§ DOCUMENTATION
Agent Governance Suite
Tiered autonomy, real-time cost controls, an agent registry, permission-drift detection, eval-to-policy suggestions, and data-access lineage — the controls that make Execlave an AI Agent Management Platform.
Every feature on this page is additive and backwards-compatible. Each is released behind an organization feature flag and rolled out gradually, so enabling one never changes the behaviour of your existing agents, policies, or SDK calls.
Tiered Governance Templates
Declare a single autonomy_level per agent and Execlave applies a curated bundle of controls for that tier. Any policy that does not fit the tier is flagged as a transparent “tier override” with an audit trail — uniform governance is the #1 cause of agent-project failure, so each tier gets the controls it actually needs.
| Level | Intent | Representative controls |
|---|---|---|
observe | Read-only, lightweight | injection scan, PII access (warn) |
advise | Read-only + quality gates | + quality threshold, output classifier |
act_with_approval | Writes, human-gated | + action approval, access control (block) |
autonomous | Writes + guardrails | + cost & budget caps, external-call & record-count limits |
# Pythonexe.register_agent(agent_id="support-bot", autonomy_level="act_with_approval") // TypeScriptexe.registerAgent({ agentId: 'support-bot', autonomyLevel: 'act_with_approval' });Real-Time Cost Circuit Breaker
1m / 1h / 1d / 1mo windows. Burn-rate alerts warn you before a cap is breached. If the cache backing the counters is ever unavailable the breaker fails open, so it never blocks legitimate traffic.POST /api/v1/cost-budget-rules{ "scope": "agent", // org | agent | user | workspace "scopeId": null, // null = applies per-entity (per agent here) "window": "1h", // 1m | 1h | 1d | 1mo "capUsd": 10, // dollars "action": "block", // warn | block | pause_agent "warningThresholdPct": 80, "burnRateAlertEnabled": true}| Action | Behaviour |
|---|---|
warn | Surfaces the rule in warnings; request continues. |
block | Denies the request and audits cost_circuit_breaker.tripped. |
pause_agent | Blocks and flags the agent for pause. |
Agent Registry & Lifecycle
One inventory of every agent with its lifecycle state (draft → testing → production → deprecated → retired), version history with diff and one-click rollback, and automatic detection of shadow agents (calling the API without being registered) and orphaned agents (registered but idle). Versioning is automatic on every create/update — your existing calls are unchanged. Optionally tag deploys from CI:
# Python — optional, additiveexe.report_agent_metadata(agent_id="bot-1", version_label="v2.1.0", git_commit="abc123") // TypeScriptexe.reportAgentMetadata({ agentId: 'bot-1', versionLabel: 'v2.1.0', gitCommit: 'abc123' });Permission Drift Detection
Capture a baseline of each agent’s effective permissions and let Execlave watch for drift continuously — auditor-ready evidence of least-privilege for HIPAA, GDPR, and CCPA.
| Drift type | What it catches |
|---|---|
privilege_added | New tool, data source, or domain since baseline (critical for delete/PII grants). |
privilege_removed | A permission disappeared — usually intentional. |
unused_detected | Granted but never invoked in N days — over-privilege. |
anomalous_access | Agent touched a resource it had never used before. |
Open events appear on the drift dashboard and flow into compliance reports; high and critical events can notify your configured channels.
Eval-to-Policy Suggestions
Observations — cost spikes, repeated PII leaks, novel external domains, eval failures — become suggested policies, scored by confidence. You stay in control: review the rationale and evidence, then accept, modify-and-accept, or reject. Nothing is ever auto-applied, and every decision is audited. Push your own eval failures via POST /api/v1/policy-suggestions/eval-failure.
Data Access Lineage
// TypeScript — annotate what data a run touched (metadata only, never values)trace.dataAccess = [{ source: 'postgres://prod/customers_db', resourcePath: 'users', fields: ['email', 'phone'], classifications: ['pii.email', 'pii.phone'], recordCount: 42, purpose: 'answer support question',}];Rollout & availability
These features are gated per organization and enabled during staged rollout. If a governance dashboard or API returns 404, the feature is not yet enabled for your org — contact support to join the rollout. SDK additions (autonomy_level, report_agent_metadata, dataAccess) are safe to adopt now: older servers simply ignore them.