Skip to content
Execlave
Back to home

§ DOCUMENTATION

Getting Started

Add AI agent governance to your application in under 5 minutes.

§ 01

Prerequisites

Execlave Backend
Running on https://api.execlave.com
API Key
Generated from Settings → API Keys
§ 02

Choose your SDK

TypeScript/JavaScript and Python are both first-class. Pick one — the rest of this guide adapts.

§ 03

Instant setup with an AI assistant

Copy this prompt into GitHub Copilot, Cursor, or any AI coding assistant. It will install and wire Execlave into your project automatically.

§ Copy prompt · paste into your AI coding assistant
Integrate Execlave into my project using the JavaScript/TypeScript SDK. Here's what you need to do: 1. Install the SDK:   npm install @execlave/sdk 2. Add this environment variable to my .env file:   EXECLAVE_API_KEY=<my-api-key> 3. Create a file called "execlave.ts" (or .js) in my project's lib/ or utils/ folder with this initialization code: import { Execlave, AgentPausedError, PolicyBlockedError } from '@execlave/sdk'; export const ag = new Execlave({  apiKey: process.env.EXECLAVE_API_KEY!,  baseUrl: process.env.EXECLAVE_BASE_URL || 'https://api.execlave.com',  environment: process.env.NODE_ENV || 'development',  debug: process.env.NODE_ENV !== 'production',}); // Register agent on startup (idempotent — safe to call multiple times)export async function initAgent() {  return ag.registerAgent({    agentId: 'my-agent',    name: 'My AI Agent',    type: 'chatbot',    platform: 'custom',  });} // Wrap any LLM call with automatic tracingexport function traceCall<T>(fn: (input: string) => Promise<T>, agentId = 'my-agent') {  return ag.wrap(fn, { agentId });} // Export error types for catch blocksexport { AgentPausedError, PolicyBlockedError }; 4. In my main application entry point (e.g. index.ts, app.ts, or server.ts), call initAgent(): import { initAgent } from './lib/execlave';await initAgent(); 5. Wrap my LLM calls with BOTH pre-execution policy enforcement AND tracing. The enforcePolicy() call is synchronous and MUST run before the LLM call — it raises PolicyBlockedError if any block-mode policy fires (e.g. prompt injection). import { ag, AgentPausedError, PolicyBlockedError } from './lib/execlave'; async function handleUserMessage(userMessage: string) {  const trace = ag.startTrace({ agentId: 'my-agent' });  trace.setInput(userMessage);   try {    // Pre-execution policy check — MUST run before the LLM call.    // Throws PolicyBlockedError if a block-mode policy is violated.    await ag.enforcePolicy({ agentId: 'my-agent', input: userMessage });     const response = await myLLM.call(userMessage);    trace.setOutput(response).setModel('gpt-4').finish();    return response;  } catch (error) {    if (error instanceof PolicyBlockedError) {      trace.setOutput('[BLOCKED BY POLICY]').finish('error', error.message);      // Decide what the user sees — generic refusal is safest:      return 'Your input was blocked by our content policies.';    }    if (error instanceof AgentPausedError) {      trace.finish('error', error.message);      return 'Service temporarily unavailable.';    }    trace.finish('error', String(error));    throw error;  }} 6. Add graceful shutdown to catch process exit: process.on('SIGTERM', async () => {  await ag.shutdown();  process.exit(0);}); The SDK has zero runtime dependencies and automatically:- Buffers and batch-flushes traces in the background- Respects kill-switch (throws AgentPausedError if agent is paused)- Caches policy enforcement decisions (60s TTL)- Implements circuit breaker (3 failures → 60s backoff) IMPORTANT: tracing alone does NOT block LLM calls. Trace ingestion creates incidents post-hoc. To block requests before they reach the LLM, you MUST call ag.enforcePolicy() and handle PolicyBlockedError as shown above.
or follow the manual steps below
§ 04

Step-by-step guide

§ STEP 01

Install the SDK

Install the Execlave SDK package (zero runtime dependencies):

npm install @execlave/sdk
§ STEP 02

Get your API key

Go to Dashboard → Settings → API Keys and generate a new key. Copy the key — it starts with exe_prod_ or exe_dev_.

Add it to your environment:

# .envEXECLAVE_API_KEY=exe_prod_your_key_here
§ STEP 03

Initialize the SDK

Create a shared client instance:

// lib/execlave.tsimport { Execlave } from '@execlave/sdk'; export const ag = new Execlave({  apiKey: process.env.EXECLAVE_API_KEY!,  baseUrl: 'https://api.execlave.com',  // your Execlave API  environment: process.env.NODE_ENV || 'development',});
§ STEP 04

Register your agent

Register your AI agent on startup. This is idempotent — safe to call every time your app starts.

import { ag } from './lib/execlave'; // Call once during app initializationawait ag.registerAgent({  agentId: 'my-chatbot',         // unique identifier for your agent  name: 'Customer Support Bot',   // display name in dashboard  type: 'chatbot',                // chatbot | copilot | autonomous | workflow  platform: 'custom',             // custom | openai | anthropic | langchain});
§ STEP 05

Enforce policies and trace your first LLM call

enforcePolicy() is the synchronous gate that blocks LLM calls when a block-mode policy (e.g. prompt injection) fires. It MUST run before the LLM call. Tracing alone does not block — it creates incidents post-hoc.

