Celigo's AI Agent and MCP Server turn integration flows into governed, auditable AI pipelines — outreach automation, candidate screening, natural-language ERP querying, and document extraction. Entech has been building these in production since the January 2026 Celigo AI release. Four flows are live. None of them are demos.
Talk to an integration expert →Celigo's AI Agent step lets you call an LLM — OpenAI, Anthropic, or Google — as a native step inside an integration flow. The model receives structured input, reasons over it, and returns a structured output that the next step in the flow can act on. That output might be a scored verdict, a piece of copy, a parsed document, or a query parameter. The flow handles the data movement; the agent handles the reasoning.
The MCP Server is different. It exposes Celigo flows as callable tools that an external AI agent — running in your own environment — can invoke via the Model Context Protocol. You define what the agent can call, what it can read, what it can write, and what requires human approval. Your ERP, CRM, or operational data becomes accessible to an AI assistant without credential exposure or uncontrolled API access.
Both patterns are running in production at Entech client sites. The infrastructure is managed by Celigo — execution logging, error handling, retry logic, rate limiting. The automation logic is scoped and tested by Entech before deployment. There is no "we'll figure out governance later" in any of these builds.
Prospect identification via Apollo, deep LinkedIn enrichment via Phantombuster, structured property storage in HubSpot, personalised copy via Celigo AI Agent with length and tone guardrails, sequence deployment via Smartlead. Campaign intent configured in a Google Sheet. The AI handles everything between research and send — no human in the loop in the operational flow.
Resume ingestion from Gmail, AI grading via OpenAI GPT with structured verdicts (Strong Match / Possible / Reject), human-in-the-loop review gate before survey dispatch, automated nurture sequences with deadline tracking, and interview intelligence via Whisper transcription with AI Agent structured summaries appended to candidate records in Google Sheets.
A Celigo AI Agent configured against Salesforce or NetSuite, exposed via a Slack slash command or custom interface. Users query live data in plain language — account history, pipeline summaries, inventory positions, renewal dates. Dynamic JavaScript filter mapping handles relative dates, currency thresholds, and multi-condition queries. Read-only enforced. All queries auditable in Celigo execution history.
Structured data extracted from unstructured inputs — supplier emails, PDF invoices, inbound EDI documents — and mapped into NetSuite or a downstream system without manual re-entry. AI parsing of non-standard document formats where the field positions aren't fixed. Exception routing for documents the model flags as low-confidence, so humans review edge cases rather than every record.
Integration flows that flag anomalies, generate plain-language summaries of what went wrong, and route exceptions to the right person with context — rather than just dropping an error code into a log. Particularly useful in high-volume EDI flows where a single malformed document inside a multi-transaction file previously required manual investigation. The AI Agent reads the error, identifies the record, explains the issue, and routes accordingly. Human intervention is targeted, not blanket.
TwinsAI needed personalised outreach at volume. Generic template sequences weren't producing results, and the research-to-send cycle required manual effort that didn't scale beyond a small team. Every campaign launch took days of preparation.
A Celigo AI Agent flow that pulls prospect data from Apollo, enriches with deep LinkedIn profile data via Phantombuster, stores structured custom properties in HubSpot, generates personalised copy using Claude 4.5 and GPT-5 with enforced length and tone guardrails, and deploys sequences automatically via Smartlead. Campaign managers configure intent in a Google Sheet — the AI handles everything from prospect identification to sequence launch. The live database holds over 10,000 contacts with zero manual data entry in the operational flow.
PandaTech received 400+ applicants per developer role. Manual screening consumed 80+ hours per hire and produced inconsistent outcomes — different reviewers applying different criteria to the same applicants.
Resume ingestion from Gmail, AI grading via OpenAI GPT-5 with structured verdicts (Strong Match / Possible / Reject) and written rationale per verdict, human-in-the-loop approval gate before survey dispatch, automated follow-up sequences with deadline tracking, and interview intelligence via Whisper transcription with AI-generated structured summaries appended to the candidate record in Google Sheets. All logic runs inside Celigo — no separate AI framework, no external orchestration layer to maintain.
The client's internal AI assistant had no access to live ERP data. Every NetSuite-dependent query required manual lookup. Direct LLM-to-NetSuite was rejected by IT on credential and audit grounds — the risk of an AI agent with unrestricted ERP access was not acceptable.
Callable tools defined in Celigo Tool Builder: inventory by SKU, open purchase orders, account balance, sales order status. A dedicated MCP Server in Celigo AI Studio with a stable endpoint and read-only scoped tokens. The AI agent discovers and invokes tools via the MCP protocol — NetSuite credentials never leave Celigo. Every invocation is logged in Celigo execution history with token-actor identity, satisfying the IT audit requirement that blocked the direct approach. The agent now answers ERP questions in real time without any manual lookup step.
RevOps and sales couldn't query Salesforce without SOQL knowledge or admin involvement. Every ad hoc question — pipeline by region, renewal dates for a cohort, account revenue history — required a ticket to the admin queue. Pre-built reports lagged the questions being asked in pipeline reviews.
A Celigo AI Agent configured against their Salesforce org, exposed via a Slack slash command. The agent translates natural language into structured query parameters, passes them to dynamic JavaScript filter mapping that handles relative dates, currency thresholds, and multi-condition filters, and returns formatted results directly in Slack. Read-only guardrails block any attempted write at the agent layer. All queries are logged and auditable. The admin queue for ad hoc data requests dropped significantly within the first week.
The question we get most often is: why not build this directly on the LLM's API, or use a dedicated AI orchestration framework? The answer is that the hard part of production AI automation is not the model call — it's everything around it. Error handling, retry logic, rate limiting, execution logging, credential management, downstream data routing. Celigo provides that infrastructure out of the box. We're building on top of it, not rebuilding it.
The MCP Server in particular solves a problem that direct API access doesn't: it gives you a governed, auditable access layer between an AI agent and your enterprise data. You define what the agent can see, what it can call, and what it can't. Your IT team gets the audit trail they need. Your users get the AI assistant they want. Both things are true at the same time because the governance is structural, not procedural.
AI logic, data routing, error handling, and logging all in one place — no separate orchestration framework to maintain alongside Celigo.
Every AI Agent execution logged in Celigo's execution history with input, output, and actor identity. Compliance-ready without custom instrumentation.
Multi-LLM orchestration — OpenAI, Anthropic, Google — configured in Celigo agent config, not in custom Python or a separate service that needs its own deployment pipeline.
ERP and CRM endpoints exposed as governed, callable tools via the Model Context Protocol — credential-safe, read-only where required, with per-tool access control.
Every AI automation engagement starts with a scope definition, not a model selection. What is the agent allowed to do? What data does it need access to? What actions can it take autonomously, and what requires human approval? What does the failure state look like, and how does it surface? These are engineering questions, not product questions — and they need answers before any flow is built.
For AI Agent flows, the governance architecture is part of the specification: approval gates, rate limits, read-only enforcement, execution logging, output validation. For MCP Server deployments, access control is defined at the tool level — individual endpoints scoped to specific operations, with token-actor logging that satisfies enterprise audit requirements. We don't retrofit governance after something goes wrong. It's in scope from day one.
The technical methodology behind these workflows →
Read the AI Agents & MCP capability page →The LLMs are capable enough. The bottleneck is usually the data plumbing around them — getting the right inputs in, routing the outputs correctly, handling errors without human intervention, and maintaining a governance layer that IT will actually approve. That's what we build. If you have a specific workflow in mind, we're happy to talk through whether Celigo is the right place for it and what build would actually look like.