novyx 2.11.0 → 3.1.0

package/dist/index.d.mts

@@ -301,6 +301,68 @@ interface StreamStatusResult {
     connections: number;
     event_bus: Record<string, any>;
 }
+interface Agent {
+    agent_id: string;
+    name: string;
+    model: string;
+    provider: string;
+    description?: string;
+    instructions?: string;
+    memory_scope?: string;
+    capabilities: string[];
+    policy_profile?: Record<string, any>;
+    config?: Record<string, any>;
+    status: string;
+    created_at: string;
+    updated_at?: string;
+}
+interface Mission {
+    mission_id: string;
+    agent_id: string;
+    goal: string;
+    constraints?: string[];
+    success_criteria?: string[];
+    allowed_capabilities?: string[];
+    escalation_rules?: Record<string, any>[];
+    stop_conditions?: string[];
+    config?: Record<string, any>;
+    status: string;
+    created_at: string;
+    updated_at?: string;
+}
+interface Capability {
+    capability_id: string;
+    name: string;
+    description?: string;
+    tools?: Record<string, any>[];
+    risk_levels?: Record<string, any>;
+    approval_requirements?: Record<string, any>;
+    memory_behavior?: Record<string, any>;
+    eval_rules?: Record<string, any>;
+    config?: Record<string, any>;
+    status: string;
+    created_at: string;
+    updated_at?: string;
+}
+interface Checkpoint {
+    checkpoint_id: string;
+    mission_id: string;
+    label?: string;
+    metadata?: Record<string, any>;
+    mission_status?: string;
+    created_at: string;
+}
+interface Intervention {
+    intervention_id: string;
+    intervention_type: string;
+    mission_id?: string;
+    action_id?: string;
+    agent_id?: string;
+    rationale?: string;
+    metadata?: Record<string, any>;
+    actor?: string;
+    created_at: string;
+}
 
 declare class NovyxSession {
     private client;
@@ -561,7 +623,93 @@ declare class Novyx {
         reason?: string;
         approver_id?: string;
     }): Promise<Record<string, any>>;
-    listPolicies(): Promise<PoliciesResult>;
+    listPolicies(opts?: {
+        agent_id?: string;
+    }): Promise<PoliciesResult>;
+    /**
+     * Create or update a custom Control policy.
+     *
+     * Tier requirements:
+     * - draft_policies (Starter+) for any custom policy
+     * - agent_scoped_policies (Pro+) when agent_id is set
+     *
+     * @example
+     * await nx.createPolicy({
+     *   name: "pii_protection",
+     *   description: "Block PII exposure",
+     *   rules: [
+     *     {
+     *       match: "(ssn|social.security|passport)",
+     *       severity: "critical",
+     *       reason: "PII detected: {match}",
+     *     },
+     *   ],
+     *   whitelisted_domains: ["internal.company.com"],
+     * });
+     */
+    createPolicy(params: {
+        name: string;
+        rules: Array<Record<string, any>>;
+        description?: string;
+        step_types?: string[];
+        whitelisted_domains?: string[];
+        enabled?: boolean;
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Get a single policy by name and scope.
+     *
+     * The same policy name can exist at both tenant-wide (no agent_id) and
+     * agent-scoped levels independently. Specify which one you want.
+     */
+    getPolicy(policyName: string, opts?: {
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Update an existing custom policy. Increments version.
+     * agent_id targets the agent-scoped version; omit to update tenant-wide.
+     */
+    updatePolicy(policyName: string, params: {
+        rules: Array<Record<string, any>>;
+        description?: string;
+        step_types?: string[];
+        whitelisted_domains?: string[];
+        enabled?: boolean;
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Disable a custom policy (soft delete).
+     * Built-in policies cannot be deleted.
+     */
+    deletePolicy(policyName: string, opts?: {
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Aggregated governance stats over the audit chain.
+     *
+     * Returns totals (evaluations, executed, pending_review, approved, denied),
+     * violations broken down by policy and agent, and a time-series of activity.
+     *
+     * Tier: governance_dashboard feature (Starter+).
+     *
+     * @example
+     * const dash = await nx.governanceDashboard({ window: "7d" });
+     * console.log(dash.totals);
+     */
+    governanceDashboard(opts?: {
+        window?: "24h" | "7d" | "30d";
+        bucket?: "hour" | "day";
+    }): Promise<Record<string, any>>;
+    /**
+     * Per-agent violation history from the audit chain.
+     *
+     * Tier: governance_dashboard feature (Starter+).