import { ag, AgentPausedError, PolicyBlockedError } from './lib/execlave'; async function handleMessage(userMessage: string) {  const trace = ag.startTrace({    agentId: 'my-chatbot',    sessionId: 'user-session-123',  // optional: groups a conversation  });  trace.setInput(userMessage);   try {    // Pre-execution policy enforcement — MUST run BEFORE the LLM call.    // Throws PolicyBlockedError if a block-mode policy is violated.    await ag.enforcePolicy({ agentId: 'my-chatbot', input: userMessage });     const response = await openai.chat.completions.create({      model: 'gpt-4',      messages: [{ role: 'user', content: userMessage }],    });     const answer = response.choices[0].message.content;    trace      .setOutput(answer)      .setModel('gpt-4')      .setTokens(response.usage?.prompt_tokens, response.usage?.completion_tokens)      .setCost(0.03)      .finish();    return answer;   } catch (err) {    if (err instanceof PolicyBlockedError) {      trace.setOutput('[BLOCKED BY POLICY]').finish('error', err.message);      return 'Your input was blocked by our content policies.';    }    if (err instanceof AgentPausedError) {      trace.finish('error', err.message);      return 'Service temporarily unavailable.';    }    trace.finish('error', String(err));    throw err;  }}
§ STEP 06

Verify in the dashboard

Open the Execlave dashboard and check:

Agents →/dashboard/agentsTraces →/dashboard/traces

You should see your agent registered and traces flowing in.

§ 05

What's next?

Create policies
Add injection detection, PII protection, cost limits, and custom rules.
Set up kill switches
Pause any agent instantly from the dashboard when issues arise.
Configure webhooks
Get notified on Slack or email when policies are violated.
Add access grants
Control which agents can invoke other agents in your system.
§ 06

Error handling

The SDK exports specific error types so you can handle governance events gracefully:

import { AgentPausedError, PolicyBlockedError } from '@execlave/sdk'; try {  const result = await tracedCall('Process this order');} catch (err) {  if (err instanceof AgentPausedError) {    // Admin paused this agent via kill switch    return 'Service temporarily unavailable.';  }  if (err instanceof PolicyBlockedError) {    // A blocking policy was violated    return 'This request was blocked by security policy.';  }  throw err; // re-throw unexpected errors}
§ 07

SDK configuration

OptionDefaultDescription
apiKeyEXECLAVE_API_KEY envYour API key (exe_prod_xxx or exe_dev_xxx)
baseUrlhttps://api.execlave.comExeclave API URL
environmentproductionDeployment environment label
asyncModetrueBuffer traces and flush in background
batchSize100Max traces per flush batch
flushIntervalMs10000Background flush interval (ms)
debugfalseEnable verbose debug logging
enableControlChanneltruePoll for kill-switch status changes
pollIntervalMs15000Status polling interval (ms)
enableInjectionScantrueClient-side scoring that tags traces with an injection score. Does NOT block LLM calls — use enforcePolicy() with a block-mode injection policy to block.
enforcementOnOutagefail_openBehavior when API is unreachable (fail_open or fail_closed)
§ 08

Key API endpoints

The SDK handles these automatically, but here they are for direct API usage:

EndpointAuthDescription
POST /api/v1/agentsX-API-KeyRegister an agent
POST /api/v1/traces/ingestX-API-KeySubmit traces (up to 100 per batch)
POST /api/v1/policiesX-API-Key (admin)Create a governance policy
POST /api/v1/policies/enforceX-API-KeyPre-execution policy check
PATCH /api/v1/agents/:id/pauseX-API-Key (admin)Pause agent (kill switch)
PATCH /api/v1/agents/:id/resumeX-API-Key (admin)Resume paused agent
GET /api/v1/agents/:id/status-pollX-API-KeyCheck agent status
POST /api/v1/agents/:id/grantsX-API-Key (admin)Create agent-to-agent access grant
POST /api/v1/agents/authorizeX-API-KeyCheck if agent call is authorized
§ 09

Environment variables

Your application only needs one environment variable:

EXECLAVE_API_KEY=exe_prod_your_key_here

If you're running Execlave infrastructure locally, use these defaults:

# BackendDATABASE_URL=postgresql://postgres:postgres@localhost:5432/execlaveREDIS_URL=redis://localhost:6379PORT=4000 # FrontendNEXT_PUBLIC_API_URL=http://localhost:4000NEXT_PUBLIC_GRAPHQL_URL=http://localhost:4000/graphql # Start infrastructuredocker compose up -d        # PostgreSQL + Redis + MinIOcd backend && npm run dev   # API server on :4000cd frontend && npm run dev  # Dashboard on :3000
§ 10

Self-hosted deployment

Run the full Execlave platform on your own infrastructure with a license key. Your data never leaves your network. Only a 24-hour license heartbeat (fingerprint + timestamp, no customer data) crosses the boundary.

Quickstart

curl -O https://get.execlave.com/docker-compose.ymlexport LICENSE_KEY=exe_lic_<your-key>docker compose up -dopen http://localhost:3000

Get a license key

Request one at /get-license. Free tier licenses arrive within one business hour. For the complete self-hosted guide — environment variables, license semantics, backups, air-gapped mode, troubleshooting — see the self-hosted deployment guide.