Overview
Plain-Python dual-channel RAG, workflow interoperability, safe preview, and optional service execution boundaries.
RAGSpine's engine is ordinary Python: typed seams, dataclasses, explicit stores, and readable
control flow. answer_question(...) is the Q&A composition entry point. A separate workflow
domain parses, scaffolds, previews, converts, and compiles Dify-compatible configuration; an
optional FastAPI service exposes those operations and a deliberately default-off executor.
This distinction matters. RAGSpine has Dify and n8n interchange surfaces, but it does not embed either platform's runtime, download their marketplaces at runtime, or require a graph framework to answer a question.
Architectural commitments
Code-enforced evidence
Structured values come from the fact store; a miss becomes an explicit refusal. Narrative answers retain source locators.
Domain packages
Fifteen top-level domains keep orchestration, storage, retrieval, interoperability, service, and CLI responsibilities visible.
Typed edges
Providers, embeddings, stores, chunkers, rerankers, queues, connectors, and matchers are injected behind Protocols.
Non-executing by default
Catalog, scaffold, parse, conversion, compile, topology, and preview operations do not execute workflows. Run routes are disabled by default.
Q&A request lifecycle
question
→ deterministic security/intent screening
→ clarification gateway
→ optional service-edge FAQ short-circuit
→ structured | narrative | composite route
structured: normalize → query fact store → found/not_found/unrecognized
narrative: filter → retrieve/fuse → rerank/postprocess → cited generation
composite: execute both evidence paths and merge
→ anti-fabrication/provenance checks
→ answer + sourcesOptional history is inserted only into the final generation message sequence. It never changes
the deterministic intent/security decision, the retrieval query, or what counts as evidence.
The narrative path can use metadata filters, per-library routing with RRF fusion, and store-level parent/window expansion. Citation fields remain those of the child hit; expanded text is separate generation context. A restricted child is removed before expansion.
Workflow lifecycle
description or JSON/YAML/TOML
→ normalize to JSON-compatible mapping
→ explicit template or catalog match
→ reuse safe Dify workflow | generate fixed start→llm→end graph
→ deterministic YAML/JSON + preview schema v1
→ optional analyze / convert / compile
→ explicit server-controlled execution gate (off by default)The catalog is package data: 7 curated templates plus 993 generated descriptors. Upstream Dify/n8n URLs are research metadata only; no upstream workflow text or credentials are redistributed.
Trust boundaries
- The base library and catalog need no API key.
- The service's ordinary engine/catalog/compiler routes have no built-in application auth and must be protected by deployment infrastructure.
- Dify-compatible public endpoints require a Bearer app key; n8n-compatible public CRUD requires
X-N8N-API-KEY. - Webhooks are intentionally unauthenticated and need ingress controls.
- Workflow execution is additionally gated by
RAGSPINE_DIFY_RUN_ENABLED=falseby default. - The in-process restriction layer is not an OS sandbox; subprocess resource limits are Linux-only.