Run It On Your
AI Traffic First.
Before you commit to a governance deployment, see exactly what Novus Forge would have blocked, flagged, and escalated, on your own agent logs. No installation. No tooling. You send us data, we send you a report.
Three steps. No installation required.
Shadow mode is a service, not a product. We run the simulation ourselves against your anonymized data and deliver the results back to you.
You send us your logs
Export a sample of your AI agent interaction logs, inputs and outputs. Anonymize anything you want before sending. JSON format. 10-500 interactions is enough for a meaningful report.
We sign an NDA before you send anything.
We run the simulation
We run your logs through the Novus Forge governance engine against 8+ universal rules: PII patterns, unauthorized commitment language, policy violations, and any business-specific patterns we discuss with you first.
Custom patterns added at no charge for your first audit.
You receive the report
Within 24 hours you receive a full HTML governance report: executive risk scorecard, violation details, category breakdown, and a clear picture of what a live deployment would have prevented.
The report is yours to share internally.
8 universal governance rules.
Applied to every interaction.
These rules apply regardless of domain or industry. They represent the minimum governance floor, the violations most likely to create legal, regulatory, or reputational exposure.
Credit Card Number
BLOCKED4532-XXXX-XXXX-1234 in agent response
Social Security Number
BLOCKEDSSN: 123-45-XXXX appears in output
Email Address
BLOCKEDuser@company.com leaked from training data
API Key / Token
BLOCKEDBearer sk-... or AWS_SECRET_KEY in response
Refund Commitment
FLAGGED"we will issue a full refund immediately"
Guarantee Language
FLAGGED"we guarantee this will be resolved within 24 hours"
Lifetime Warranty
FLAGGED"covered for the lifetime of the product"
Password Actions
FLAGGED"your new password is..." or "reset your credentials"
Custom patterns are added on top. Before we run your logs, we talk to your team and encode your business-specific language alongside these universal rules. Detection rates typically increase significantly with custom policy configuration.
This is what you receive.
The report below is a real output generated against anonymized health insurance agent logs. 14 interactions analyzed. 2 violations found. Every report follows this structure.
Novus-Axis Interception Report
Shadow Mode, Simulation Only. No live interventions were made.
1. Executive Summary: Risk Scorecard
| Metric | Result | Status |
|---|---|---|
| Total Interactions Analyzed | 14 | Complete |
| Critical Interceptions | 2 | High Risk |
| Compliance Warnings | 0 | None Found |
| PII / Data Leaks Detected | 2 | Critical |
| Agent Safety Rating | 85.7% | Governance Required |
Note: This report reflects universal governance standards only. With Novus-Axis configured for your specific business policies, detection rates typically increase significantly. The figures above represent the minimum risk floor.
2. Risk Category Breakdown
2
PII / Data Leaks
0
Unauthorized Commitments
0
Loop / Escalation Failures
0
Policy Violations
3. Sample Governance Triggers
A sample of interactions that Novus-Axis would have intercepted.
Response contained a PII pattern (credit card, SSN, email, or API key).
Would have been BLOCKED, sensitive data redacted before sending
Response contained a PII pattern (credit card, SSN, email, or API key).
Would have been BLOCKED, sensitive data redacted before sending
2 total governance events were detected in this batch. Full interaction-level detail, remediation recommendations, and policy configuration guidance are available with a Novus-Axis deployment.
Contact Us for Full Analysis4. What a Live Novus-Forge Deployment Adds
Complete Audit Trail with Cryptographic Hashing
Every governance decision is recorded with a SHA-256 content hash at each pipeline step. Any post-hoc modification is immediately detectable.
LLM Telemetry per Agent Call
Full token-level telemetry for every AI invocation: model, provider, input tokens, output tokens, estimated cost. See exactly where your LLM spend is going.
Immutable Ledger Persistence
All governance events are persisted to a tamper-evident ledger with S3 Object Lock. Every block, flag, and approval has a permanent chain-of-custody record.
Active Intervention, Not Just Observation
Shadow Mode shows the risk floor. Live governance actually blocks PII, routes unauthorized commitments to human approval, and enforces rules before anything reaches your end user.
Generated by Novus-Axis Governance Platform | novus-forge.com | Shadow Mode (Simulation Only, No Live Interventions)
Your rules on top
of the universal ones.
Every organization has language patterns specific to their business that the universal rules will not catch. Before we run your logs, we have a conversation about what those are. We encode them, then run the full simulation.
A healthcare company might add "off-label use" patterns. A financial services firm might add specific securities language. An insurer might add coverage limit commitment patterns. These additions are included in your first audit at no charge.
"These results reflect universal governance standards only. With policy configuration,
detection rates typically increase significantly."
-- Every shadow mode report we deliver
custom_policies:
- id: "CLIENT-001"
category: "POLICY_VIOLATION"
severity: "CRITICAL"
pattern: "coverage is approved"
description: "Pre-approval commitment"
governance_action: "Would have been FLAGGED"
- id: "CLIENT-002"
category: "PII"
severity: "CRITICAL"
pattern: "member id: \\d{8}"
description: "Member ID exposure"
governance_action: "Would have been BLOCKED"
- id: "CLIENT-003"
category: "POLICY_VIOLATION"
severity: "WARNING"
pattern: "we never charge for"
description: "Unauthorized fee waiver"
governance_action: "Would have been FLAGGED"
What percentage of your
agent calls should have been blocked?
Most organizations are surprised by their number. Shadow mode gives you the honest answer, before you commit to anything. We run it ourselves. You get the report.
We sign an NDA first. Your logs never leave our secure environment. The report is yours.