Declare
Version agent.config.ts beside your code — hard caps, allow/deny lists, and approval thresholds. Every agent provisions from the same declarative source of truth.
before action 1
Not a dashboard bolted on after deployment — policy declared in code, enforced on every primitive before money moves or a tool fires.
The console is not a dashboard after the fact. It is the enforcement path for cards, tools, sessions, secrets, and data.
Version agent.config.ts beside your code — hard caps, allow/deny lists, and approval thresholds. Every agent provisions from the same declarative source of truth.
before action 1
Every API call passes through Naïve first. Spends over policy wait for approval. Denied primitives never hit the wire. MCP tools scoped per session — zero standing access.
before action 2
Freeze a virtual card, terminate an MCP session, or deny a pending charge while the agent is still running. One audit log replays every primitive call with full context.
before action 3
Skip the manual wiring. Drop this prompt into your coding agent and it reads the skill, then integrates Naïve for you.
$ Read https://usenaive.ai/skill.md and use it to set up Naïve in my project.
Drop into any agent
Observability tells you what happened. Naïve blocks what isn't allowed — at the boundary where agents actually spend, call tools, and touch data.
Version agent.config.ts beside your code — hard caps, allow/deny lists, and approval thresholds. Every agent provisions from the same declarative source of truth.
Inventory agents after they're already running.
Shadow-AI scanners find what slipped past IT. Naïve provisions every agent through the control plane — you declare before anything deploys.
Every API call passes through Naïve first. Spends over policy wait for approval. Denied primitives never hit the wire. MCP tools scoped per session — zero standing access.
Trace prompts and tool calls after the fact.
Log viewers replay what an agent did. Naïve is the layer agents run through — policy fires before data moves, before a tool executes, before a dollar leaves.
Freeze a virtual card, terminate an MCP session, or deny a pending charge while the agent is still running. One audit log replays every primitive call with full context.
Authorize data access with standing roles.
Warehouse PBAC grants persist until someone revokes them. Naïve enforces purpose-bound, auto-expiring scopes at the moment of action — on real-world primitives, not just Snowflake rows.
Approvals, scoped sessions, encrypted vault, and spend-capped cards — every control enforced at the API boundary, per end-user.
Block risky primitives until a human approves.
View primitiveScoped MCP transport per user — revocable mid-flight.
View primitiveEncrypted secrets — every reveal logged and revocable.
View primitiveVirtual cards with hard limits enforced at authorization.
View primitiveAgent infrastructure as code — budgets, allow/deny, and approval rules versioned in your repo, enforced by the same bearer token as every other primitive.
Define identity, wallet, budget, approvals, and capability allow/deny lists in a single declarative file. Provision one agent or a million from the same config — versioned beside your application code.
import { defineAgent } from "@usenaive-sdk/iac";
export default defineAgent({
wallet: { limit: "$2,500/mo" },
budget: { hardCap: "$5,000" },
approvals: { over: "$500", via: "slack" },
allow: ["email", "search", "payments"],
deny: ["wire_transfer", "trading"],
});High-risk primitive calls block until a human approves or denies. The agent waits — denied actions never execute. Every decision streams to the unified audit log.
# List pending approvals
$ naive approvals list
# Approve or deny a blocked action
$ naive approvals approve <approval-id>Hand agents a per-user MCP endpoint with an allow-listed tool surface. No shared master API key. Kill any session instantly while agents are running.
# Create a scoped MCP session for an end user
$ naive sessions create --user alice
# Revoke instantly
$ naive sessions revoke <session-id>Declare identity, money, and permissions as code — then govern every action from zero to scale with one API.