+     */
+    agentViolations(agentId: string, opts?: {
+        limit?: number;
+        since?: string;
+        until?: string;
+    }): Promise<Record<string, any>>;
     explainAction(actionId: string): Promise<Record<string, any>>;
     streamStatus(): Promise<StreamStatusResult>;
     memoryHealth(): Promise<Record<string, any>>;
@@ -576,6 +724,95 @@ declare class Novyx {
     }): Promise<any>;
     /** Check the current Control policy profile. */
     policyCheck(): Promise<any>;
+    createAgent(params: {
+        name: string;
+        provider: "openai" | "anthropic" | "litellm";
+        model: string;
+        agent_id?: string;
+        description?: string;
+        instructions?: string;
+        capabilities?: string[];
+        memory_scope?: string;
+        policy_profile?: Record<string, any>;
+        config?: Record<string, any>;
+    }): Promise<Agent>;
+    getAgent(agentId: string): Promise<Agent>;
+    listAgents(opts?: {
+        status?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    updateAgent(agentId: string, updates: Record<string, any>): Promise<Agent>;
+    deleteAgent(agentId: string): Promise<Record<string, any>>;
+    createMission(params: {
+        agent_id: string;
+        goal: string;
+        constraints?: string[];
+        success_criteria?: string[];
+        allowed_capabilities?: string[];
+        escalation_rules?: Record<string, any>[];
+        stop_conditions?: string[];
+        config?: Record<string, any>;
+    }): Promise<Mission>;
+    getMission(missionId: string): Promise<Mission>;
+    listMissions(opts?: {
+        agent_id?: string;
+        status?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    updateMission(missionId: string, updates: Record<string, any>): Promise<Mission>;
+    deleteMission(missionId: string): Promise<Record<string, any>>;
+    pauseMission(missionId: string): Promise<Mission>;
+    resumeMission(missionId: string): Promise<Mission>;
+    cancelMission(missionId: string): Promise<Mission>;
+    createCapability(params: {
+        name: string;
+        capability_id?: string;
+        description?: string;
+        tools?: Record<string, any>[];
+        risk_levels?: Record<string, any>;
+        approval_requirements?: Record<string, any>;
+        memory_behavior?: Record<string, any>;
+        eval_rules?: Record<string, any>;
+        config?: Record<string, any>;
+    }): Promise<Capability>;
+    getCapability(capabilityId: string): Promise<Capability>;
+    listCapabilities(opts?: {
+        status?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    updateCapability(capabilityId: string, updates: Record<string, any>): Promise<Capability>;
+    deleteCapability(capabilityId: string): Promise<Record<string, any>>;
+    createCheckpoint(missionId: string, opts?: {
+        label?: string;
+        metadata?: Record<string, any>;
+    }): Promise<Checkpoint>;
+    getCheckpoint(checkpointId: string): Promise<Checkpoint>;
+    listCheckpoints(missionId: string, opts?: {
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    rollbackToCheckpoint(missionId: string, checkpointId: string, opts?: {
+        reason?: string;
+    }): Promise<Record<string, any>>;
+    createIntervention(params: {
+        intervention_type: string;
+        mission_id?: string;
+        action_id?: string;
+        agent_id?: string;
+        rationale?: string;
+        metadata?: Record<string, any>;
+    }): Promise<Intervention>;
+    getIntervention(interventionId: string): Promise<Intervention>;
+    listInterventions(opts?: {
+        mission_id?: string;
+        agent_id?: string;
+        intervention_type?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
 }
 
 declare class NovyxError extends Error {

package/dist/index.d.ts

@@ -301,6 +301,68 @@ interface StreamStatusResult {
     connections: number;
     event_bus: Record<string, any>;
 }
+interface Agent {
+    agent_id: string;
+    name: string;
+    model: string;
+    provider: string;
+    description?: string;
+    instructions?: string;
+    memory_scope?: string;
+    capabilities: string[];
+    policy_profile?: Record<string, any>;
+    config?: Record<string, any>;
+    status: string;
+    created_at: string;
+    updated_at?: string;
+}
+interface Mission {
+    mission_id: string;
+    agent_id: string;
+    goal: string;
+    constraints?: string[];
+    success_criteria?: string[];
+    allowed_capabilities?: string[];
+    escalation_rules?: Record<string, any>[];
+    stop_conditions?: string[];
+    config?: Record<string, any>;
+    status: string;
+    created_at: string;
+    updated_at?: string;
+}
+interface Capability {
+    capability_id: string;
+    name: string;
+    description?: string;
+    tools?: Record<string, any>[];
+    risk_levels?: Record<string, any>;
+    approval_requirements?: Record<string, any>;
+    memory_behavior?: Record<string, any>;
+    eval_rules?: Record<string, any>;
+    config?: Record<string, any>;
+    status: string;
+    created_at: string;
+    updated_at?: string;
+}
+interface Checkpoint {
+    checkpoint_id: string;
+    mission_id: string;
+    label?: string;
+    metadata?: Record<string, any>;
+    mission_status?: string;
+    created_at: string;
+}
+interface Intervention {
+    intervention_id: string;
+    intervention_type: string;
+    mission_id?: string;
+    action_id?: string;
+    agent_id?: string;
+    rationale?: string;
+    metadata?: Record<string, any>;
+    actor?: string;
+    created_at: string;
+}
 
 declare class NovyxSession {
     private client;
@@ -561,7 +623,93 @@ declare class Novyx {
         reason?: string;
         approver_id?: string;
     }): Promise<Record<string, any>>;
-    listPolicies(): Promise<PoliciesResult>;
+    listPolicies(opts?: {
+        agent_id?: string;
+    }): Promise<PoliciesResult>;
+    /**
+     * Create or update a custom Control policy.
