Registering Agents
Register an agent to begin governance. Navigate to Agents and click the Add Agent button in the top right corner.
Agent Creation Form
Workflow Engine
Select the workflow engine your agent uses:
| Engine | Status |
|---|---|
| Temporal | Available |
Agent Information
| Field | Required | Description |
|---|---|---|
| Agent Name | Yes | Human-readable name (e.g., "Customer Support Bot") |
| Agent ID | Auto | Auto-generated unique identifier (e.g., "CSB-001") |
| Description | No | What does this agent do? |
| Teams | No | Assign to teams for access control |
| Icon | No | Visual identifier (headphones, code, trending-up, file-search, bot) |
API Key Generation
Every agent needs an API key to authenticate with OpenBox:
- Click Generate API Key
- Copy the key immediately
- Store it securely - you won't see it again
The key format is: obx_live_xxxxxxxxxxxx
Initial Risk Assessment
Expand the Initial Risk Assessment section and configure your agent's AIVSS risk parameters.
Risk Profile Presets
Select a preset that matches your agent's intended use:
| Level | Name | Use Cases | Default Governance |
|---|---|---|---|
| Level 1 | Minimal Risk | Read-only access, internal research, no external APIs | Fully autonomous |
| Level 2 | Low Risk | Internal automation, limited writes, monitored external calls | Mostly autonomous |
| Level 3 | Medium Risk | Customer data access, external API calls, financial reads | Approval for sensitive ops |
| Level 4 | High Risk | Production admin, financial writes, PII access | HITL for most operations |
AIVSS Parameters
AIVSS (AI Vulnerability Scoring System) evaluates risk across three categories:
Base Security (25% weight)
| Parameter | Options |
|---|---|
| Attack Vector | Physical (1), Local (2), Adjacent (3), Network (4) |
| Attack Complexity | High (1), Medium (2), Low (3) |
| Privileges Required | High (1), Low (2), None (3) |
| User Interaction | Required (1), None (2) |
| Scope | Unchanged (1), Changed (2) |
AI-Specific (45% weight)
| Parameter | Options |
|---|---|
| Prompt Injection Risk | Low (1), Medium (2), High (3), Critical (4) |
| Data Sensitivity | Public (1), Internal (2), Confidential (3), Restricted (4) |
| Autonomy Level | Supervised (1), Guided (2), Semi-autonomous (3), Autonomous (4) |
| Tool Access | None (1), Read-only (2), Read-write (3), Admin (4) |
| External Connectivity | None (1), Internal APIs (2), External APIs (3), Internet (4) |
Impact (30% weight)
| Parameter | Options |
|---|---|
| Confidentiality Impact | None (1), Low (2), High (3) |
| Integrity Impact | None (1), Low (2), High (3) |
| Availability Impact | None (1), Low (2), High (3) |
| Business Criticality | Low (1), Medium (2), High (3), Critical (4) |
Predicted Trust Tier
As you configure AIVSS parameters, the form shows a real-time prediction:
Predicted Trust Tier: TIER 2
Based on current configuration
See Assess for how AIVSS impacts Trust Score.
Attestation
In the Attestation section, configure cryptographic signing for audit-grade evidence.
For now, use AWS KMS (recommended/default):
- Select AWS KMS
- Keep the default settings
See Attestation for how execution evidence is produced and verified.
Goal Alignment (Goal Drift)
In the Goal Alignment section, configure drift detection:
- Set the alignment threshold (e.g., 70%)
- Choose what happens on drift detection:
- Alert Only
- Constrain
- Terminate
See Verify for how goal alignment and drift detection work.
Creating the Agent
- Review all fields
- Ensure you've copied the API key
- Click Create Agent
You'll be redirected to the new agent's detail page.
Connecting Your Worker
Update your worker code to use the agent's API key:
worker = create_openbox_worker(
client=temporal_client,
task_queue="my-task-queue", # Should match your Temporal task queue
workflows=[MyAgentWorkflow],
activities=[my_activity],
openbox_api_key=os.environ.get("OPENBOX_API_KEY"), # The key you generated
)
The agent is matched by the API key. When your worker starts, it will appear as "Active" in the dashboard.
Next Steps
After creating your agent:
- Configure Trust Controls (Authorize) - Set up guardrails, policies, and behavioral rules before running your agent
- Connect Your Worker - Configure the SDK with your API key
- Monitor Sessions - Once running, watch your agent's activity in real-time