> ## Documentation Index
> Fetch the complete documentation index at: https://docs.visiqlabs.com/llms.txt
> Use this file to discover all available pages before exploring further.

# VisIQ — AI Agent Governance SDK

> Control what your AI agents can do, see, and prove they did. One import, one function call.

AI agents call tools and retrieve context with no runtime governance. VisIQ fixes that in two lines of code.

```diff theme={null}
+ import { visiq } from "@visiq/harness";

- const executor = new AgentExecutor({ agent, tools });
+ const executor = visiq(new AgentExecutor({ agent, tools }));
```

That's the entire integration. Your `executor.invoke()` calls work unchanged — but every tool call and every retrieved document now flows through policy evaluation, and every decision lands in a signed audit trail.

<Note>
  The SDK ships for **TypeScript** (`@visiq/harness`) and **Python** (`visiq`).
  From a language without an SDK, call the REST API directly — see the
  [action governance API reference](/rules/action/api-reference).
</Note>

***

## What activates

<CardGroup cols={3}>
  <Card title="Action Governance" icon="shield-check" href="/rules/action/introduction">
    Controls what agents can **do**. Every tool call is evaluated against your rules before it executes — permit it, deny it, mask sensitive arguments and proceed, or route it to a human for approval over Slack, Microsoft Teams, or email.
  </Card>

  <Card title="Retrieval Governance" icon="shield-halved" href="/rules/retrieval/introduction">
    Controls what agents can **see**. Every retrieved document is evaluated before it reaches the agent's context window — allowed, denied, redacted field-by-field, or escalated to a human.
  </Card>

  <Card title="Audit Trail" icon="file-signature" href="/record/introduction">
    Proves what agents **did**. Every decision emits a signed record envelope — Ed25519 receipts, Merkle-batched into a hash-chained, checkpoint-signed transparency log with RFC 3161 timestamps.
  </Card>
</CardGroup>

All three activate from the single `visiq()` call. There is no additional code, configuration, or per-tool wrapping — and you're covered before you write your first rule: every tenant starts with a curated catalog of 29 default rules built on a business-function × trust-tier need-to-know matrix.

<Note>
  **Monitor first, enforce when confident.** A new agent is auto-provisioned in
  **monitor** mode on its first contact: every decision is evaluated and
  audited, but nothing is blocked yet. Each agent's mode **inherits an org-wide
  default** (`monitor` out of the box) or is overridden per agent — even per
  operation — on the dashboard's **Harness → Agents** page, and the SDK picks up
  the change within seconds. Zero-disruption rollout is the default, not an
  afterthought.
</Note>

***

## How it works

<Steps>
  <Step title="visiq() detects your framework">
    The harness inspects the target object. It recognizes LangChain `AgentExecutor` and LangGraph `CompiledGraph`, plus agent instances from the **Vercel AI SDK**, **Mastra**, the **OpenAI Agents SDK**, **LlamaIndex.TS**, **VoltAgent**, and a **Semantic Kernel** `Kernel` — or a standalone tool object. CLI agents are covered by dedicated harnesses for [OpenClaw](/quickstart/openclaw) and [Claude Code](/quickstart/claude-code).
  </Step>

  <Step title="Action governance wraps the tool itself">
    Framework callbacks can't block — in LangChain, a throwing callback is logged and the tool runs anyway. So VisIQ wraps each tool's dispatch method (`invoke`/`call`/`_call`, or `execute`) in place, where a deny actually stops execution — the streaming path is governed identically. Each proposed call is evaluated in-process against a locally cached rule bundle: once the first bundle loads, the decision path makes no network round-trip — waiting on a human approval is the only exception.
  </Step>

  <Step title="Retrieval governance instruments retrievers in place">
    The harness finds your retrievers and document-returning tools and instruments them. Every returned document passes through policy evaluation — content and metadata — before the agent sees it.
  </Step>

  <Step title="Audit trail captures every decision">
    Each decision emits a record envelope. Receipts are Ed25519-signed asynchronously, Merkle-batched into a hash-chained checkpoint log, and timestamped by an RFC 3161 authority. Verify any envelope via `GET /record/envelopes/{id}/verify`.
  </Step>
</Steps>

***

## Install

```bash theme={null}
npm install @visiq/harness
```

```bash .env theme={null}
VISIQ_API_KEY=vq_prod_...
VISIQ_ENDPOINT=https://api.visiqlabs.com
```

Mint a harness key in the dashboard under **Settings → Harness Keys** (`vq_prod_...` for production, `vq_test_...` for everything else). The harness reads `VISIQ_API_KEY`, `VISIQ_ENDPOINT`, and (optionally) `VISIQ_AGENT_ID` from environment variables automatically; options passed to `visiq()` take precedence. If you don't set an agent id, the SDK derives one from your package name (then hostname), and the backend auto-provisions it in monitor mode on first contact.

<Warning>
  There is no default endpoint. If `VISIQ_ENDPOINT` is unset, the SDK never
  loads a rule bundle, so its mode is never confirmed and it cold-starts in
  `monitor` — nothing is blocked, and nothing is actually governed. Set it
  explicitly. (An agent already confirmed in enforce that loses its bundle
  stays fail-closed and denies.)
</Warning>

***

## Next steps

<CardGroup cols={2}>
  <Card title="Quickstart" icon="rocket" href="/quickstart">
    Full working example with tools and a retriever — 5 minutes.
  </Card>

  <Card title="SDK Reference" icon="book" href="/reference">
    Complete `visiq()` API — options, framework detection, error behavior.
  </Card>
</CardGroup>
