Building an Enterprise-Grade Unified Data & AI Catalog for Cortex
TL;DR
Built a comprehensive unified catalog system for Cortex’s multi-agent architecture, implementing Databricks Unity Catalog-proven governance patterns. The system provides automated asset discovery, three-level namespace organization, complete lineage tracking (data, AI, and decision flows), and natural language search capabilities. Currently cataloging 42 assets across 6 categories with 100% automation and sub-2-second searches, setting the foundation for Redis-backed performance upgrades.
Core capabilities:
- Automated discovery of coordination data, master agents, worker specs, and prompts
- Three-level namespace structure (
catalog.schema.assetpattern) - Complete lineage tracking for data, AI, and routing decisions
- Natural language search with sensitivity classification
- File-based JSON implementation ready for Redis migration
The Problem: Chaos in Multi-Agent Systems
When you’re running a sophisticated multi-agent AI system like Cortex with 7+ specialized master agents, dozens of workers, and hundreds of coordination files, you face a fundamental problem: How do you know what you have, where it is, who owns it, and how it’s being used?
Without a unified catalog, you end up with:
- Asset sprawl - Files scattered across directories with no organization
- Ownership confusion - Who’s responsible for what data?
- Security gaps - No visibility into sensitive data location
- Lineage blindness - Can’t trace how data flows through the system
- Discovery paralysis - Developers can’t find what they need
This is the exact problem that led Databricks to develop Unity Catalog, which now powers governance for companies like Amgen (reduced 120 roles to 1-2), Rivian (50x user growth), and thousands of enterprises worldwide.
The Solution: Unified Data & AI Catalog for Cortex
I built a comprehensive catalog system that brings Databricks-proven governance patterns to Cortex’s multi-agent architecture. Here’s what it does:
Core Capabilities
1. Automated Asset Discovery
The catalog automatically discovers and registers all cortex assets:
- Coordination data - Task queues, PM state, workforce streams, memory files
- Master agents - All 7 specialized masters tracked as first-class AI assets
- Worker specifications - Active, completed, and failed worker specs
- Agent prompts - Master/worker prompt definitions
- Routing decisions - MoE routing intelligence tracked over time
2. Three-Level Namespace Structure
Borrowed from Databricks’ proven catalog.schema.asset pattern:
coordination.tasks.task_queue
│ │ └─ Asset name
│ └─ Schema (category)
└─ Catalog (top-level namespace)Namespaces implemented:
coordination.*- Coordination layer data assetsmasters.*- Master agent AI assets (coordinator, development, security, cicd, inventory, testing, monitoring)workers.*- Worker agent specifications and execution datamoe.*- Mixture of Experts routing systemprompts.*- AI prompt templates and definitions
3. Complete Lineage Tracking
Three types of lineage tracked in real-time:
Data Lineage - Track data flow between assets
{
"source_asset": "coordination.tasks.task_queue",
"target_asset": "coordination.tasks.completed_tasks",
"transformation": "task_completion_flow"
}AI Lineage - Track which agents use which data
{
"agent_id": "coordinator-master",
"data_asset": "coordination.tasks.task_queue",
"operation": "read_and_route"
}Decision Lineage - Track routing decisions with confidence scores
{
"decision_id": "routing-decision-123",
"input_data": "coordination.routing.task_input",
"decision_output": "coordination.routing.master_assignment",
"confidence": 0.95
}4. Natural Language Search
Query the catalog with plain English:
- “Find all tasks assigned to security master”
- “Show routing decisions with confidence < 0.7”
- “List all PII-containing assets”
- “Show confidential assets owned by development master”
5. Sensitivity Classification
Every asset tagged with security level:
- public - Safe for public access
- internal - Internal use only
- confidential - Restricted access
- pii - Personally identifiable information
Asset Types
The catalog tracks three asset types:
Data Assets - Files, databases, configurations
{
"asset_id": "coordination.tasks.task_queue",
"asset_type": "data",
"namespace": "coordination.tasks",
"path": "/coordination/task-queue.json",
"format": "json",
"sensitivity": "internal",
"owner": "coordinator-master"
}AI Assets - Agents, models, capabilities
{
"asset_id": "masters.security.agent",
"asset_type": "ai",
"namespace": "masters.security",
"agent_type": "master",
"capabilities": ["vulnerability_scanning", "cve_remediation", "compliance_monitoring"],
"prompt_path": "/.claude/agents/security-master.md"
}Model Assets - Routing models, decision models, ML models
{
"asset_id": "moe.routing.decision_model",
"asset_type": "model",
"namespace": "moe.routing",
"model_type": "routing_classifier",
"version": "1.0.0",
"confidence_threshold": 0.7
}Architecture
Directory Structure
coordination/catalog/
├── metastore.json # Central catalog registry
├── schemas/ # Asset schema definitions