+     *
+     * Tier requirements:
+     * - draft_policies (Starter+) for any custom policy
+     * - agent_scoped_policies (Pro+) when agent_id is set
+     *
+     * @example
+     * await nx.createPolicy({
+     *   name: "pii_protection",
+     *   description: "Block PII exposure",
+     *   rules: [
+     *     {
+     *       match: "(ssn|social.security|passport)",
+     *       severity: "critical",
+     *       reason: "PII detected: {match}",
+     *     },
+     *   ],
+     *   whitelisted_domains: ["internal.company.com"],
+     * });
+     */
+    createPolicy(params: {
+        name: string;
+        rules: Array<Record<string, any>>;
+        description?: string;
+        step_types?: string[];
+        whitelisted_domains?: string[];
+        enabled?: boolean;
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Get a single policy by name and scope.
+     *
+     * The same policy name can exist at both tenant-wide (no agent_id) and
+     * agent-scoped levels independently. Specify which one you want.
+     */
+    getPolicy(policyName: string, opts?: {
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Update an existing custom policy. Increments version.
+     * agent_id targets the agent-scoped version; omit to update tenant-wide.
+     */
+    updatePolicy(policyName: string, params: {
+        rules: Array<Record<string, any>>;
+        description?: string;
+        step_types?: string[];
+        whitelisted_domains?: string[];
+        enabled?: boolean;
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Disable a custom policy (soft delete).
+     * Built-in policies cannot be deleted.
+     */
+    deletePolicy(policyName: string, opts?: {
+        agent_id?: string;
+    }): Promise<Record<string, any>>;
+    /**
+     * Aggregated governance stats over the audit chain.
+     *
+     * Returns totals (evaluations, executed, pending_review, approved, denied),
+     * violations broken down by policy and agent, and a time-series of activity.
+     *
+     * Tier: governance_dashboard feature (Starter+).
+     *
+     * @example
+     * const dash = await nx.governanceDashboard({ window: "7d" });
+     * console.log(dash.totals);
+     */
+    governanceDashboard(opts?: {
+        window?: "24h" | "7d" | "30d";
+        bucket?: "hour" | "day";
+    }): Promise<Record<string, any>>;
+    /**
+     * Per-agent violation history from the audit chain.
+     *
+     * Tier: governance_dashboard feature (Starter+).
+     */
+    agentViolations(agentId: string, opts?: {
+        limit?: number;
+        since?: string;
+        until?: string;
+    }): Promise<Record<string, any>>;
     explainAction(actionId: string): Promise<Record<string, any>>;
     streamStatus(): Promise<StreamStatusResult>;
     memoryHealth(): Promise<Record<string, any>>;
@@ -576,6 +724,95 @@ declare class Novyx {
     }): Promise<any>;
     /** Check the current Control policy profile. */
     policyCheck(): Promise<any>;
+    createAgent(params: {
+        name: string;
+        provider: "openai" | "anthropic" | "litellm";
+        model: string;
+        agent_id?: string;
+        description?: string;
+        instructions?: string;
+        capabilities?: string[];
+        memory_scope?: string;
+        policy_profile?: Record<string, any>;
+        config?: Record<string, any>;
+    }): Promise<Agent>;
+    getAgent(agentId: string): Promise<Agent>;
+    listAgents(opts?: {
+        status?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    updateAgent(agentId: string, updates: Record<string, any>): Promise<Agent>;
+    deleteAgent(agentId: string): Promise<Record<string, any>>;
+    createMission(params: {
+        agent_id: string;
+        goal: string;
+        constraints?: string[];
+        success_criteria?: string[];
+        allowed_capabilities?: string[];
+        escalation_rules?: Record<string, any>[];
+        stop_conditions?: string[];
+        config?: Record<string, any>;
+    }): Promise<Mission>;
+    getMission(missionId: string): Promise<Mission>;
+    listMissions(opts?: {
+        agent_id?: string;
+        status?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    updateMission(missionId: string, updates: Record<string, any>): Promise<Mission>;
+    deleteMission(missionId: string): Promise<Record<string, any>>;
+    pauseMission(missionId: string): Promise<Mission>;
+    resumeMission(missionId: string): Promise<Mission>;
+    cancelMission(missionId: string): Promise<Mission>;
+    createCapability(params: {
+        name: string;
+        capability_id?: string;
+        description?: string;
+        tools?: Record<string, any>[];
+        risk_levels?: Record<string, any>;
+        approval_requirements?: Record<string, any>;
+        memory_behavior?: Record<string, any>;
+        eval_rules?: Record<string, any>;
+        config?: Record<string, any>;
+    }): Promise<Capability>;
+    getCapability(capabilityId: string): Promise<Capability>;
+    listCapabilities(opts?: {
