> ## Documentation Index
> Fetch the complete documentation index at: https://docs.xenovia.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Xenovia Docs

> Runtime governance for AI agents with policy enforcement, session-linked traces, and approval-aware controls.

# Govern agent behavior without rebuilding your stack

Xenovia gives you a control layer for agent runtimes. Route model traffic through an OpenAI-compatible proxy, or gate non-LLM actions with the Xenovia SDK, and enforce policy without rewriting your application architecture.

<CardGroup cols={2}>
  <Card title="Quickstart" icon="rocket" href="/getting-started/quickstart">
    Route one request through Xenovia, confirm trace headers, and add your first policy.
  </Card>

  <Card title="Choose an integration" icon="plug" href="/integrations/overview">
    Pick the right path for OpenAI SDK, LangChain, LlamaIndex, Vercel AI SDK, Agents SDK, or the Xenovia SDK.
  </Card>

  <Card title="Policies and Approvals" icon="scale-balanced" href="/platform/policies-and-approvals">
    Write request and response policies in Rego, then decide when to block, redact, or escalate.
  </Card>

  <Card title="Trace and investigate" icon="route" href="/platform/traces-and-remediation">
    Track each call with session IDs, tool activity, policy outcomes, and remediation context.
  </Card>
</CardGroup>

## Two ways to integrate

<CardGroup cols={2}>
  <Card title="Proxy mode" icon="shuffle" href="/getting-started/quickstart">
    Point any OpenAI-compatible client at Xenovia. You keep your prompts, tools, and framework code, while Xenovia adds policy evaluation, provider routing, session tracking, and traces.
  </Card>

  <Card title="Python SDK" icon="python" href="/integrations/xenovia-sdk">
    Gate tool calls, file writes, API requests, or database mutations that happen outside the model call itself. Use `execute()` for one-off checks or `@guard()` to wrap functions.
  </Card>
</CardGroup>

## What Xenovia adds

* Request-stage and response-stage Rego policy enforcement
* Session-linked traces with turn counts and request headers for correlation
* Central provider credentials and upstream routing
* Tool visibility, block reasons, and escalation handoff points
* Optional semantic intent checks before risky requests proceed

## Recommended reading order

<Steps>
  <Step title="1. Pick your path">
    Start with [Getting Started](/getting-started/overview) to decide between proxy mode and SDK mode.
  </Step>

  <Step title="2. Prove the plumbing">
    Run the [Quickstart](/getting-started/quickstart) and confirm a trace appears for a known request.
  </Step>

  <Step title="3. Add controls">
    Move to [Policies and Approvals](/platform/policies-and-approvals) and start with one rule that blocks or redacts something concrete.
  </Step>

  <Step title="4. Expand observability">
    Use [Traces and Remediation](/platform/traces-and-remediation) to group sessions, add custom properties, and investigate drift.
  </Step>
</Steps>

## What Xenovia records

* Request and response bodies, token counts, latency, and TTFT
* Session ID, session turn, session path, and trace linkage
* Tool names, arguments, and results when present
* Policy outcomes, reasons, and intent actions
* Custom request metadata via `X-Xenovia-Property-*` headers