The company that taught engineering teams to measure how they ship is now trying to govern the AI agents shipping alongside them.
A logo, photographed like a suspect who keeps changing disguises: deployment tracker, DORA-metrics dashboard, and now the control plane for a room full of AI agents. Same eyes each time.
There is a particular kind of software company that is very good at one thing and spends years arguing with the market about what, exactly, that thing is. Sleuth is one of those companies. It was started around 2019 by three people who had spent a large chunk of their careers at Atlassian - Dylan Etkin, Don Brown, and Michael Knighten - and who had the specific, slightly obsessive experience of building the tools other engineers use to build things. Etkin was employee number-something-small at Atlassian and the first architect of Jira, the bug tracker that a generation of software teams have loved and resented in roughly equal measure. He later ran Bitbucket and Statuspage. So when he and his co-founders started a company, it was not going to be a photo-sharing app.
The founding question was almost embarrassingly plain: how do you actually know if an engineering team is getting better? Managers have always had a gut feeling and a burndown chart. Sleuth's answer was to lean on DORA metrics - deploy frequency, change lead time, change failure rate, and time to restore service - and to compute them automatically by watching how code actually moved from a developer's laptop into production. The pitch, circa 2020, was "mission control for continuous delivery." You connect Sleuth to your deploy pipeline and your issue tracker, and it quietly builds a picture of your delivery performance without anyone having to fill out a form.
Every unmanaged agent skill and MCP server is an unreviewed security surface.- Sleuth, on why AI tooling needs governance
Investors liked this. CRV led a $3M seed round in 2020, joined by angels from New Relic, Atlassian, LaunchDarkly, and Datadog - which is to say, people who sell observability and shipping tools and therefore understood the problem in their bones. Two years later, in May 2022, Felicis led a $22M Series A with Menlo Ventures and CRV, bringing the total raised to roughly $25M. The Series A came with a fashionable-for-2022 twist: Sleuth would use AI to model engineering efficiency, building a fully automated view of a team's DORA metrics by inferring how work flowed through pre-production and production environments.
Here is where the story gets honest. Etkin has spoken openly, including on Stack Overflow's blog and various conference stages, about a nagging issue with the entire category: dashboards do not change behavior. You can hand a team a beautiful chart of their lead time and watch absolutely nothing happen. He has a name for the places these charts go to die - the dashboard graveyard. The interesting problem, in other words, was never measurement for its own sake. It was connecting a metric to the very next thing a team decides to do.
That framing turns out to be portable. Because around 2025, a new and much larger version of "how do you know your engineers are getting better?" arrived, wearing a hoodie and calling itself an AI coding assistant.
The observation that reoriented the company is deceptively simple. Companies started buying AI coding licenses for everyone. And yet, reliably, only one or two developers on a team seemed to get the mythical 10x results. Sleuth's read on why is not that those people are geniuses - it's that they have carefully built up good context. The right rules, the right prompts, the right domain patterns, the right set of tools wired into their agent. And that context does not scale, because there is no infrastructure to define it once and hand it to everyone else.
Sleuth calls this the npm-shaped hole in the AI tooling stack. In normal software, if you write something useful you publish a package, other people install it, versions are pinned, and a registry keeps the whole thing honest. In the world of AI agents - skills, prompts, rules, and MCP servers (the Model Context Protocol connectors that let an agent reach out and touch your systems) - none of that plumbing existed. People were copying config files by hand. Rippling reportedly wrote a custom Go service just to push agent configuration across 800-plus repositories. Atlassian's own leaders have said publicly there was no good way to share agent rules past the basics.
Define your agents once. Distribute everywhere.- Sleuth Skills, product tagline
So Sleuth built the registry. The current flagship, Sleuth Skills, is a control plane for AI at organizational scale. You define an agent skill, a rule, a prompt, or an MCP server once, and Sleuth translates it and distributes it to every client your engineers actually use - Claude Code, Cursor, GitHub Copilot, Gemini CLI, Codex, Cline, and others - from a single source of truth. Crucially, it wraps that distribution in the boring, load-bearing machinery enterprises require: approval workflows, role-based access control, audit trails, version pinning, canary releases, and runtime visibility into what is actually deployed and whether anyone is using it. Sleuth is SOC 2 Type II certified, which is the sort of detail that means nothing to a hobbyist and everything to a procurement team.
There is also a straightforwardly security-flavored argument here, and it is a good one. Every skill and MCP server an employee installs is a small door into your organization's data - and most of them were never reviewed by anyone. Sleuth's governance layer gives you a central registry with trust levels, automatic blocking of unknown tools, and monitoring of exactly what resources each MCP server can reach. It is, essentially, the same instinct that started the company - make the invisible legible - pointed at a new and messier target.
Capture, version and distribute agent skills, prompts, rules and MCP servers across every AI client from one source of truth. Translate once; ship to Claude Code, Cursor, Copilot, Gemini and Codex.
A central registry with review and approval workflows, trust levels, RBAC and automatic blocking of unknown tools - plus monitoring of what data each MCP server can actually reach.
Automated, centralized visibility into delivery performance - deploy frequency, change lead time, failure rate and time to restore - modeled from how code moves to production.
A founding engineer and the first architect of Jira; later led Bitbucket and Statuspage across a 15-year run at Atlassian. Now a prominent voice on what engineering metrics are actually worth measuring.
Two decades across developer, architect and engineering-manager roles. Focused on connecting developers to production outcomes and the customers on the other end of a deploy.
Rounds out the founding team that previously helped bring continuous delivery to Atlassian's own engineering organization.
Ex-Atlassian engineers Etkin, Brown and Knighten set out to make software delivery measurable.
CRV leads, with angels from New Relic, Atlassian, LaunchDarkly and Datadog, to bring order to continuous deployment.
Felicis leads, with Menlo Ventures and CRV, to build AI-modeled DORA metrics.
Etkin becomes a public voice on engineering measurement, featured by Stack Overflow and at conferences like QCon.
Sleuth publishes its "npm-shaped hole" thesis and builds the Skills registry for agent skills and MCP servers.
Sleuth distributes agent skills, prompts and MCP servers across every major AI client from one source of truth.
Sleuth helps engineering organizations measure and govern how they build software. It began as automated DORA metrics and deployment tracking, and now offers Sleuth Skills - a control plane to define, govern and distribute AI agent skills, prompts and MCP servers across tools like Claude Code, Cursor and Copilot.
Dylan Etkin (CEO), Don Brown (CTO) and Michael Knighten - former Atlassian engineers. Etkin was a founding engineer and the first architect of Jira, and later led Bitbucket.
Roughly $25M total: a $3M seed round led by CRV in 2020, and a $22M Series A led by Felicis in 2022, with Menlo Ventures and CRV participating.
Sleuth is headquartered in San Francisco, California, and operates as a remote-friendly company of around 23 people.
Sleuth Skills lets a team define agent skills, rules and MCP servers once, then distribute governed, versioned copies to every client - with approval workflows, RBAC, audit trails and runtime visibility - so context and controls scale across the whole organization.