+        status?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    updateCapability(capabilityId: string, updates: Record<string, any>): Promise<Capability>;
+    deleteCapability(capabilityId: string): Promise<Record<string, any>>;
+    createCheckpoint(missionId: string, opts?: {
+        label?: string;
+        metadata?: Record<string, any>;
+    }): Promise<Checkpoint>;
+    getCheckpoint(checkpointId: string): Promise<Checkpoint>;
+    listCheckpoints(missionId: string, opts?: {
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
+    rollbackToCheckpoint(missionId: string, checkpointId: string, opts?: {
+        reason?: string;
+    }): Promise<Record<string, any>>;
+    createIntervention(params: {
+        intervention_type: string;
+        mission_id?: string;
+        action_id?: string;
+        agent_id?: string;
+        rationale?: string;
+        metadata?: Record<string, any>;
+    }): Promise<Intervention>;
+    getIntervention(interventionId: string): Promise<Intervention>;
+    listInterventions(opts?: {
+        mission_id?: string;
+        agent_id?: string;
+        intervention_type?: string;
+        limit?: number;
+        offset?: number;
+    }): Promise<Record<string, any>>;
 }
 
 declare class NovyxError extends Error {

package/dist/index.js

@@ -673,8 +673,129 @@ var Novyx = class {
     if (opts?.approver_id) params.approver_id = opts.approver_id;
     return this._request("POST", `/v1/approvals/${approvalId}/decision`, { params });
   }
-  async listPolicies() {
-    return this._request("GET", "/v1/control/policies");
+  // ========================================================================
+  // Novyx Control — Policy CRUD (Phase 1 + Phase 5)
+  // ========================================================================
+  async listPolicies(opts) {
+    const params = {};
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    return this._request(
+      "GET",
+      "/v1/control/policies",
+      Object.keys(params).length > 0 ? { params } : void 0
+    );
+  }
+  /**
+   * Create or update a custom Control policy.
+   *
+   * Tier requirements:
+   * - draft_policies (Starter+) for any custom policy
+   * - agent_scoped_policies (Pro+) when agent_id is set
+   *
+   * @example
+   * await nx.createPolicy({
+   *   name: "pii_protection",
+   *   description: "Block PII exposure",
+   *   rules: [
+   *     {
+   *       match: "(ssn|social.security|passport)",
+   *       severity: "critical",
+   *       reason: "PII detected: {match}",
+   *     },
+   *   ],
+   *   whitelisted_domains: ["internal.company.com"],
+   * });
+   */
+  async createPolicy(params) {
+    const body = {
+      name: params.name,
+      description: params.description ?? "",
+      rules: params.rules,
+      enabled: params.enabled ?? true
+    };
+    if (params.step_types !== void 0) body.step_types = params.step_types;
+    if (params.whitelisted_domains !== void 0) body.whitelisted_domains = params.whitelisted_domains;
+    if (params.agent_id !== void 0) body.agent_id = params.agent_id;
+    return this._request("POST", "/v1/control/policies", { body });
+  }
+  /**
+   * Get a single policy by name and scope.
+   *
+   * The same policy name can exist at both tenant-wide (no agent_id) and
+   * agent-scoped levels independently. Specify which one you want.
+   */
+  async getPolicy(policyName, opts) {
+    const params = {};
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    return this._request(
+      "GET",
+      `/v1/control/policies/${policyName}`,
+      Object.keys(params).length > 0 ? { params } : void 0
+    );
+  }
+  /**
+   * Update an existing custom policy. Increments version.
+   * agent_id targets the agent-scoped version; omit to update tenant-wide.
+   */
+  async updatePolicy(policyName, params) {
+    const body = {
+      name: policyName,
+      description: params.description ?? "",
+      rules: params.rules,
+      enabled: params.enabled ?? true
+    };
+    if (params.step_types !== void 0) body.step_types = params.step_types;
+    if (params.whitelisted_domains !== void 0) body.whitelisted_domains = params.whitelisted_domains;
+    if (params.agent_id !== void 0) body.agent_id = params.agent_id;
+    return this._request("PUT", `/v1/control/policies/${policyName}`, { body });
+  }
+  /**
+   * Disable a custom policy (soft delete).
+   * Built-in policies cannot be deleted.
+   */
+  async deletePolicy(policyName, opts) {
+    const params = {};
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    return this._request(
+      "DELETE",
+      `/v1/control/policies/${policyName}`,
+      Object.keys(params).length > 0 ? { params } : void 0
+    );
+  }
+  // ========================================================================
+  // Novyx Control — Governance Dashboard (Phase 4)
+  // ========================================================================
+  /**
+   * Aggregated governance stats over the audit chain.
