toolsSource-backedReview first Safety ✓ Privacy ✓

Dify

Production-ready LLM app and agentic workflow platform with visual workflows, RAG pipelines, agent capabilities, model management, observability, prompt IDE, APIs, Dify Cloud, and self-hosted Docker Compose deployment.

by LangGenius·added 2026-06-18·

CLI

HarnessCLI

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

Dify can orchestrate workflows, RAG pipelines, agents, tools, APIs, model providers, and production application endpoints; review tool permissions and user-triggered actions before exposing apps.
Self-hosted deployments need normal production controls: authentication, TLS, network isolation, secret management, backups, database maintenance, object storage policy, and upgrade planning.
Agent and workflow nodes can call external tools, model providers, HTTP APIs, search tools, and custom integrations; apply least privilege and approval gates for write actions.
Enterprise, marketplace, cloud, and modified-license terms should be reviewed before using Dify as a multi-tenant service or white-labeled frontend.
Prompt IDE changes, workflow edits, model-provider changes, and dataset updates can alter production behavior; use versioning, staged releases, and rollback paths.

Privacy notes

Prompts, uploaded documents, knowledge-base chunks, embeddings, workflow variables, tool arguments, tool results, API requests, model responses, logs, annotations, and observability data may contain sensitive user or business data.
Do not store API keys, database credentials, private documents, customer records, regulated data, or internal URLs in examples, public apps, logs, screenshots, or shared prompts.
Review data paths for every model provider, embedding provider, reranker, tool, observability integration, storage backend, and Dify Cloud or self-hosted deployment component.
RAG and knowledge-base features need deletion, retention, access control, source freshness, and permission filtering policies before ingesting private corpora.

Prerequisites

Docker and Docker Compose for the documented self-hosted quick start, or a Dify Cloud workspace.
At least the upstream minimum CPU and memory resources for local deployment.
Model provider credentials for the LLMs, embedding models, rerankers, or API-compatible routes the application will use.
Storage, database, vector, observability, network, and backup planning before hosting real user data.
Review of the Dify Open Source License conditions, including multi-tenant service and frontend logo/copyright restrictions.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 30 minutes
Difficulty: intermediate

Tool listing metadata

Website: https://dify.ai
Pricing: freemium
Disclosure: editorial
Application category: DeveloperApplication
Operating system: Cross-platform

Full copyable content

cd docker
cp .env.example .env
docker compose up -d

About this resource

Overview

Dify is a production-oriented LLM application development platform for building agentic workflows, RAG applications, chat apps, model-backed APIs, and AI-powered products. It combines a visual workflow builder, RAG pipeline, agent capabilities, model management, prompt IDE, observability, logs, annotations, and backend APIs.

Use it when a team wants a visual app and workflow platform rather than a code-first agent framework. It is especially relevant for Dify AI, agentic workflow platform, LLM app builder, RAG pipeline, workflow builder, and LLMOps searches.

Install

The self-hosted quick start uses Docker Compose:

cd docker
cp .env.example .env
docker compose up -d

Dify also offers Dify Cloud and enterprise options. Review the license and commercial terms before running Dify as a multi-tenant service or changing frontend branding.

Platform Capabilities

Area	Dify Coverage
Visual Workflows	Workflow and chatflow canvas for composing LLM applications
RAG	Knowledge bases, document ingestion, retrieval, and application context
Agents	Function-calling or ReAct-style agents with prebuilt and custom tools
Model Management	Multiple proprietary, open-source, self-hosted, and API-compatible model providers
Prompt IDE	Prompt authoring, comparison, and application tuning interface
LLMOps	Logs, annotations, observability integrations, and production feedback loops
APIs	Backend APIs for integrating generated applications into product workflows
Deployment	Dify Cloud, Docker Compose self-hosting, Kubernetes/community deployment paths, and enterprise options

MCP and Agent Fit

Dify is not just a prompt playground. Its agent and workflow features can call tools, retrieve data from knowledge bases, and expose application APIs. That makes it adjacent to MCP and agent directories even when a deployment does not itself run as an MCP server.

For teams already using Claude Code, Codex, Gemini CLI, or MCP servers, Dify is often the visual product layer around similar tool, retrieval, model, and observability concerns.

Use Cases

Build visual AI workflows without writing every orchestration step by hand.
Ship RAG-backed chat or workflow applications.
Prototype agent workflows with tools and multiple model providers.
Add LLMOps logs, annotations, and observability to production apps.
Self-host an LLM app platform for internal teams.
Expose Dify applications through APIs in another product.
Compare visual builders such as Dify and Langflow against code-first agent frameworks such as LangChain, LangGraph, Pydantic AI, or Mastra.

Source Review

Verified on 2026-06-18:

The upstream repository describes Dify as an open-source LLM app development platform that combines AI workflow, RAG pipeline, agent capabilities, model management, observability, prompt IDE, and APIs.
The README documents a Docker Compose self-hosted quick start and Dify Cloud.
The README lists workflow, model-provider support, prompt IDE, RAG pipeline, agent capabilities, LLMOps, and backend API features.
The license is the Dify Open Source License, based on Apache 2.0 with additional commercial, multi-tenant, logo/copyright, and contributor conditions.
The current Dify docs resolve the introduction, quick start, and workflow documentation paths.

