Solutions · Governance

The control plane agents run through.

Not a dashboard bolted on after deployment — policy declared in code, enforced on every primitive before money moves or a tool fires.

Live policy boundary

Every agent action passes through here first.

The console is not a dashboard after the fact. It is the enforcement path for cards, tools, sessions, secrets, and data.

01Declare
02Enforce
03Revoke
01enforced

Declare

Version agent.config.ts beside your code — hard caps, allow/deny lists, and approval thresholds. Every agent provisions from the same declarative source of truth.

before action 1

02enforced

Enforce

Every API call passes through Naïve first. Spends over policy wait for approval. Denied primitives never hit the wire. MCP tools scoped per session — zero standing access.

before action 2

03enforced

Revoke

Freeze a virtual card, terminate an MCP session, or deny a pending charge while the agent is still running. One audit log replays every primitive call with full context.

before action 3

Zero-setup install

Let your agent set it up

Skip the manual wiring. Drop this prompt into your coding agent and it reads the skill, then integrates Naïve for you.

$ Read https://usenaive.ai/skill.md and use it to set up Naïve in my project.

Drop into any agent

Control plane

Declare · Enforce · Revoke

Observability tells you what happened. Naïve blocks what isn't allowed — at the boundary where agents actually spend, call tools, and touch data.

01Declare

Identity, budget, and permissions in your repo.

Version agent.config.ts beside your code — hard caps, allow/deny lists, and approval thresholds. Every agent provisions from the same declarative source of truth.

  • defineAgent — identity, wallet, budget, approvals
  • defineSystem — multi-agent orchestration in one file
  • Re-runnable IaC — the millionth agent matches the first
vs Discover

Inventory agents after they're already running.

Shadow-AI scanners find what slipped past IT. Naïve provisions every agent through the control plane — you declare before anything deploys.

02Enforce

Block at the primitive boundary — in real time.

Every API call passes through Naïve first. Spends over policy wait for approval. Denied primitives never hit the wire. MCP tools scoped per session — zero standing access.

  • Hard spend limits enforced at card authorization
  • Sensitive primitives pause until a human approves
  • MCP + A2A sessions carry scoped identity per hop
vs Observe

Trace prompts and tool calls after the fact.

Log viewers replay what an agent did. Naïve is the layer agents run through — policy fires before data moves, before a tool executes, before a dollar leaves.

03Revoke

Kill access mid-flight — not in the next audit cycle.

Freeze a virtual card, terminate an MCP session, or deny a pending charge while the agent is still running. One audit log replays every primitive call with full context.

  • Revoke cards, sessions, and vault secrets instantly
  • Denied charges show as blocked — not silent failures
  • Unified log across payments, tools, and primitives
vs Secure

Authorize data access with standing roles.

Warehouse PBAC grants persist until someone revokes them. Naïve enforces purpose-bound, auto-expiring scopes at the moment of action — on real-world primitives, not just Snowflake rows.

Primitives

Governance primitives that enforce — not just log.

Approvals, scoped sessions, encrypted vault, and spend-capped cards — every control enforced at the API boundary, per end-user.

Exact code

Declare policy. Enforce on every call.

Agent infrastructure as code — budgets, allow/deny, and approval rules versioned in your repo, enforced by the same bearer token as every other primitive.

agent.config.ts

Declare Policy as Code

Define identity, wallet, budget, approvals, and capability allow/deny lists in a single declarative file. Provision one agent or a million from the same config — versioned beside your application code.

defineAgent
Identity · wallet · budget · approvals.
allow / deny
Primitive capability whitelists.
defineSystem
Multi-agent orchestration.
Versioned
Same policy for agent #1 and #1M.
import { defineAgent } from "@usenaive-sdk/iac";

export default defineAgent({
  wallet:    { limit: "$2,500/mo" },
  budget:    { hardCap: "$5,000" },
  approvals: { over: "$500", via: "slack" },
  allow:     ["email", "search", "payments"],
  deny:      ["wire_transfer", "trading"],
});
GET /v1/approvals

Enforce with Approvals

High-risk primitive calls block until a human approves or denies. The agent waits — denied actions never execute. Every decision streams to the unified audit log.

Policy thresholds
Over $X, require approval.
Pending queue
Slack, email, or your UI.
Block at boundary
No silent bypass.
Audit trail
Who approved, who denied.
# List pending approvals
$ naive approvals list

# Approve or deny a blocked action
$ naive approvals approve <approval-id>
POST /v1/sessions

Scope MCP Sessions

Hand agents a per-user MCP endpoint with an allow-listed tool surface. No shared master API key. Kill any session instantly while agents are running.

Per-user MCP
SSE transport per session.
Tool allow-lists
Account Kit whitelists.
Zero standing access
No shared keys.
Kill mid-flight
Revoke while agents run.
# Create a scoped MCP session for an end user
$ naive sessions create --user alice

# Revoke instantly
$ naive sessions revoke <session-id>

Build on an enforcement layer, not a log viewer.

Declare identity, money, and permissions as code — then govern every action from zero to scale with one API.