DocsSet up LatentOps, connect agent runtime checks, enforce decisions, and operate the dashboard.
Search docs...Ctrl K
Get started/API

Review each tool call before execution.

Send the proposed action, context, policy, trajectory, and model metadata to the runtime API, then enforce the returned intervention.

Documentation Index

Use the sections in the left rail to move from quickstart to API, integrations, and production operations.

Hosted APIhttps://api.latentops.spaceAPI
04

Runtime checks

A runtime check is one pre-tool-call review. LatentOps is not only a log destination; the call must happen before the tool runs.

bash
curl -X POST https://api.latentops.space/v1/runtime/review \
  -H "Content-Type: application/json" \
  -H "X-API-Key: lo_your_tenant_key_here" \
  -d '{
    "prompt": "Apply infrastructure changes",
    "tool_name": "run_shell",
    "tool_args": {
      "command": "terraform apply -auto-approve"
    },
    "repo_context": {
      "branch": "main",
      "production_environment": true,
      "protected_paths": ["infra", ".github", ".env"]
    },
    "policy": "balanced",
    "log_event": true,
    "model_provider": "openai",
    "model_name": "gpt-5-mini",
    "agent_framework": "github-actions",
    "environment": "production"
  }'
05

Request fields

Send enough context for the policy to reason about the action. Minimal integrations can start with prompt, tool_name, tool_args, policy, and log_event. Production integrations should also send workspace context, trajectory, and model/framework metadata.

prompt

Task, plan, user instruction, issue text, or model message that led to the proposed tool call.

tool_name and tool_args

Tool identifier and arguments. For shell commands, include tool_args.command.

repo_context

Workspace or repository context: protected resources, data scope, changed files, CI state, production environment, secrets, and deployment context.

trajectory

Recent agent steps, tool results, retries, failed tests, prior warnings, or signs of drift.

policy

Policy profile such as balanced. Policies determine whether risk becomes warn, block, or escalate.

metadata

model_provider, model_name, agent_framework, integration, environment, agent_id, and agent_name.

06

Response shape

Store the event for traceability, but enforce the intervention object. The exact evidence varies by policy and action context.

json
{
  "event": {
    "decision": "block",
    "risk_score": 0.93,
    "tool_name": "run_shell",
    "policy": "balanced",
    "metadata": {
      "model_metadata": {
        "model_provider": "openai",
        "model_name": "gpt-5-mini",
        "agent_framework": "github-actions",
        "environment": "production"
      }
    }
  },
  "intervention": {
    "decision": "block",
    "risk_score": 0.93,
    "recommended_control": "Do not execute. Ask a human reviewer.",
    "evidence": [
      "Destructive shell command",
      "Production environment",
      "Protected path"
    ]
  },
  "incident": {}
}
07

Enforcement

Decide fail behavior before production. Use fail closed for deployment, secrets, production config, migrations, and destructive shell actions.

allow

Execute the proposed tool call.

warn

Execute only with a visible warning and audit trail.

block

Do not execute the tool call.

escalate

Require human approval before the action can proceed.

19

Endpoint reference

The main production integration path is the runtime review endpoint. The other endpoints support dashboard data, incidents, audits, provider keys, model traces, and policy management.

POST /v1/runtime/review

Review a proposed tool action before the AI system executes it.

GET /v1/runtime/tool-taxonomy

List action categories, sensitivity levels, and default controls.

GET /v1/dashboard/live

Fetch recent runtime checks, incidents, summaries, and model counts.

GET /v1/incidents

List incidents created from blocked or escalated checks.

POST /v1/incidents/{id}/approve

Approve an escalated action and close the pending approval.

POST /v1/incidents/{id}/reject

Reject an escalated action and retain the audit evidence.

PATCH /v1/incidents/{id}

Resolve or update an incident after operator review.

GET /v1/reports/audit.md

Export markdown audit evidence for a workspace.

GET/POST /v1/model-providers/keys

List or store encrypted OpenAI and Anthropic keys for managed live calls.

GET/POST /v1/model-runs

List or run provider model calls and record them as traces.

GET/POST /v1/policies

View policies, create drafts, test rules, publish, and approve.

POST /v1/policies/import

Import YAML or JSON policy text as a workspace draft, with optional publish.

GET /v1/policies/{id}/export

Export a saved policy version as YAML or JSON for source control.

GET /v1/policies/templates

Fetch built-in templates for engineering, support, finance, cloud, and external messaging workflows.

POST /v1/policies/templates/{id}/draft

Create a workspace draft policy from a built-in template.

GET /v1/benchmarks/datasets

List available benchmark datasets that can be selected in the dashboard.

GET /v1/benchmarks/results

Run a bounded benchmark comparison using dataset, limit, and policy query parameters.

POST /v1/benchmarks/run

Run the same comparison with a JSON body for API clients and internal tooling.