Safety and Privacy

Dify can become a production application surface, not just a local developer tool. Treat workflows, tools, model providers, knowledge bases, logs, API endpoints, and user uploads as production data flows with authentication, authorization, retention, and audit requirements.

For self-hosting, review Docker secrets, database credentials, object storage, vector storage, backups, TLS, network boundaries, and upgrade plans before exposing Dify to users. For Dify Cloud, review tenant isolation, retention, provider routing, and compliance requirements before sending sensitive data.

Duplicate Check

Checked current content/tools/, content/mcp/, content/agents/, content/skills/, guides, open pull requests, and repository-wide content for langgenius/dify, Dify, Dify AI, dify.ai, docs.dify.ai, Dify RAG pipeline, Dify agents, Dify workflow builder, and Dify LLMOps. Existing content only mentions Dify as an adjacent visual builder inside the Langflow entry; no dedicated Dify tools entry, exact source URL duplicate, target file, or open duplicate PR was found.

#dify #agentic-workflows #rag #agents #llmops #visual-builder #self-hosted

Source citations

Add this badge to your README

Show that Dify is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/tools/dify.svg)](https://heyclau.de/entry/tools/dify)

How it compares

Dify side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	Dify Production-ready LLM app and agentic workflow platform with visual workflows, RAG pipelines, agent capabilities, model management, observability, prompt IDE, APIs, Dify Cloud, and self-hosted Docker Compose deployment. Open dossier	RAGFlow Open-source RAG and agentic retrieval platform with DeepDoc document understanding, visual chunking, grounded citations, heterogeneous data-source ingestion, agent workflows, MCP support, code executor support, and Docker self-hosting. Open dossier	AnythingLLM Local-first AI application for private chat, document RAG, workspace agents, MCP-compatible tools, model routing, memories, scheduled tasks, multimodal workflows, multi-user Docker deployments, and self-hosted agent automation. Open dossier	Flowise Visual low-code builder for AI agents, RAG apps, chatbots, agentic workflows, multi-agent systems, LangChain-based components, API-serving flows, and self-hosted deployments through npm, Docker, and cloud platforms. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	tools	tools	tools	tools
Source	source-backed	source-backed	source-backed	source-backed
Author	LangGenius	InfinityFlow	Mintplex Labs	FlowiseAI
Added	2026-06-18	2026-06-18	2026-06-18	2026-06-18
Platforms	CLI	CLI	CLI	CLI
Source repo	—	—	—	—
Safety notes	✓Dify can orchestrate workflows, RAG pipelines, agents, tools, APIs, model providers, and production application endpoints; review tool permissions and user-triggered actions before exposing apps. Self-hosted deployments need normal production controls: authentication, TLS, network isolation, secret management, backups, database maintenance, object storage policy, and upgrade planning. Agent and workflow nodes can call external tools, model providers, HTTP APIs, search tools, and custom integrations; apply least privilege and approval gates for write actions. Enterprise, marketplace, cloud, and modified-license terms should be reviewed before using Dify as a multi-tenant service or white-labeled frontend. Prompt IDE changes, workflow edits, model-provider changes, and dataset updates can alter production behavior; use versioning, staged releases, and rollback paths.	✓RAGFlow is a multi-service RAG platform, not a small CLI. Review Docker services, exposed ports, persistent volumes, model-provider keys, parser settings, and update strategy before production use. The README notes x86 Docker image availability and separate guidance for ARM64 builds; verify architecture before deploying on ARM hosts. Deep document parsing, OCR, chunking, embeddings, reranking, agent workflows, MCP, and code executor features can process sensitive files and produce misleading outputs if retrieval quality is not tested. The code executor feature requires sandbox review. Use gVisor or another isolation plan before running generated or user-provided code. MCP support should be configured with localhost binding, API-key hygiene, dataset-level scoping, and read-only retrieval defaults unless a broader tool surface has been reviewed.	✓AnythingLLM can run agents, scheduled tasks, MCP-compatible tools, browser-like workspace actions, developer APIs, and external model calls; scope tools and credentials before enabling them for users. The upstream Docker guide includes examples that add the SYS_ADMIN capability to the container. Review whether that capability is acceptable for the host before copying production run commands. Multi-user Docker deployments need normal production controls: authentication, TLS, network isolation, secret management, persistent-volume ownership, backups, and upgrade planning. Agent tools, custom agents, model routing, memories, and scheduled tasks can change behavior over time; use least privilege, logging, review gates, and rollback plans for write-capable workflows. Localhost services such as Ollama, Chroma, LocalAI, or LM Studio may need Docker host routing adjustments; avoid exposing local provider ports wider than intended.	✓Flowise can turn visual flows into callable chatbots, agents, RAG pipelines, and API endpoints. Review each flow's tools, credentials, webhooks, and external actions before production use. Self-hosted deployments should protect the UI, credentials, flow exports, logs, and API endpoints with authentication, network controls, secret management, and backups. RAG flows may ingest private documents, chunk content, create embeddings, and query external vector databases; scope datasets and retention before sharing flows. Agentic workflows and multi-agent systems can call external services repeatedly; set quotas, rate limits, and approval gates for write actions. The repository license file says most code is Apache-2.0, while enterprise directories and files with explicit copyright notices use a commercial license; verify license boundaries before redistribution.
