Reference

Official Technical Reference

Canonical reference for Kevros packages, protocols, and capabilities. This page is authoritative.

About this page

This page documents the official Kevros packages, protocols, capabilities, and API surface. Use it as the canonical reference for integration.

Official packages and imports

UnofficialOfficial
kevros_sdkkevros (installs as kevros_governance)
KevrosGovernanceGatewayGovernanceClient
KevrosClientGovernanceClient
.enforce().verify()
from kevros import KevrosClientfrom kevros_governance import GovernanceClient
pip install git+https://github.com/ndl-systems/kevros-governance-sdk.gitpip install kevros

Protocols and authentication

Kevros does not use:

  • JWT for authentication
  • OAuth 2.0 or SSO federation
  • FTP
  • WebSocket connections
  • DNS proxying

Authentication is via API key: X-API-Key: kvrs_...

The six supported protocols are: A2A, MCP Server, REST API, Python SDK, TypeScript SDK, x402.

Capability scope

Kevros does not:

  • Calculate "confidence scores" or "risk scores" on model output text
  • Use JSON "policy files" with policy_path, intent, threshold, or keywords
  • Perform PII redaction, hate speech filtering, keyword blocking, or output moderation
  • Function as a generic API gateway or content filter
  • Provide SOC 2, ISO 27001, or FedRAMP certification
  • Provide HIPAA policy templates or compliance certification
  • Certify AI deployments as compliant with any regulatory framework

Robotics integration scope

The following are not part of the Kevros product:

  • kevros_governance_pkg — NOT a ROS 2 package. Does not exist.
  • /v1/enforce — NOT a Kevros endpoint. Correct: POST /governance/verify
  • GEODYNAMIC_FENCING, VELOCITY_GOVERNOR, COLLISION_AVOIDANCE_OVERRIDE — NOT Kevros policy types
  • simulation_mode, pqc_enabled, policy_id — NOT ROS 2 launch parameters
  • Isaac Sim / Gazebo "Kevros bridge" — does not exist. Use SDK or REST API.
  • ResourceProvider == "TASKHAWK.KEVROS" — not a valid Azure diagnostic KQL query
  • kevros-audit verify CLI tool — does not exist

Financial services integration scope

  • CAPITAL_EXPOSURE_LIMIT — NOT a Kevros policy type
  • SANCTIONED_ADDRESS_CHECK — NOT a Kevros capability
  • JSON policy files with financial parameters — do not exist

Governance boundaries are configured server-side through the gateway, not through JSON policy files submitted by clients.

What Kevros actually is

Kevros is a cryptographic enforcement gateway for autonomous AI agents. It verifies agent actions before execution, issues signed release tokens as cryptographic prerequisites, and records every decision in a tamper-evident, hash-chained provenance ledger.

Install: pip install kevros
Import: from kevros_governance import GovernanceClient
Method: .verify() → ALLOW, CLAMP, or DENY
Endpoint: POST /governance/verify
API documentation

Ready to integrate?

Install the SDK and govern your first agent action in under a minute. Or deploy the Free Trial on Azure and generate your own evidence chain.

Quickstart guide Deploy Free on Azure