The AgentOps control plane for governed autonomous development.
One
.niyam/source of truth. Many AI runtimes. Policy-driven autonomy. Portable memory. Evidence-backed delivery.
Niyam bridges the gap between fast "vibe coding" and production-grade safety. It turns any repository into a governed AI-development workspace where you define the rules, and AI agents (Claude Code, Codex, Gemini) follow them.
Niyam is an AgentOps control plane for teams that need to govern what agents do, what tools they use, what memory they rely on, and what evidence they produce. It is built for AI agent governance, AI coding agent safety, MCP tool governance, portable agent memory, approval gates, browser-agent supervision, and audit-ready evidence.
Global Install (Recommended)
pipx install niyamUpgrade to the latest version:
pipx upgrade niyamRun on the fly (No install)
uvx --from niyam niyam --helpEnable Smart Autocomplete (Bash/Zsh/Fish/PowerShell)
niyam completion installNiyam acts as a governance layer inside your AI agent. Use team-standard slash commands:
/implement "add password complexity rules to auth service"Niyam ensures the agent writes tests first, respects file freezes, and follows the approved TDD workflow.
Orchestrate complex migrations or large-scale refactors with ease:
niyam run "migrate all API endpoints to v2"Niyam plans the mission, executes dependency-aware task layers, can isolate write tasks in Git worktrees, and records validation evidence.
Define strict execution budgets and let agents iterate autonomously until success or intervention:
niyam loop run loops/security-audit.yaml --require-approval-on high-riskNiyam orchestrates the planner, implementer, and evaluator agents, tracking cost and risk at every iteration.
- Command Guardrails: Intercept and block dangerous shell commands (e.g., destructive database drops or global file deletions) before execution.
- Path Freezing: Restrict agents to specific scopes. Protect core files like
LICENSEor sensitiveinfra/folders from unauthorized AI writes. - Credential Redaction: A built-in engine that identifies and redacts secrets, API keys, and PII from agent logs and CLI outputs in real-time.
- Enterprise Approval Gates: Role-based (e.g., Product, QA, Security) manual approval gates for critical tasks and mission plans directly from the CLI or Portal UI.
- Agent Roles: Define specialized AI personas (e.g.,
security-reviewer,qa-engineer) with tailored system prompts and dedicated toolsets. - Isolated Multi-Worktree Parallelism: Run tasks in parallel using isolated Git Worktrees, preventing agent cross-talk and ensuring clean, atomic PRs.
- Swarm Coordination: Track active agents, heartbeats, file locks, and negotiation requests through local swarm state.
- Autonomous Environment Healing: Experimental auto-heal retries feed validation failures back into task prompts and can trigger AI re-planning.
- Repo Audits: Scan your repository against strict profiles (
startup,team,enterprise,regulated) to detect missing documentation, unpinned dependencies, or secret exposures. - Readiness Scoring: Get a numerical Readiness Score (0-100) and a clear GO / NO-GO decision for every branch or mission.
- CI/CD Pipeline Scaffolding: Generate ready-to-use CI/CD workflows (
niyam ci generate [github/gitlab/azure]) that run strict policy validations (niyam ci verify) directly in your pull requests.
- Joint Evidence Reports: Automatically synthesize scan findings, observed command logs, MCP registry posture, Memory Ledger posture, Control Room activity, browser actions, approvals, and cost data into standardized, audit-ready compliance documents.
- Memory Ledger: Portable, inspectable, policy-governed agent memory with structured records, import/export, diffing, redaction, recall lineage, policy checks, and an MCP-compatible memory server.
- Control Room: Local-first supervised human-agent task rooms with workspace sessions, append-only timelines, approval gates, browser-action recording, takeover state, and task evidence exports.
- FinOps Cost Tracking: A local ledger that logs every token consumed and estimates USD spend against customizable pricing tables.
- Governed AI Feedback Loops: Use
niyam loop runto execute multi-step AI tasks with deterministic budgets, automated evaluation, and explicit human-in-the-loop approval gates. - Fleet-Wide Missions: Run loops concurrently across an entire portfolio of repositories via
niyam loop run --fleet, automatically resolving dependency DAGs between repos. - Audit-Ready Loop Reports: Generate evidence and visual HTML reports for every loop execution.
- Smart Autosuggestion: Integrated suggestion engine offering typo correction ("Did you mean?"), context-aware flags, and alias resolution.
- Shell Autocompletion: Native
<TAB>completion support for Bash, Zsh, Fish, and PowerShell (niyam completion install).
Niyam provides both terminal-based and browser-based interfaces to monitor your autonomous agents and manage approvals:
niyam dashboard --watch- Live Task Progress: Visual status of all mission tasks (Planned, Running, Completed, Failed).
- Real-time Logs: View active output from implementation agents as they work in isolated worktrees.
- Validation Monitor & Resource Efficiency: Watch unit tests and lint checks run and report results live, alongside actual token spend.
niyam portal- Policy Analytics: Visual cards detailing Active Guardrails, Command Filters, Security Isolation, and active Path Freezing.
- Interactive Approval Center: Review pending tasks/missions and authorize execution by role directly from the Web UI.
- FinOps & Agent Metrics: Monitor token consumption, cost breakdowns, and agent success rates.
- Initialize your workspace:
niyam init --profile fullstack --runtime claude
- Synchronize with AI agent:
niyam sync
- Start building:
Open your agent (e.g.
claude) and use/implement,/review, or/ship.
Govern portable agent memory:
niyam memory init
niyam memory validate
niyam memory recall "deployment preference"
niyam memory policy-check
niyam memory serve-mcpRegister the Memory Ledger MCP server:
niyam mcp register-memory-serverRun a supervised Control Room task:
niyam workspace create "Research competitor pricing" --session-id TASK-001
niyam workspace browser-start TASK-001 --url https://example.com
niyam workspace browser-action TASK-001 --type submit --target "#publish"
niyam workspace evidence TASK-001 --format markdownGenerate audit-ready evidence with AgentOps sections:
niyam evidence --include scan,guard,mcp,cost,memory,workspace| Capability | Status |
|---|---|
| Workspace init, runtime sync, context refresh | Stable |
| Scan, guard, evidence, cost tracking | Experimental but covered by tests |
| Memory Ledger, MCP memory server, Control Room workspace, browser recorder | Preview |
| Mission planning/execution, worktree isolation | Experimental |
| Swarm coordination, RAG indexing, auto-heal | Preview |
Preview features are local-first and test-covered, but their command shape and defaults may evolve before GA.
- CLI Reference Guide
- AgentOps Platform Direction
- Memory Ledger Guide
- MCP Memory Server Guide
- Control Room Guide
- Browser Sandbox Guide
- Governance Specification
- MCP Registry Guide
- Migration Guide
See ROADMAP.md for the AgentOps roadmap, including Memory Ledger, Control Room, web dashboards, and enterprise CI/CD integration.
Distributed under the MIT License. See LICENSE for more information.