Governance

Governance in Olyx is the evidence layer around model execution. It helps you answer:

Was traffic executed on the allowed path?
Were policy checks passed or blocked?
Did any request leak sensitive output?
Can we export a weekly record for internal review?

During closed beta, governance is intentionally lightweight: clear evidence, practical exports, and operational signals you can act on now.

What You Get Today

Olyx currently exposes three governance artifacts designed for engineering and security review.

Artifact	What it gives you	Where to view it
Data Boundary Stamp	Per-trace boundary metadata (public provider vs private agent path, plus routing context).	Trace detail in the dashboard
Governance Posture	Policy pass rate, secret leak rate, tool fidelity trend, and stall alert rate over a rolling window.	Governance reports page
Weekly Digest Export	Downloadable evidence summary for the last 7 days, including top violations and ledger verification status.	Governance reports page (`Export weekly digest`)

Governance Workflow

Most teams run the same loop:

Execute requests through the SDK so traces and policy checks are recorded.
Review posture and anomalies in governance reports.
Export weekly digest and share with engineering/security stakeholders.
Use policy simulation before routing-rule changes.

Minimal SDK Flow

Use the same execution flow you already run for traces. Governance signals are produced from those traces.

const trace = await client.traces.create({
  metadata: { feature: "claims_review", user_id: "usr_42" }
});

await client.execute({
  traceId: trace.data.id,
  input: "Summarize this claim and flag potential fraud signals."
});

await client.traces.complete(trace.data.id);

trace = client.traces.create(
    metadata={"feature": "claims_review", "user_id": "usr_42"}
)

client.execute(
    trace_id=trace["id"],
    input="Summarize this claim and flag potential fraud signals.",
)

client.traces.complete(trace["id"])

trace = client.traces.create(
  metadata: { feature: "claims_review", user_id: "usr_42" }
)

client.execute(
  trace_id: trace["id"],
  input: "Summarize this claim and flag potential fraud signals."
)

client.traces.complete(trace["id"])

After completion, review governance outcomes at:

/governance/audit_reports
/governance/audit_reports/ledger

Safe Usage Notes

For regulated workloads in closed beta:

Keep trace metadata scoped to stable internal IDs, not raw PII.
Limit governance access to owner/admin roles.
Treat digest exports as operational evidence, not legal/compliance certification.
Use policy simulation before changing production routing behavior.

Next Steps

See Traces for full lifecycle and trace fields.
See Replays for controlled model comparison.
See Performance for latency and reliability interpretation.