guides
Intended Documentation
Runtime Integrations
Connect Intended to coding agents, OpenShell, NemoClaw, MCP gateways, and internal workflows without weakening fail-closed enforcement.
Runtime Integrations#
Intended is the authority plane for agent runtimes. It does not replace the runtime itself. It normalizes runtime actions into MIR, evaluates policy, issues a signed authority decision token, and records the execution result in the audit chain.
Use this page to choose the right integration path.
Supported patterns#
1. Runtime submits directly to Intended#
Use this when your runtime can call the Intended API before execution.
- submit the action to
POST /intent - receive
ALLOW,DENY, orESCALATE - present the authority token at execution time
- record the outcome through the execution path
This is the strongest path when you control the runtime integration code.
2. Runtime is governed through an adapter#
Use this when the runtime has its own execution boundary and you need a translation layer.
- Intended evaluates the requested action
- the adapter translates the approved scope into runtime-native controls
- the runtime executes only inside the approved boundary
This is the pattern used by the OpenShell / NemoClaw adapter.
3. Runtime is governed through a gateway#
Use this when actions arrive as tool calls or brokered requests.
- gateway normalizes requests into MIR
- Intended evaluates once
- gateway enforces the resulting decision
This is the pattern used by the MCP gateway.
Current runtime surfaces#
| Surface | Integration mode | Status |
|---|---|---|
| NVIDIA OpenShell / NVIDIA NemoClaw | adapter / policy compilation | reference integration |
| Codex / CLI agents | direct runtime + adapter pattern | reference integration |
| MCP Gateway | gateway | available |
| Internal workflows | direct runtime | available |
What Intended does#
- classifies runtime actions into MIR
- evaluates customer policy and risk thresholds
- issues scoped authority tokens
- supports escalation and approvals
- preserves audit lineage
What Intended does not do#
- Intended does not take ownership of the third-party runtime
- Intended does not modify upstream licensing or terms
- Intended does not guarantee the security posture of upstream alpha software
- Intended does not remove the customer's responsibility to harden the runtime, credentials, or allowed endpoints