Today we are releasing the Anyshift Graph API: direct access to the live knowledge graph Anyshift builds from your stack. Your tools, your pipelines, and your agents can now ask production questions and get the same answer every time, in milliseconds. Annie investigates; the Graph API answers the questions you ask every week, and it lets you wire those answers into everything you run.

It ships with a TypeScript SDK, an HTTP API, and MCP support. Get started in the SDK docs.

TL;DR, what you gain:

  • Efficiency boost: your agents work from the real state of production across the whole SDLC, instead of partial or stale data.
  • Lower AI cost: resolving production relationships in the graph before inference cut model-token usage by 83.5% in our live benchmark, up to 86% on cross-stack queries, for roughly 59% lower estimated cost.
  • Better governance: secrets stay protected, access is read-only, and your providers' API rate limits are preserved. Agents query the graph, not your cloud accounts.

Six examples, all backed by real graph queries.

Which alert is paging you for nothing?

298 alert events. One monitor flapped 149 times. Ranked in 0.379 seconds, from a live environment:

await gx.hotspots({ type: "alert" });

ROI: alert triage that took an hour every week now takes half a second, and you can decide what to silence with evidence in hand.

Live production context inside Backstage

Backstage knows what a service is. Anyshift adds its current operational context. The reference integration has three parts:

  • An entity tab for every Component and Resource, showing direct and transitive dependencies, SLOs, alerts, deployment impact, GitOps ownership, likely recent causes, runtime safeguards, and C4 diagrams. The readable answer comes first; the full Graph API evidence remains available underneath.
  • An estate-wide Anyshift page with a Datadog operations radar, catalog search, change and impact views, and a bounded deterministic query console.
  • An optional catalog provider that creates observed Components, Resources, and evidence-backed dependsOn relations from the graph. It publishes complete snapshots and preserves the last successful projection through transient topology failures.

Both UI surfaces call an authenticated Backstage backend plugin. The Anyshift project ID and token stay server-side; successful queries are cached briefly, invalid requests are rejected, and no deploy, restart, acknowledgement, remediation, or graph-mutation action is exposed.

Explore the complete Backstage reference integration.

ROI: developers get live context inside the catalog they already use, while the platform team can synchronize evidence-backed entities and relationships without maintaining a second dependency map by hand.

Which deploy caused the most damage?

Seven deployments in the last hour. One produced 23 correlated failures. Rank them, open the worst one, and the failure types and affected workloads are right there:

await gx.deployImpact({ since: "1h" });

ROI: you know which deploy to roll back within minutes, and the same check can run automatically in your pipeline.

Many failures, one shared cause

18 failing pods across six services. What do they all share? The graph names the shared node, workload, datastore, or external dependency, and how many of the failing pods it touches:

await gx.commonCause({ since: "1h" });

ROI: instead of investigating eighteen pods separately, your team goes straight to the shared cause.

A critical CVE just dropped. Where is that image running?

One vulnerable image tag. How much of production is exposed? The answer comes back exact: containers, pods, workloads, namespaces. In our environment, proxyv2:1.29.4 resolves to 10 containers, 10 pods, 5 workloads:

await gx.image({ target: "proxyv2:1.29.4" });

ROI: when a CVE drops, you know your exact exposure in seconds instead of spending a day searching manifests.

What escaped GitOps?

Everything should be managed by ArgoCD. What escaped? The graph lists the unmanaged workloads and namespaces. Pick one and trace it back to its application, repository, and source path:

await gx.gitops({ subject: "unmanaged" });

ROI: a compliance check that used to be a day of manual work can now run on every merge.

That is six of roughly forty. Blast radius, RBAC reach, SLO health, topology diagrams and the rest are in the capability reference, with more examples.

Get access

$ npm install @anyshift/graph-sdk

CLI, TypeScript SDK, HTTP, MCP. Pick the door, it is the same house. Setup guide and the full intent reference are in the SDK docs.

Your production already has the answers. Now everything you build can ask.