Zum Inhalt springen
NeoXamAgents

Glossary

The vocabulary of governed AI

Every term, defined in plain language and grounded in how it works inside an agentic platform built for investment operations.

A

  • Agent catalog

    An agent catalog is a governed registry of every agent, tool, skill and environment an organization can run. In a Git-backed catalog, every change goes through pull-request review, every version is recorded, and nothing outside the catalog can execute — making the AI fleet reviewable like source code.

  • Agent descriptor

    An agent descriptor is the versioned file — typically YAML plus a system prompt — that fully defines an agent: model, tools, skills, input/output schemas, policies and constraints. Nothing outside the descriptor can affect runtime behavior, which makes the agent reviewable, diffable and auditable like any other code artifact.

  • Agent observability

    Agent observability is per-step tracing of everything an AI agent does: each model call, tool call and lifecycle event captured as spans, with token usage, cost and latency per run. It turns agent behavior from anecdote into telemetry that operators, auditors and finance teams can query.

  • Agentic platform

    An agentic platform is the infrastructure that runs, governs and observes AI agents as managed, auditable services rather than ad-hoc scripts. It provides a registry of declared agents, a single execution runtime, policy controls on tool access, evaluation gates, and per-run tracing of model calls, tool calls, tokens and cost.

  • AI agent

    An AI agent is a software capability that uses a large language model to perform a bounded task — investigating, drafting, validating — by reasoning over context and calling tools. In a governed enterprise platform, an agent is declared and versioned: its prompt, model, tools and input/output schemas are defined in a reviewed descriptor, making its behavior auditable.

  • Audit trail

    An audit trail is the append-only record that allows full reconstruction of system activity. For AI agents, it means any run can be replayed on paper: which agent version executed, on which model, with which tool calls in what order, at what cost — and who approved what.

B

  • Baseline score

    A baseline score is the committed minimum evaluation score an agent version must meet, expressed between 0 and 1. Baselines are monotonic — they may only increase across versions — so an agent's measured quality can never silently regress as prompts, tools or models change.

C

  • Conversational agent

    A conversational agent holds a stateful, multi-turn dialogue with a user, with memory managed by the platform — none, a sliding window, or a rolling summary — and streamed responses. Unlike a free-form chatbot, a governed conversational agent stays scoped: declared tools, policy-controlled actions, and a full trace of every turn.

  • Credential vault

    A credential vault is a scoped store that keeps the secrets agents need to authenticate tools out of prompts, code, logs and traces. Agents reference credentials logically; the tokens themselves live only in the physical secrets store and are injected at call time.

D

  • Data residency

    Data residency is the guarantee that data is stored and processed within a defined geographic or legal boundary. For regulated European institutions adopting AI, residency must cover business data, prompts, traces and telemetry — not just the primary database.

E

  • Eval gate

    An eval gate is a CI quality gate that re-tests an AI agent against its versioned evaluation dataset on every change — to the agent, its skills or its tool bundles — and compares the result to a committed baseline score. Regressions are flagged before the change reaches production.

  • Execution environment

    An execution environment is the declared container template an AI agent runs in: its network egress policy (unrestricted, host-allowlist or offline), pre-installed packages and metadata. Declaring environments makes an agent's operational surface reviewable before it ever runs, instead of discovered in production.

H

  • Human-in-the-loop (HITL)

    Human-in-the-loop (HITL) is a control pattern where an AI agent pauses mid-run for a human to approve or deny a sensitive action before it executes. The decision — who, when, what, why — is recorded as an audit entry, keeping people accountable for consequential actions while agents absorb the preparatory work.

L

  • LLM gateway

    An LLM gateway is a routing layer between applications and model providers that centralizes authentication, rate limits, caching and cost attribution. Behind a gateway, the model becomes an operational choice: providers can be switched or mixed without changing application code.

M

  • MCP (Model Context Protocol)

    MCP (Model Context Protocol) is an open standard for connecting AI agents to tools and data sources through declared, typed interfaces. Each MCP server exposes capabilities with input and output schemas, so agents call business systems through governed contracts instead of bespoke, per-integration glue code.

  • Model-agnostic architecture

    A model-agnostic architecture treats the large language model as a configuration field rather than an architectural commitment: which model an agent uses is declared per agent, and switching providers is a configure-and-re-evaluate operation, not a re-architecture. It protects against provider lock-in and lets quality, cost and residency drive model choice.

  • Multi-tenancy

    Multi-tenancy is the ability of one platform to serve many client organizations with enforced isolation between them. In agent platforms, isolation must hold at the data layer — one tenant's data is never visible to another tenant's agents — and extend to rate limits, quotas, credentials and cost attribution.

O

  • OIDC (OpenID Connect)

    OIDC (OpenID Connect) is the open identity standard that lets enterprises bring their existing identity provider — and its joiner, mover and leaver controls — to a new platform through single sign-on. Every authenticated call carries a verifiable token, so actions are attributable to a real identity.

R

  • RAG (retrieval-augmented generation)

    RAG (retrieval-augmented generation) grounds a model's answers in retrieved source material — documentation, configuration, examples — instead of relying on what the model memorized in training. Grounded answers can cite their sources, making them verifiable and aligned with the current state of the system they describe.

  • RBAC (role-based access control)

    RBAC (role-based access control) grants permissions through roles rather than individuals. Applied to AI agents, RBAC means each agent declares the business role required to invoke it — so the agent fleet inherits the organization's existing permission model instead of creating a parallel one.

  • Run

    A run is a single agent invocation — one task execution or one conversational turn — with its own identifier, trace, token usage, cost and audit record. Runs are the unit of accountability: anything an agent did can be reconstructed run by run.

S

  • Session

    A session is a persistent, multi-turn conversation between a user and an AI agent, holding live state and an archived history. Platform-managed sessions survive infrastructure restarts and give each conversation an auditable identity, distinct from the individual runs — the turns — inside it.

  • Skill

    A skill is a reusable, versioned prompt fragment injected into an agent's compiled system prompt to standardize cross-cutting behavior — error handling, citation format, escalation protocol — across a fleet of agents. Changing a skill re-triggers evaluation on every agent that declares it, so shared behavior never drifts unreviewed.

  • Sovereign deployment

    A sovereign deployment runs a platform — including its model access path, observability and secrets — inside infrastructure that the client or its jurisdiction controls. It is the strictest answer to residency, auditability and vendor-independence requirements in regulated industries.

  • Structured outputs

    Structured outputs are agent results returned as schema-validated, typed objects instead of free-form text. Downstream systems consume them directly — no prose parsing, no human re-interpretation — and a result that violates its schema is a hard failure rather than a confident-sounding guess.

T

  • Task-mode agent

    A task-mode agent is invoked statelessly by a business workflow: it receives typed input, reasons within a bounded duration and tool-call budget, and returns schema-validated output — with no conversational memory. Task mode makes agent behavior predictable enough for production workflows to consume the result directly.

  • Tool

    A tool is any external capability an AI agent can call — querying a system, fetching a document, executing an action — exposed through a declared interface with typed inputs and outputs. In a governed platform, each tool call passes a policy check (allow, ask or deny) before it executes.

  • Tool bundle

    A tool bundle is an immutable, date-versioned set of tools that an agent declares as a unit. Corrections never mutate an existing bundle — they publish a new dated version, and moving an agent onto it is an explicit migration that re-runs the agent's evaluations.