+   *
+   * Returns totals (evaluations, executed, pending_review, approved, denied),
+   * violations broken down by policy and agent, and a time-series of activity.
+   *
+   * Tier: governance_dashboard feature (Starter+).
+   *
+   * @example
+   * const dash = await nx.governanceDashboard({ window: "7d" });
+   * console.log(dash.totals);
+   */
+  async governanceDashboard(opts) {
+    const params = { window: opts?.window ?? "7d" };
+    if (opts?.bucket !== void 0) params.bucket = opts.bucket;
+    return this._request("GET", "/v1/control/dashboard", { params });
+  }
+  /**
+   * Per-agent violation history from the audit chain.
+   *
+   * Tier: governance_dashboard feature (Starter+).
+   */
+  async agentViolations(agentId, opts) {
+    const params = { limit: opts?.limit ?? 50 };
+    if (opts?.since !== void 0) params.since = opts.since;
+    if (opts?.until !== void 0) params.until = opts.until;
+    return this._request(
+      "GET",
+      `/v1/control/agents/${agentId}/violations`,
+      { params }
+    );
   }
   // ========================================================================
   // Explain Action
@@ -745,6 +866,176 @@ var Novyx = class {
   async policyCheck() {
     return this._controlRequest("GET", "/v1/control/policies");
   }
+  // ========================================================================
+  // Agents (Runtime v2)
+  // ========================================================================
+  async createAgent(params) {
+    const validProviders = ["openai", "anthropic", "litellm"];
+    if (!validProviders.includes(params.provider)) {
+      throw new Error(
+        `Unknown provider '${params.provider}'. Choose 'openai', 'anthropic', or 'litellm' (use litellm for Gemini, Mistral, Cohere, etc.).`
+      );
+    }
+    if (!params.model) {
+      throw new Error("model is required");
+    }
+    const body = {
+      name: params.name,
+      model: params.model,
+      provider: params.provider
+    };
+    if (params.agent_id) body.agent_id = params.agent_id;
+    if (params.description) body.description = params.description;
+    if (params.instructions) body.instructions = params.instructions;
+    if (params.capabilities) body.capabilities = params.capabilities;
+    if (params.memory_scope) body.memory_scope = params.memory_scope;
+    if (params.policy_profile) body.policy_profile = params.policy_profile;
+    if (params.config) body.config = params.config;
+    return this._request("POST", "/v1/agents", { body });
+  }
+  async getAgent(agentId) {
+    return this._request("GET", `/v1/agents/${agentId}`);
+  }
+  async listAgents(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.status) params.status = opts.status;
+    return this._request("GET", "/v1/agents", { params });
+  }
+  async updateAgent(agentId, updates) {
+    return this._request("PATCH", `/v1/agents/${agentId}`, { body: updates });
+  }
+  async deleteAgent(agentId) {
+    return this._request("DELETE", `/v1/agents/${agentId}`);
+  }
+  // ========================================================================
+  // Missions (Runtime v2)
+  // ========================================================================
+  async createMission(params) {
+    const body = {
+      agent_id: params.agent_id,
+      goal: params.goal
+    };
+    if (params.constraints !== void 0) body.constraints = params.constraints;
+    if (params.success_criteria !== void 0) body.success_criteria = params.success_criteria;
+    if (params.allowed_capabilities !== void 0) body.allowed_capabilities = params.allowed_capabilities;
+    if (params.escalation_rules !== void 0) body.escalation_rules = params.escalation_rules;
+    if (params.stop_conditions !== void 0) body.stop_conditions = params.stop_conditions;
+    if (params.config !== void 0) body.config = params.config;
+    return this._request("POST", "/v1/missions", { body });
+  }
+  async getMission(missionId) {
+    return this._request("GET", `/v1/missions/${missionId}`);
+  }
+  async listMissions(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    if (opts?.status) params.status = opts.status;
+    return this._request("GET", "/v1/missions", { params });
+  }
+  async updateMission(missionId, updates) {
+    return this._request("PATCH", `/v1/missions/${missionId}`, { body: updates });
+  }
+  async deleteMission(missionId) {
+    return this._request("DELETE", `/v1/missions/${missionId}`);
+  }
+  async pauseMission(missionId) {
+    return this._request("POST", `/v1/missions/${missionId}/pause`);
+  }
+  async resumeMission(missionId) {
+    return this._request("POST", `/v1/missions/${missionId}/resume`);
+  }
+  async cancelMission(missionId) {
+    return this._request("POST", `/v1/missions/${missionId}/cancel`);
+  }
+  // ========================================================================
+  // Capabilities (Runtime v2)
+  // ========================================================================
+  async createCapability(params) {
+    const body = { name: params.name };
+    if (params.capability_id !== void 0) body.capability_id = params.capability_id;
+    if (params.description !== void 0) body.description = params.description;
+    if (params.tools !== void 0) body.tools = params.tools;
+    if (params.risk_levels !== void 0) body.risk_levels = params.risk_levels;
