Documentation

Safe agent workflows

Use read-only tools first, preview writes, require approval for destructive actions, and keep financial data local.

npm

Agent operating rules

Clovis gives agents useful tools, but the user should stay in control of financial records.

Read firstUse balances, reports, search, pending import review, and integrity checks before mutation.
Preview writesWhen a tool supports dry-run, require the agent to show the preview before applying changes.
Approve destructive toolsDeletes, rollbacks, branch discards, and repairs should be explicit user-approved actions.
Keep data localClovis reads the ledger path supplied by CLOVIS_DB; do not send raw files unless needed.

How to read safety flags

The generated MCP catalog marks tools by how an agent should treat them.

read-onlySafe first step for questions, reports, searches, and diagnostics.Open tool catalog
dry-runCan preview a write. Ask the agent to run the preview, explain it, then wait.Open tool catalog
destructiveCan remove, void, discard, or repair records. Require explicit approval.Open tool catalog