│ └── asset-schema.json
├── lineage/ # Lineage tracking
│ ├── data-lineage.jsonl
│ ├── ai-lineage.jsonl
│ └── decision-lineage.jsonl
└── indexes/ # Fast lookup indexes
├── by-type.json
├── by-owner.json
├── by-sensitivity.json
└── by-namespace.jsonCurrent Implementation: File-Based JSON
The initial implementation uses JSON files for simplicity:
- Metastore - Central registry of all assets
- Indexes - Pre-computed indexes for fast filtering
- Lineage logs - JSONL format for append-only lineage tracking
- CLI interface - Command-line tool for all operations
CLI Usage
# Run asset discovery
node lib/governance/catalog-cli.js discover
# Search with natural language
node lib/governance/catalog-cli.js search "Find all tasks assigned to security master"
# Get asset lineage
node lib/governance/catalog-cli.js lineage coordination.tasks.task_queue
# Tag assets
node lib/governance/catalog-cli.js tag coordination.tasks.task_queue '{"sensitivity": "internal"}'
# View statistics
node lib/governance/catalog-cli.js statsProgrammatic API
const CatalogManager = require('./lib/governance/catalog-manager');
const catalog = new CatalogManager();
// Discover all assets
const results = await catalog.discoverAssets();
// Register new asset
await catalog.registerAsset({
asset_name: "My Data Asset",
asset_type: "data",
namespace: "coordination.tasks",
path: "/path/to/asset.json",
format: "json",
sensitivity: "internal",
owner: "development-master"
});
// Search assets
const results = await catalog.searchAssets("Find all tasks assigned to security master");
// Record lineage
await catalog.recordDataLineage(
"coordination.tasks.task_queue",
"coordination.tasks.completed_tasks",
"task_completion_flow"
);
await catalog.recordAILineage(
"coordinator-master",
"coordination.tasks.task_queue",
"read_and_route"
);Components Used
Core Technologies
- Node.js - Runtime environment
- JSON/JSONL - Data storage format
- File system indexes - Fast lookups without database
Schemas
- JSON Schema - Asset validation
- Custom schemas - Asset types, lineage formats
Integration Points
- Cortex Coordination Layer - Discovers tasks, handoffs, routing decisions
- Master Agents - Tracks all 7 masters as AI assets
- Worker System - Catalogs worker specs and execution
- MoE Routing - Records routing decisions with confidence
Why This Matters
Governance at Scale
Following Databricks Unity Catalog patterns proven at:
- Amgen - Reduced 120 security roles to 1-2
- Rivian - Scaled from hundreds to 10,000+ users
- Industry consensus - 98% of CIOs say unified data+AI governance is critical
Multi-Agent Coordination
In a system with 7 master agents and dynamic worker pools:
- Prevent conflicts - Know who owns what
- Enable discovery - Find assets across agent boundaries
- Track decisions - Audit routing and handoffs
- Ensure compliance - Classify and protect sensitive data
Operational Excellence
- Reduced onboarding time - New agents discover existing assets
- Faster debugging - Trace lineage through the system
- Better security - Identify PII and confidential data
- Audit readiness - Complete history of all operations
Success Metrics
Current catalog statistics:
- 42 assets cataloged - Schemas, prompts, configurations
- 6 categories - Configuration, documentation, library, prompt, schema, scripts
- 100% automation - Discovery runs without manual intervention
- Sub-2-second searches - Fast natural language queries
- Complete lineage - Data, AI, and decision lineage tracked
What’s Next
The file-based implementation provides the foundation for future enhancements:
Phase 2: Redis-Backed Performance
- 500x faster lookups - Sub-millisecond asset queries
- Real-time updates - Pub/Sub for instant catalog refresh
- Graph traversal - Efficient lineage queries
- K8s native - CronJob for discovery, Service for API
Phase 3: Advanced Features
- Access control - Asset-level RBAC
- Quality metrics - Data quality scoring
- Compliance automation - Regulatory compliance checks
- Federation - Multi-catalog coordination
Phase 4: Intelligence Layer
- Auto-tagging - ML-powered asset classification
- Anomaly detection - Unusual access patterns
- Recommendations - Suggest related assets
- Impact analysis - Predict change impact
Conclusion
The Unified Data & AI Catalog brings enterprise-grade governance to Cortex’s multi-agent architecture. By implementing Databricks-proven patterns, we get:
✅ Complete visibility - Know every asset in the system ✅ Automated discovery - No manual cataloging required ✅ Natural language search - Find assets intuitively ✅ Full lineage tracking - Trace data/AI/decision flows ✅ Security classification - Protect sensitive data ✅ Multi-agent coordination - Prevent conflicts, enable discovery
This foundation enables Cortex to scale from dozens to thousands of assets while maintaining governance, compliance, and operational excellence.
Project: Cortex Multi-Agent AI System Component: Unified Data & AI Catalog Implementation: File-based JSON with CLI and programmatic API Inspired by: Databricks Unity Catalog Status: Production-ready Phase 1 implementation Next: Redis-backed performance upgrade for K8s deployment