+    if (params.approval_requirements !== void 0) body.approval_requirements = params.approval_requirements;
+    if (params.memory_behavior !== void 0) body.memory_behavior = params.memory_behavior;
+    if (params.eval_rules !== void 0) body.eval_rules = params.eval_rules;
+    if (params.config !== void 0) body.config = params.config;
+    return this._request("POST", "/v1/capabilities", { body });
+  }
+  async getCapability(capabilityId) {
+    return this._request("GET", `/v1/capabilities/${capabilityId}`);
+  }
+  async listCapabilities(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.status) params.status = opts.status;
+    return this._request("GET", "/v1/capabilities", { params });
+  }
+  async updateCapability(capabilityId, updates) {
+    return this._request("PATCH", `/v1/capabilities/${capabilityId}`, { body: updates });
+  }
+  async deleteCapability(capabilityId) {
+    return this._request("DELETE", `/v1/capabilities/${capabilityId}`);
+  }
+  // ========================================================================
+  // Checkpoints (Runtime v2)
+  // ========================================================================
+  async createCheckpoint(missionId, opts) {
+    const body = {};
+    if (opts?.label !== void 0) body.label = opts.label;
+    if (opts?.metadata !== void 0) body.metadata = opts.metadata;
+    return this._request("POST", `/v1/missions/${missionId}/checkpoints`, { body });
+  }
+  async getCheckpoint(checkpointId) {
+    return this._request("GET", `/v1/checkpoints/${checkpointId}`);
+  }
+  async listCheckpoints(missionId, opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    return this._request("GET", `/v1/missions/${missionId}/checkpoints`, { params });
+  }
+  async rollbackToCheckpoint(missionId, checkpointId, opts) {
+    const body = { checkpoint_id: checkpointId };
+    if (opts?.reason !== void 0) body.reason = opts.reason;
+    return this._request("POST", `/v1/missions/${missionId}/rollback`, { body });
+  }
+  // ========================================================================
+  // Interventions (Runtime v2)
+  // ========================================================================
+  async createIntervention(params) {
+    const body = {
+      intervention_type: params.intervention_type
+    };
+    if (params.mission_id !== void 0) body.mission_id = params.mission_id;
+    if (params.action_id !== void 0) body.action_id = params.action_id;
+    if (params.agent_id !== void 0) body.agent_id = params.agent_id;
+    if (params.rationale !== void 0) body.rationale = params.rationale;
+    if (params.metadata !== void 0) body.metadata = params.metadata;
+    return this._request("POST", "/v1/interventions", { body });
+  }
+  async getIntervention(interventionId) {
+    return this._request("GET", `/v1/interventions/${interventionId}`);
+  }
+  async listInterventions(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.mission_id) params.mission_id = opts.mission_id;
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    if (opts?.intervention_type) params.type = opts.intervention_type;
+    return this._request("GET", "/v1/interventions", { params });
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/index.mjs

@@ -640,8 +640,129 @@ var Novyx = class {
     if (opts?.approver_id) params.approver_id = opts.approver_id;
     return this._request("POST", `/v1/approvals/${approvalId}/decision`, { params });
   }
-  async listPolicies() {
-    return this._request("GET", "/v1/control/policies");
+  // ========================================================================
+  // Novyx Control — Policy CRUD (Phase 1 + Phase 5)
+  // ========================================================================
+  async listPolicies(opts) {
+    const params = {};
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    return this._request(
+      "GET",
+      "/v1/control/policies",
+      Object.keys(params).length > 0 ? { params } : void 0
+    );
+  }
+  /**
+   * Create or update a custom Control policy.
+   *
+   * Tier requirements:
+   * - draft_policies (Starter+) for any custom policy
+   * - agent_scoped_policies (Pro+) when agent_id is set
+   *
+   * @example
+   * await nx.createPolicy({
+   *   name: "pii_protection",
+   *   description: "Block PII exposure",
+   *   rules: [
+   *     {
+   *       match: "(ssn|social.security|passport)",
+   *       severity: "critical",
+   *       reason: "PII detected: {match}",
+   *     },
+   *   ],
+   *   whitelisted_domains: ["internal.company.com"],
+   * });
+   */
+  async createPolicy(params) {
+    const body = {
+      name: params.name,
+      description: params.description ?? "",
+      rules: params.rules,
+      enabled: params.enabled ?? true
+    };
+    if (params.step_types !== void 0) body.step_types = params.step_types;
+    if (params.whitelisted_domains !== void 0) body.whitelisted_domains = params.whitelisted_domains;
+    if (params.agent_id !== void 0) body.agent_id = params.agent_id;
+    return this._request("POST", "/v1/control/policies", { body });
+  }
+  /**
+   * Get a single policy by name and scope.
+   *
+   * The same policy name can exist at both tenant-wide (no agent_id) and
+   * agent-scoped levels independently. Specify which one you want.
