Waxell
Waxell is an AI agent governance and observability platform that provides runtime policy enforcement, auto-instrumented LLM telemetry, MCP governance, cost management, and durable workflow execution for agents built in any Python framework or third-party agentic tool (Claude Code, Cursor, LangChain, CrewAI, OpenAI Agents SDK, and 200+ more).
2 APIs
1 Capabilities
10 Features
AI Agent GovernanceObservabilityPolicy EnforcementLLM TelemetryCost ManagementMCPAgent Runtime
Run Capabilities with Naftiko — Deploy and orchestrate these API capabilities using Naftiko Fleet.
Run with Naftiko
Run Capabilities with Naftiko — Deploy and orchestrate these API capabilities using Naftiko Fleet.
Run with Naftiko
Auto-Instrumentation
Two-line setup auto-instruments 200+ libraries (OpenAI, Anthropic, LangChain, LlamaIndex, CrewAI, LiteLLM, etc.) without code changes.
Runtime Policy Enforcement
26 policy categories (cost, kill switch, PII, compliance, scope, safety) returning seven decisions (allow, warn, redact, throttle, block, skip, retry).
MCP Governance
Auto-instrumentor, server middleware, and governance proxy for Model Context Protocol traffic with PII scanning and rug-pull detection.
Cost Management
Built-in model pricing for 20+ models, tenant overrides via REST, budget enforcement that warns/throttles/blocks at thresholds.
Prompt Management
Versioned managed prompts retrievable by name and label (e.g. production, staging) directly from the SDK.
Workflow Envelope
Durable execution boundary with checkpoint and resume; Redis-backed in production, in-memory for development.
Human-in-the-Loop Approvals
Custom handlers route policy blocks to Slack, webhooks, or terminal prompts for human review.
Audit Trail
Immutable, timestamped record of all agent actions, decisions, and governance events.
Developer MCP
Hosted SSE MCP server (dev-mcp.waxell.dev/sse) with 15 live tools and 8 docs resources for coding agents.
Field-Level Encryption
PII fields encrypted at the application layer with AES-256-GCM and AWS KMS (FIPS 140-2 Level 3) before database storage.
Govern Third-Party Coding Agents
Enforce policies on Claude Code, Cursor, Windsurf, VS Code, and Claude Desktop without modifying their code.
Instrument Self-Built Agents
Add full observability to LangChain, CrewAI, OpenAI Agents SDK, or custom Python agents with the @waxell.observe decorator.
Cost-Capped Agent Deployment
Set budgets on token spend per agent, user, or tenant; block runs that exceed configured limits.
PII-Safe MCP Tool Use
Scan MCP tool inputs/outputs for PII, credentials, and secrets with warn/block/redact responses.
Durable Long-Running Workflows
Use the WorkflowEnvelope to checkpoint multi-step agent workflows so they can resume after interruption.
Compliance-Ready AI Operations
Maintain SOC 2 Ready posture with immutable audit trails, encrypted PII, and EU data residency.
OpenAI
Auto-instrumented LLM provider; cost and token tracking out of the box.
Anthropic
Auto-instrumented LLM provider; supports Claude family models.
LangChain / LangGraph
First-class callback handler (WaxellLangChainHandler) for tracing chains and graphs.
CrewAI
Auto-instrumented multi-agent framework support.
LlamaIndex
Tracing for RAG pipelines built with LlamaIndex.
LiteLLM
Unified telemetry across LiteLLM-routed providers.
Claude Code
Governance overlay for Anthropic's Claude Code coding agent via the Developer MCP.
Cursor / Windsurf / VS Code
Coding-agent governance via the SSE MCP server at dev-mcp.waxell.dev.
OpenAI Agents SDK
Auto-instrumentation for OpenAI's Agents SDK runs.
AWS Bedrock / Azure OpenAI / Google Vertex AI
Cloud LLM providers covered by Waxell's auto-instrumentation.
Pinecone / Weaviate / Qdrant / Milvus / Chroma
Vector database call tracing with retrieval span recording.
Slack / Webhooks
Human-in-the-loop approval handlers for policy blocks.
Stripe
Listed subprocessor for billing.
Connect
Govern third-party agents (Claude Code, Cursor) without code changes via the MCP governance proxy.
Observe
Instrument self-built agents with auto-instrumentation, policy enforcement, and cost attribution.