Privacy notes	✓Prompts, uploaded documents, knowledge-base chunks, embeddings, workflow variables, tool arguments, tool results, API requests, model responses, logs, annotations, and observability data may contain sensitive user or business data. Do not store API keys, database credentials, private documents, customer records, regulated data, or internal URLs in examples, public apps, logs, screenshots, or shared prompts. Review data paths for every model provider, embedding provider, reranker, tool, observability integration, storage backend, and Dify Cloud or self-hosted deployment component. RAG and knowledge-base features need deletion, retention, access control, source freshness, and permission filtering policies before ingesting private corpora.	✓Uploaded documents, parsed chunks, OCR text, embeddings, dataset metadata, chat history, citations, agent workflow state, code executor inputs, MCP payloads, logs, and model responses may contain private or regulated data. Model providers, embedding providers, rerankers, synchronized data sources, object storage, databases, and MCP clients may receive data depending on deployment settings. Keep RAGFlow API keys, provider keys, service configuration, dataset IDs, document IDs, logs, backups, and generated citations out of prompts, public issues, screenshots, and committed examples. Define retention, deletion, access review, and export rules before ingesting customer, financial, legal, healthcare, source-code, or credential-bearing documents.	✓Uploaded documents, parsed chunks, embeddings, workspace memories, prompts, chat history, agent state, scheduled task inputs, MCP payloads, provider responses, logs, and API calls may contain sensitive data. The README documents anonymous telemetry and an opt-out through DISABLE_TELEMETRY=true or the in-app privacy setting; review this before using regulated or confidential data. Even with telemetry disabled, outbound calls may still go to configured LLMs, embedding models, vector databases, external tools, cdn.anythingllm.com, GitHub, or GitHubusercontent depending on the deployment. Keep provider keys, JWT secrets, workspace invite links, storage paths, private documents, and generated citations out of public prompts, screenshots, issues, and examples.	✓Prompts, uploaded documents, chunks, embeddings, vector metadata, tool inputs, tool outputs, model responses, credentials, flow definitions, logs, and exported chatflows may contain private data. Model providers, embedding providers, vector stores, document loaders, search APIs, workflow integrations, and hosted Flowise Cloud may receive data depending on flow configuration. Do not commit `.env` files, provider keys, vector database secrets, webhook URLs, exported credentials, generated logs, or private flow templates. Before publishing a chatbot or API endpoint, review whether prompts, source documents, dataset IDs, and tool outputs are exposed to users or downstream systems.
Prerequisites	Docker and Docker Compose for the documented self-hosted quick start, or a Dify Cloud workspace. At least the upstream minimum CPU and memory resources for local deployment. Model provider credentials for the LLMs, embedding models, rerankers, or API-compatible routes the application will use. Storage, database, vector, observability, network, and backup planning before hosting real user data.	CPU with at least 4 cores, 16 GB RAM, 50 GB disk, Docker 24.0.0 or newer, and Docker Compose v2.26.1 or newer for the documented self-hosted path. Python 3.13 for source/development workflows. gVisor if the code executor sandbox feature will be used. Configured model-provider and embedding-provider keys in the documented service configuration.	Docker for the documented self-hosted path, or the desktop application for a local workstation install. At least the upstream minimum host resources, with disk sized for documents, embeddings, vector storage, models, logs, and backups. A local or remote LLM provider, embedding provider, and optional speech or image models for the workflows the workspace will run. A storage, backup, retention, and access-control plan before ingesting private documents or opening a multi-user Docker instance.	Node.js 20.0.0 or newer for npm installation. Docker Compose if using the documented Docker self-host path. Provider credentials for selected LLMs, embedding models, vector stores, document loaders, tools, or workflow integrations. Persistent database/storage configuration, auth settings, and environment variables before exposing a shared Flowise instance.
Install	`docker compose up -d`	`docker compose -f docker-compose.yml up -d`	`docker pull mintplexlabs/anythingllm`	`npm install -g flowise`
Config	—	—	—	—
Citations	Source repositorygithub.com 2026-06-18T20:44:04+00:00 Documentationdocs.dify.ai Websitedify.ai	Source repositorygithub.com 2026-06-18T20:44:04+00:00 Documentationragflow.io	Source repositorygithub.com 2026-06-18T20:44:04+00:00 Documentationdocs.anythingllm.com	Source repositorygithub.com 2026-06-18T20:44:04+00:00 Documentationdocs.flowiseai.com
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…