+   */
+  async getPolicy(policyName, opts) {
+    const params = {};
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    return this._request(
+      "GET",
+      `/v1/control/policies/${policyName}`,
+      Object.keys(params).length > 0 ? { params } : void 0
+    );
+  }
+  /**
+   * Update an existing custom policy. Increments version.
+   * agent_id targets the agent-scoped version; omit to update tenant-wide.
+   */
+  async updatePolicy(policyName, params) {
+    const body = {
+      name: policyName,
+      description: params.description ?? "",
+      rules: params.rules,
+      enabled: params.enabled ?? true
+    };
+    if (params.step_types !== void 0) body.step_types = params.step_types;
+    if (params.whitelisted_domains !== void 0) body.whitelisted_domains = params.whitelisted_domains;
+    if (params.agent_id !== void 0) body.agent_id = params.agent_id;
+    return this._request("PUT", `/v1/control/policies/${policyName}`, { body });
+  }
+  /**
+   * Disable a custom policy (soft delete).
+   * Built-in policies cannot be deleted.
+   */
+  async deletePolicy(policyName, opts) {
+    const params = {};
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    return this._request(
+      "DELETE",
+      `/v1/control/policies/${policyName}`,
+      Object.keys(params).length > 0 ? { params } : void 0
+    );
+  }
+  // ========================================================================
+  // Novyx Control — Governance Dashboard (Phase 4)
+  // ========================================================================
+  /**
+   * Aggregated governance stats over the audit chain.
+   *
+   * Returns totals (evaluations, executed, pending_review, approved, denied),
+   * violations broken down by policy and agent, and a time-series of activity.
+   *
+   * Tier: governance_dashboard feature (Starter+).
+   *
+   * @example
+   * const dash = await nx.governanceDashboard({ window: "7d" });
+   * console.log(dash.totals);
+   */
+  async governanceDashboard(opts) {
+    const params = { window: opts?.window ?? "7d" };
+    if (opts?.bucket !== void 0) params.bucket = opts.bucket;
+    return this._request("GET", "/v1/control/dashboard", { params });
+  }
+  /**
+   * Per-agent violation history from the audit chain.
+   *
+   * Tier: governance_dashboard feature (Starter+).
+   */
+  async agentViolations(agentId, opts) {
+    const params = { limit: opts?.limit ?? 50 };
+    if (opts?.since !== void 0) params.since = opts.since;
+    if (opts?.until !== void 0) params.until = opts.until;
+    return this._request(
+      "GET",
+      `/v1/control/agents/${agentId}/violations`,
+      { params }
+    );
   }
   // ========================================================================
   // Explain Action
@@ -712,6 +833,176 @@ var Novyx = class {
   async policyCheck() {
     return this._controlRequest("GET", "/v1/control/policies");
   }
+  // ========================================================================
+  // Agents (Runtime v2)
+  // ========================================================================
+  async createAgent(params) {
+    const validProviders = ["openai", "anthropic", "litellm"];
+    if (!validProviders.includes(params.provider)) {
+      throw new Error(
+        `Unknown provider '${params.provider}'. Choose 'openai', 'anthropic', or 'litellm' (use litellm for Gemini, Mistral, Cohere, etc.).`
+      );
+    }
+    if (!params.model) {
+      throw new Error("model is required");
+    }
+    const body = {
+      name: params.name,
+      model: params.model,
+      provider: params.provider
+    };
+    if (params.agent_id) body.agent_id = params.agent_id;
+    if (params.description) body.description = params.description;
+    if (params.instructions) body.instructions = params.instructions;
+    if (params.capabilities) body.capabilities = params.capabilities;
+    if (params.memory_scope) body.memory_scope = params.memory_scope;
+    if (params.policy_profile) body.policy_profile = params.policy_profile;
+    if (params.config) body.config = params.config;
+    return this._request("POST", "/v1/agents", { body });
+  }
+  async getAgent(agentId) {
+    return this._request("GET", `/v1/agents/${agentId}`);
+  }
+  async listAgents(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.status) params.status = opts.status;
+    return this._request("GET", "/v1/agents", { params });
+  }
+  async updateAgent(agentId, updates) {
+    return this._request("PATCH", `/v1/agents/${agentId}`, { body: updates });
+  }
+  async deleteAgent(agentId) {
+    return this._request("DELETE", `/v1/agents/${agentId}`);
+  }
+  // ========================================================================
+  // Missions (Runtime v2)
+  // ========================================================================
+  async createMission(params) {
+    const body = {
+      agent_id: params.agent_id,
+      goal: params.goal
+    };
+    if (params.constraints !== void 0) body.constraints = params.constraints;
+    if (params.success_criteria !== void 0) body.success_criteria = params.success_criteria;
+    if (params.allowed_capabilities !== void 0) body.allowed_capabilities = params.allowed_capabilities;