Runtime
Governed execution environment for high-risk workflows with the durable WorkflowEnvelope.
aid: waxell
url: https://raw.githubusercontent.com/api-evangelist/waxell/refs/heads/main/apis.yml
name: Waxell
type: Index
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
description: >-
Waxell is an AI agent governance and observability platform that provides
runtime policy enforcement, auto-instrumented LLM telemetry, MCP governance,
cost management, and durable workflow execution for agents built in any
Python framework or third-party agentic tool (Claude Code, Cursor,
LangChain, CrewAI, OpenAI Agents SDK, and 200+ more).
created: '2026-05-06'
modified: '2026-05-06'
specificationVersion: '0.19'
tags:
- AI Agent Governance
- Observability
- Policy Enforcement
- LLM Telemetry
- Cost Management
- MCP
- Agent Runtime
url-source: https://waxell.ai/
apis:
- aid: waxell:observe
name: Waxell Observe API
tags:
- AI Agent Governance
- Observability
- LLM Telemetry
- Policy Enforcement
- Cost Management
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://{tenant}.waxell.dev/api/v1/observe
humanURL: https://waxell.ai/docs/observe/api/endpoints
description: >-
The Waxell Observe REST API exposes the AI agent governance and
observability control plane. It is used by the waxell-observe Python
SDK and the Developer MCP server to record runs, log LLM calls, spans,
steps and scores, evaluate runtime governance policies, manage prompts,
and administer the model cost catalog. Endpoints live under
/api/v1/observe/ on a tenant-specific *.waxell.dev host and accept the
same wax_sk_ keys via X-Wax-Key or Authorization: Bearer.
properties:
- type: Documentation
url: https://waxell.ai/docs
- type: APIReference
url: https://waxell.ai/docs/observe/api/endpoints
- type: Quickstart
url: https://waxell.ai/docs/observe/quickstart
- type: Authentication
url: https://waxell.ai/docs/observe/api/authentication
- type: SDK
url: https://pypi.org/project/waxell-observe/
- type: OpenAPI
url: openapi/waxell-observe-openapi.yml
- type: JSONSchema
url: json-schema/waxell-run-schema.json
- type: JSONSchema
url: json-schema/waxell-llm-call-schema.json
- type: JSONSchema
url: json-schema/waxell-policy-decision-schema.json
- type: JSONSchema
url: json-schema/waxell-span-schema.json
- type: JSONStructure
url: json-structure/waxell-run-structure.json
- type: JSONStructure
url: json-structure/waxell-policy-decision-structure.json
- aid: waxell:developer-mcp
name: Waxell Developer MCP Server
tags:
- MCP
- AI Agent Governance
- Developer Tools
- Coding Agents
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://dev-mcp.waxell.dev
humanURL: https://waxell.ai/docs/agents/overview
description: >-
Waxell Developer MCP is a hosted Model Context Protocol server that
lets coding agents (Claude Code, Cursor, Windsurf, VS Code, Claude
Desktop) query a Waxell instance in real time. It exposes 15 live
tools (agent health, error investigation, LLM cost tracking,
governance policy review, account signup) plus 8 documentation
resources at waxell://docs/*. Connection is SSE; per-client
authentication uses Bearer tokens in the Authorization header.
properties:
- type: Documentation
url: https://waxell.ai/docs/agents/overview
- type: APIReference
url: https://dev-mcp.waxell.dev/sse
- type: Authentication
url: https://waxell.ai/docs/agents/overview
- type: GitHubRepository
url: https://gitlab.com/waxell/agentforge
common:
- type: Documentation
url: https://waxell.ai/docs
- type: GettingStarted
url: https://waxell.ai/docs/observe/quickstart
- type: Quickstart
url: https://waxell.ai/docs/observe/quickstart
- type: SDK
url: https://waxell.ai/docs/observe/quickstart
- type: Console
url: https://waxell.dev
- type: SignUp
url: https://waxell.ai/get-access
- type: Pricing
url: https://waxell.ai/get-access
- type: Plans
url: plans/waxell-plans-pricing.yml
- type: RateLimits
url: rate-limits/waxell-rate-limits.yml
- type: FinOps
url: finops/waxell-finops.yml
- type: StatusPage
url: https://status.waxell.dev
- type: Blog
url: https://waxell.ai/blog
- type: Glossary
url: https://waxell.ai/glossary
- type: Security
url: https://waxell.ai/docs/security
- type: TrustCenter
url: https://app.vanta.com/callsine.com/trust/pg7qc55eh5ge6ejjv7zxksy
- type: Compliance
url: https://waxell.ai/docs/security
- type: LinkedIn
url: https://www.linkedin.com/company/waxell-ai
- type: GitHubRepository
url: https://gitlab.com/waxell/agentforge
- type: SpectralRules
url: rules/waxell-rules.yml
- type: Vocabulary
url: vocabulary/waxell-vocabulary.yml
- type: NaftikoCapability
url: capabilities/agent-governance.yaml
- type: NaftikoCapability
url: capabilities/shared/observe.yaml
- type: JSON-LD
url: json-ld/waxell-context.jsonld
- type: Example
url: examples/waxell-start-run-example.json
- type: Example
url: examples/waxell-record-llm-call-example.json
- type: Example
url: examples/waxell-policy-check-example.json
- type: Example
url: examples/waxell-get-prompt-example.json
- type: Features
data:
- name: Auto-Instrumentation
description: Two-line setup auto-instruments 200+ libraries (OpenAI, Anthropic, LangChain, LlamaIndex, CrewAI, LiteLLM, etc.) without code changes.
