Introducing /cards: Give your AI agent virtual cards

TL;DR

›/cards — issue virtual cards for an AI Employee in one call
›Per-employee scoping — every card is bound to one Employee with its own spend limit, MCC controls, and audit trail
›Structured transaction logging — log_card_transaction records every purchase so the audit trail is complete
›managed virtual cards under the hood for cards — accepted everywhere Visa is accepted
›Managed payouts — routes funds to the right payment rails when an Employee needs to disburse
›Composes with /kyc + /formation — cards issue against a verified Employee inside a formed Company

Today we're launching /cards — the primitive that gives an AI Employee real purchasing power. Virtual cards on the Visa network via managed virtual cards, per-Employee spend policy, and structured transaction logging that keeps the audit trail clean. prepaid gift cards is available to route payouts when an Employee needs to disburse funds. The result: your agent can actually buy things, and you can prove every charge.

The problem: agents need money, but money has KYC

A non-trivial autonomous business needs to spend. Cloud bills, software licenses, inbound leads, ads, contractor payments. The status quo here is bleak:

A shared corporate card the agent uses — every transaction is your transaction, auditing is a nightmare, and one runaway prompt drains your float.
A wallet abstraction (Plaid, Wise, crypto on-ramp) — closed loop, declined at most merchants, and no real bank account behind it.
DIY managed virtual cards — works for cards but you're now building a bank ledger, identity binding, and spend controls from scratch. Six months of work.

The reason it stays hard is that real money has real KYC. You can't just hand a card to "the agent" — somebody has to be the cardholder of record, and that somebody has to have passed identity verification. Every existing primitive fails on one of those two requirements.

Until now. With /cards, the cardholder is a /kyc-verified Employee, the issuing rails are managed virtual cards bound to the Company formed through /formation, and the card is a runtime object an agent can actually use.

How /cards works

The workflow is three steps:

Create — naive cards create --name "Marketing Card" --spending-limit 10000 returns a checkout_url for funding. Naïve creates the card on managed virtual cards with the specified spending limit.
Fund & Issue — open the checkout_url to complete payment. Then run naive cards check-payment <card_id> to issue the card. Once active, naive cards details <card_id> returns the full PAN, CVC, and expiry.
Log — after every purchase, call naive cards log-transaction <card_id> --amount <cents> --merchant-name "..." --description "...". This creates an auditable paper trail for every transaction.

This is the Company → Employee → Primitive model in its strictest form: the Company holds the rails through managed virtual cards, the Employee holds the card, and /cards is the primitive that binds them.

Two ways to issue a card: prompt or code

1. Natural language

naive cards create \
  --name "Marketing Card" \
  --spending-limit 50000

The CLI creates the card, returns a checkout_url for funding, and prints next steps including naive cards check-payment to issue the card after payment.

2. Code

const res = await fetch("https://api.usenaive.ai/v1/cards", {
  method: "POST",
  headers: {
    "Authorization": `Bearer ${process.env.NAIVE_API_KEY}`,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    name: "Marketing Card",
    spending_limit_cents: 50000,
    provider: "managed_virtual",
  }),
});
const { card, checkout_url } = await res.json();
// checkout_url — open to fund the card
// card.id — use with check-payment after funding

After funding, call POST /v1/cards/:id/check-payment to issue the card. Once active, GET /v1/cards/:id/details returns the full PAN, CVC, and expiry — use the credentials at any Visa-accepting merchant.

Spend controls and per-Employee limits

Every card has a policy object the runtime enforces at swipe time:

{
  monthlyLimit: 50000,           // cents
  dailyLimit: 10000,
  perTransactionLimit: 5000,
  allowedMccs: ["5734", "5818"], // optional allowlist
  blockedMccs: ["7995"],         // explicit blocks (gambling, etc.)
  velocity: {
    maxPerHour: 5,
    maxPerDay: 20,
  },
  geoFences: ["US"],
}

A swipe outside these bounds is declined at the network — there's no way for the agent to "try again harder." This is the safety surface that makes /cards deployable in production: even a misaligned agent can't drain the account.