+    if (params.escalation_rules !== void 0) body.escalation_rules = params.escalation_rules;
+    if (params.stop_conditions !== void 0) body.stop_conditions = params.stop_conditions;
+    if (params.config !== void 0) body.config = params.config;
+    return this._request("POST", "/v1/missions", { body });
+  }
+  async getMission(missionId) {
+    return this._request("GET", `/v1/missions/${missionId}`);
+  }
+  async listMissions(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    if (opts?.status) params.status = opts.status;
+    return this._request("GET", "/v1/missions", { params });
+  }
+  async updateMission(missionId, updates) {
+    return this._request("PATCH", `/v1/missions/${missionId}`, { body: updates });
+  }
+  async deleteMission(missionId) {
+    return this._request("DELETE", `/v1/missions/${missionId}`);
+  }
+  async pauseMission(missionId) {
+    return this._request("POST", `/v1/missions/${missionId}/pause`);
+  }
+  async resumeMission(missionId) {
+    return this._request("POST", `/v1/missions/${missionId}/resume`);
+  }
+  async cancelMission(missionId) {
+    return this._request("POST", `/v1/missions/${missionId}/cancel`);
+  }
+  // ========================================================================
+  // Capabilities (Runtime v2)
+  // ========================================================================
+  async createCapability(params) {
+    const body = { name: params.name };
+    if (params.capability_id !== void 0) body.capability_id = params.capability_id;
+    if (params.description !== void 0) body.description = params.description;
+    if (params.tools !== void 0) body.tools = params.tools;
+    if (params.risk_levels !== void 0) body.risk_levels = params.risk_levels;
+    if (params.approval_requirements !== void 0) body.approval_requirements = params.approval_requirements;
+    if (params.memory_behavior !== void 0) body.memory_behavior = params.memory_behavior;
+    if (params.eval_rules !== void 0) body.eval_rules = params.eval_rules;
+    if (params.config !== void 0) body.config = params.config;
+    return this._request("POST", "/v1/capabilities", { body });
+  }
+  async getCapability(capabilityId) {
+    return this._request("GET", `/v1/capabilities/${capabilityId}`);
+  }
+  async listCapabilities(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.status) params.status = opts.status;
+    return this._request("GET", "/v1/capabilities", { params });
+  }
+  async updateCapability(capabilityId, updates) {
+    return this._request("PATCH", `/v1/capabilities/${capabilityId}`, { body: updates });
+  }
+  async deleteCapability(capabilityId) {
+    return this._request("DELETE", `/v1/capabilities/${capabilityId}`);
+  }
+  // ========================================================================
+  // Checkpoints (Runtime v2)
+  // ========================================================================
+  async createCheckpoint(missionId, opts) {
+    const body = {};
+    if (opts?.label !== void 0) body.label = opts.label;
+    if (opts?.metadata !== void 0) body.metadata = opts.metadata;
+    return this._request("POST", `/v1/missions/${missionId}/checkpoints`, { body });
+  }
+  async getCheckpoint(checkpointId) {
+    return this._request("GET", `/v1/checkpoints/${checkpointId}`);
+  }
+  async listCheckpoints(missionId, opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    return this._request("GET", `/v1/missions/${missionId}/checkpoints`, { params });
+  }
+  async rollbackToCheckpoint(missionId, checkpointId, opts) {
+    const body = { checkpoint_id: checkpointId };
+    if (opts?.reason !== void 0) body.reason = opts.reason;
+    return this._request("POST", `/v1/missions/${missionId}/rollback`, { body });
+  }
+  // ========================================================================
+  // Interventions (Runtime v2)
+  // ========================================================================
+  async createIntervention(params) {
+    const body = {
+      intervention_type: params.intervention_type
+    };
+    if (params.mission_id !== void 0) body.mission_id = params.mission_id;
+    if (params.action_id !== void 0) body.action_id = params.action_id;
+    if (params.agent_id !== void 0) body.agent_id = params.agent_id;
+    if (params.rationale !== void 0) body.rationale = params.rationale;
+    if (params.metadata !== void 0) body.metadata = params.metadata;
+    return this._request("POST", "/v1/interventions", { body });
+  }
+  async getIntervention(interventionId) {
+    return this._request("GET", `/v1/interventions/${interventionId}`);
+  }
+  async listInterventions(opts) {
+    const params = {
+      limit: opts?.limit ?? 100,
+      offset: opts?.offset ?? 0
+    };
+    if (opts?.mission_id) params.mission_id = opts.mission_id;
+    if (opts?.agent_id) params.agent_id = opts.agent_id;
+    if (opts?.intervention_type) params.type = opts.intervention_type;
+    return this._request("GET", "/v1/interventions", { params });
+  }
 };
 export {
   Novyx,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "novyx",
-  "version": "2.11.0",
+  "version": "3.1.0",
   "description": "Novyx SDK - Persistent memory, rollback, and audit trail for AI agents",
   "main": "dist/index.js",
   "module": "dist/index.mjs",