- name: Runtime Policy Enforcement
description: 26 policy categories (cost, kill switch, PII, compliance, scope, safety) returning seven decisions (allow, warn, redact, throttle, block, skip, retry).
- name: MCP Governance
description: Auto-instrumentor, server middleware, and governance proxy for Model Context Protocol traffic with PII scanning and rug-pull detection.
- name: Cost Management
description: Built-in model pricing for 20+ models, tenant overrides via REST, budget enforcement that warns/throttles/blocks at thresholds.
- name: Prompt Management
description: Versioned managed prompts retrievable by name and label (e.g. production, staging) directly from the SDK.
- name: Workflow Envelope
description: Durable execution boundary with checkpoint and resume; Redis-backed in production, in-memory for development.
- name: Human-in-the-Loop Approvals
description: Custom handlers route policy blocks to Slack, webhooks, or terminal prompts for human review.
- name: Audit Trail
description: Immutable, timestamped record of all agent actions, decisions, and governance events.
- name: Developer MCP
description: Hosted SSE MCP server (dev-mcp.waxell.dev/sse) with 15 live tools and 8 docs resources for coding agents.
- name: Field-Level Encryption
description: PII fields encrypted at the application layer with AES-256-GCM and AWS KMS (FIPS 140-2 Level 3) before database storage.
sources:
- https://waxell.ai/
- https://waxell.ai/docs
- https://waxell.ai/docs/security
- https://waxell.ai/compare
updated: '2026-05-06'
- type: UseCases
data:
- name: Govern Third-Party Coding Agents
description: Enforce policies on Claude Code, Cursor, Windsurf, VS Code, and Claude Desktop without modifying their code.
- name: Instrument Self-Built Agents
description: Add full observability to LangChain, CrewAI, OpenAI Agents SDK, or custom Python agents with the @waxell.observe decorator.
- name: Cost-Capped Agent Deployment
description: Set budgets on token spend per agent, user, or tenant; block runs that exceed configured limits.
- name: PII-Safe MCP Tool Use
description: Scan MCP tool inputs/outputs for PII, credentials, and secrets with warn/block/redact responses.
- name: Durable Long-Running Workflows
description: Use the WorkflowEnvelope to checkpoint multi-step agent workflows so they can resume after interruption.
- name: Compliance-Ready AI Operations
description: Maintain SOC 2 Ready posture with immutable audit trails, encrypted PII, and EU data residency.
sources:
- https://waxell.ai/
- https://waxell.ai/docs
updated: '2026-05-06'
- type: Integrations
data:
- name: OpenAI
description: Auto-instrumented LLM provider; cost and token tracking out of the box.
- name: Anthropic
description: Auto-instrumented LLM provider; supports Claude family models.
- name: LangChain / LangGraph
description: First-class callback handler (WaxellLangChainHandler) for tracing chains and graphs.
- name: CrewAI
description: Auto-instrumented multi-agent framework support.
- name: LlamaIndex
description: Tracing for RAG pipelines built with LlamaIndex.
- name: LiteLLM
description: Unified telemetry across LiteLLM-routed providers.
- name: Claude Code
description: Governance overlay for Anthropic's Claude Code coding agent via the Developer MCP.
- name: Cursor / Windsurf / VS Code
description: Coding-agent governance via the SSE MCP server at dev-mcp.waxell.dev.
- name: OpenAI Agents SDK
description: Auto-instrumentation for OpenAI's Agents SDK runs.
- name: AWS Bedrock / Azure OpenAI / Google Vertex AI
description: Cloud LLM providers covered by Waxell's auto-instrumentation.
- name: Pinecone / Weaviate / Qdrant / Milvus / Chroma
description: Vector database call tracing with retrieval span recording.
- name: Slack / Webhooks
description: Human-in-the-loop approval handlers for policy blocks.
- name: Stripe
description: Listed subprocessor for billing.
sources:
- https://waxell.ai/docs/integrations
updated: '2026-05-06'
- type: Solutions
data:
- name: Connect
description: Govern third-party agents (Claude Code, Cursor) without code changes via the MCP governance proxy.
- name: Observe
description: Instrument self-built agents with auto-instrumentation, policy enforcement, and cost attribution.
- name: Runtime
description: Governed execution environment for high-risk workflows with the durable WorkflowEnvelope.
sources:
- https://waxell.ai/
updated: '2026-05-06'
maintainers:
- FN: Kin Lane
email: [email protected]
url: https://apievangelist.com