--- title: "Agent Hub" description: "Deploy, manage, and run AI agents directly from Nirmata Control Hub." diataxis: how-to applies_to: product: "nirmata-ai-agents" audience: ["platform-engineer"] last_updated: 2026-04-16 url: https://docs.nirmata.io/docs/control-hub/agent-hub/ --- > **Applies to:** Nirmata AI Agents 1.0 and later > **In Private Preview** — Agent Hub is available to select customers. [Contact us to learn more](https://nirmata.com/request-a-demo/). Agent Hub is where you deploy, configure, and run AI-powered governance agents from Nirmata Control Hub. Agents continuously monitor your clusters, run on-demand tasks, or execute scheduled governance workflows — all managed from a single control plane. ## Agent Types - [Service Agents]({{< relref "service-agents/" >}}) — Autonomous in-cluster agents that run 24/7 to detect and remediate policy violations via GitOps PRs - [Cloud Agents]({{< relref "cloud-agents/" >}}) — On-demand and scheduled agents launched from Control Hub for analysis, auditing, and reporting - [Agent Skills]({{< relref "agent-skills/" >}}) — Extend agents with specialized governance skills *(In Private Preview)* --- ## Service Agents > **Applies to:** Nirmata AI Agents 1.0 and later Service Agents are autonomous AI agents that run inside your Kubernetes clusters. Unlike [Cloud Agents](../cloud-agents/), which are launched on-demand from the Control Hub, Service Agents are deployed directly into the cluster and operate continuously — detecting policy violations, generating remediation plans, and opening pull requests in your Git repositories without human intervention. The primary Service Agent is the **Remediator Agent**: it monitors Kyverno policy reports, uses AI to generate compliant fixes, and integrates with your GitOps workflow by creating PRs against the affected repository. For a conceptual overview of Service Agents, see [Service Agents in Nirmata AI Agents](/docs/ai/service-agents/). ## In This Section - [**Getting Started**]({{< relref "getting-started/" >}}) — Install the Remediator Agent and verify your first remediation - [**Configuration**]({{< relref "configuration/" >}}) — Configure ToolConfig (Git credentials), LLMConfig (AI provider), and the Remediator resource - [**Observability**]({{< relref "observability/" >}}) — Prometheus metrics, status fields, and monitoring the agent in production - [**GitHub Authentication**]({{< relref "github-authentication.md" >}}) — Connect to GitHub using the Nirmata GitHub App ## How It Works 1. The Remediator Agent is installed in the `nirmata` namespace via Helm. 2. It reads Kyverno `ClusterPolicyReport` resources to discover violations. 3. For each violation, it calls a configured AI provider to generate a fix. 4. It opens a pull request in the target Git repository with the proposed change. 5. You review and merge the PR — the agent never pushes directly to a protected branch. ## Key Capabilities | Capability | Description | |------------|-------------| | **Continuous monitoring** | Runs on a cron schedule or triggered on-demand via the Kubernetes API | | **Multi-cluster support** | Hub Mode uses ArgoCD to manage violations across hundreds of clusters | | **GitOps integration** | All changes go through PRs — no direct cluster mutations | | **Confidence-based actions** | Configure whether PRs are opened for high-confidence fixes, low-confidence, or both | | **Split PR** | Split a multi-policy PR into separate PRs for independent review workflows | | **AI provider choice** | Nirmata AI (default), AWS Bedrock, or Azure OpenAI | --- ## Cloud Agents > **Applies to:** Nirmata AI Agents 1.0 and later Cloud Agents are AI-powered workflows you launch on-demand or on a schedule from Nirmata Control Hub. Each agent runs as a short-lived job, executes a specific analysis or remediation task, and produces a detailed report — with no persistent infrastructure required. For a conceptual overview of what Cloud Agents are and how they work, see [Cloud Agents in Nirmata AI Agents](/docs/ai/cloud-agents/). ## In This Section - [**Agent Catalog**]({{< relref "agent-catalog/" >}}) — Browse available agents, see what each one does, and find the right agent for your task - [**Launching an Agent**]({{< relref "agent-launch/" >}}) — Run any agent on-demand against a target cluster - [**Schedules**]({{< relref "schedules/" >}}) — Configure recurring agent runs with notifications - [**Agent Runs**]({{< relref "agent-runs/" >}}) — Monitor active runs, view live logs, and access completed reports ## Accessing Cloud Agents Navigate to **Agent Hub → Cloud Agents** in Nirmata Control Hub. --- ## Agent Skills > **In Private Preview** — Agent Skills are available to select customers. [Contact us to learn more](https://nirmata.com/request-a-demo/). ## Overview Agent Skills extend the capabilities of Service Agents and Cloud Agents with specialized governance workflows. Skills are pre-built modules that agents can invoke to perform specific tasks — from cost analysis and security auditing to compliance reporting and remediation. ## What's Included - **Security Skills** — Detect misconfigurations, scan for vulnerabilities, and enforce security baselines - **Compliance Skills** — Generate compliance reports mapped to CIS, NIST, SOC 2, and other standards - **Cost Skills** — Identify over-provisioned resources and recommend right-sizing - **Remediation Skills** — Automatically fix policy violations using approved remediation patterns ## Get Access Agent Skills are currently available in private preview for select customers. [Contact Us to Learn More →](https://nirmata.com/request-a-demo/)