Agents

What agents are, how they work, and how governance applies

Agents

An agent is an autonomous worker with:

  • A system prompt
  • A selected model (OpenAI, Anthropic, etc.)
  • An allowed tool set from the Nexus registry
  • Operational status (active, inactive, draft)

Every tool call passes through policy evaluation before execution. BLOCK decisions are audited before the agent receives an error. This is not prompt-only filtering.

ReAct execution loop

1. Receive prompt
2. Reason (LLM)
3. Policy gate on proposed tool
4. Call tool(s) if ALLOW
5. Observe tool output
6. Repeat until done
7. Return final text + reasoning trace + audit IDs

Create and execute (server-side)

import { executeAgent } from '@nexus/ai'

const result = await executeAgent({
  agentId: 'agent-id',
  tenantId: 'tenant-id',
  userPrompt: 'Summarize open exceptions and flag anything overdue',
})

Approval-gated tools

High- and critical-risk tools return APPROVAL_REQUIRED on production tenants before execution:

if (tool.riskLevel === 'critical' && !approvalId) {
  return { code: 'APPROVAL_REQUIRED', approvalId }
}

Sandbox tenants may auto-wait for demo flows; production requires human resolution in Approvals.

Kill switch

Operators can halt an agent via Kill Switch v2: credential revoke, Redis broadcast, and in-flight abort. See Security & Compliance.

See Executions for trace format and Tools for the registry.