 are the defaults we ship with because they correspond to acceptance levels that have held up across five named production agents on different stacks. Your numbers may differ. The discipline is that the threshold is named, written down, and signed off before the engineer touches the agent. Picking it after the eval is what makes a project unfalsifiable.

Yes, and a chunk of our engagements start there. We run the 5-minute inspection on day zero and treat each finding as a backlog item. Most pre-existing agents pass on agents/contracts.py and ARCHITECTURE.md and fail on rubric.yaml, eval/cases.yaml, and the failure playbook. A typical first PR in a remediation engagement adds rubric.yaml plus a starter eval/cases.yaml drawn from the last 30 days of real traffic. Week 2 is when the CI gate actually starts blocking regressions.

The 7-file rubric is the technical-substance layer underneath each of those compliance frames. SOC 2 wants change-management evidence; git log on rubric.yaml and ops/failure_playbook.md is exactly that. OWASP agentic AI risks live in eval/cases.yaml as adversarial rows and in agents/contracts.py as schema validation. The EU AI Act asks you to document risk management; ARCHITECTURE.md plus the rubric thresholds is the human-readable version of that document. Compliance frameworks describe what evidence to produce. The rubric describes where in the repo the evidence lives.

You have a stuck pilot, even if traffic is hitting it. The two missing files name the next two PRs. In the wild, the most common pair to be missing is rubric.yaml plus .github/workflows/eval.yml, which together mean every framework upgrade or model swap is unscored. The second most common pair is ops/runbook.md plus ops/failure_playbook.md, which together mean the on-call rotation is reading a Notion doc that was written by a contractor who left. Both gaps are addressable in a single engagement week if you have a senior engineer in the repo.

Because the rubric is supposed to live in your repo, run on your CI, and be readable by your engineers. A SaaS that scores production readiness is itself a vendor-attached runtime, which the rubric is designed to flag. Sixty lines of bash does not need a license, does not change between releases, and runs on the same checkout your CI runs on. We open-source it on every engagement. The discipline is the rubric, not the tool that runs it.