Structured transaction logging

Every purchase the Employee makes should be followed by log_card_transaction:

naive cards log-transaction <card_id> \
  --amount 4800 \
  --merchant-name "Vendor Name" \
  --description "Q2 engineering subscription, approved by ops loop"

The log captures merchant, amount, and a free-text reason, so the Company has a structured paper trail next to the raw network transaction. The structured data is what makes spend audits, P&L categorisation, and month-end reconciliation work — an agent that purchases without logging leaves the work to a human later.

Payouts via managed rails

When an Employee needs to disburse funds — paying a contractor, sending a referral reward, settling an affiliate payout — /cards routes through prepaid gift cards so the funds land on the right rail for the recipient. The payout is logged the same way card purchases are, so the Company's records stay consistent.

What you can build with /cards

Run a per-Employee budget for an autonomous content brand — Issue a $200/month card to the writer Employee, a $1k/month card to the distributor Employee, and a $50/month card to the researcher Employee. Each operates independently inside their bounds.

Pay vendors and contractors — Card-spend for cloud bills and SaaS subscriptions; prepaid gift cards payouts for contractor invoices or affiliate payments. Compose with /email to receive and reconcile invoices.

Sandbox a high-risk experiment with a hard cap — Issue a $50 one-time card to a new Employee testing a new tool. The card auto-expires after the spend; the experiment can't bleed into your runway.

Issue cards bound to a real human cardholder of record — Pair /cards with /kyc so cards aren't refused at high-risk merchants — every card has a verified principal, the same way managed virtual cards requires for human-operated platforms.

Build agent-native expense management — Use the structured log_card_transaction data as the source of truth for monthly P&L, runway, and category-level burn rate.

Get started

Drop this starter prompt into any coding agent to wire up Naïve:

Read https://usenaive.ai/skill.md and use it to set up Naïve in my project.

Read the docs: usenaive.ai/docs/getting-started/cards
Quickstart: usenaive.ai/docs/getting-started/quickstart
Background reading: managed virtual cards (the underlying card rails) and prepaid gift cards (payout routing).
Join the community on Discord

Frequently Asked Questions

What is /cards?+

/cards is the Naïve primitive that gives an AI Employee real purchasing power. It issues virtual Visa cards backed by managed virtual cards, enforces per-Employee spend limits and merchant category controls, and asks the Employee to log every transaction it makes for a complete audit trail. prepaid gift cards is available for payout routing when an Employee needs to disburse funds.

How does /cards work?+

Run naive cards create --name 'Marketing Card' --spending-limit 10000 to create a card with a spending limit in cents. Naïve returns a checkout_url for funding. After payment, run naive cards check-payment <card_id> to issue the card, then naive cards details <card_id> to get the full card credentials. After every purchase, call naive cards log-transaction to record the spend.

Who's the underlying card issuer?+

Cards are issued via managed virtual cards on the Visa network. For payouts and disbursement, Naïve uses prepaid gift cards to route funds to the right rails. The exact ledgering and settlement details are described in the cards docs.

How much does /cards cost?+

Card issuance is a flat per-card fee. Interchange revenue from card purchases is shared between Naïve and the operator (you). See the pricing page for current rates.

How does /cards fit into the Naïve runtime?+

/cards composes managed virtual cards with the Naïve runtime so cards bind to a /kyc-verified Employee inside a Company formed through /formation. Every card carries per-Employee spend limits, MCC controls, and a structured transaction log. prepaid gift cards is available for payouts when an Employee needs to disburse funds.

Can a card be declined? What about fraud?+

Yes. Cards are declined when the spend policy denies the merchant (MCC), exceeds the limit, or fails velocity checks. Fraud detection runs at both the managed virtual cards layer (network-level) and the Naïve runtime layer (employee-behavior anomaly detection). Frozen cards can be unfrozen by an operator; replaced cards retain the same spend policy.

How do I get started with /cards?+

Install the CLI with npm install -g @usenaive-sdk/cli, create a cardholder with naive cards create-cardholder (one-time identity setup), then run naive cards create --name 'My Card' --spending-limit 50000. Fund the card via the checkout URL, then run naive cards check-payment <card_id> to issue it. The full quickstart is at usenaive.ai/docs/getting-started/quickstart.

Sean DorjeCo-founder

Co-founder of Naïve. Previously building the autonomous business stack.

@seandorje