Documentation FAQ

Product and fit

What is NodeFox in practical terms?

NodeFox is a directed-graph orchestration platform for AI, API, and data workflows. In practical terms, it gives teams one place to design routes, run workflows, inspect behavior, and control side effects without hiding logic across scripts, callbacks, or isolated automation tools. The point is not only to automate more work, but to make automation behavior explainable and governable when real business consequences are involved.

NodeFox is intentionally built for mixed audiences. Engineering teams can configure node behavior and runtime controls in detail, while operations leaders and business owners can inspect routes, run outcomes, and approval paths in plain language. That shared operating surface is what reduces handoff friction during incidents, policy changes, and rollout expansion.

Is NodeFox in beta, and what does that change for implementation?

Yes. NodeFox is currently in beta, so teams should treat rollout as an iterative operating program rather than a one-time deployment. Start with one workflow family, validate branch behavior and fallback routes under production-like load, and then expand into additional domains after deterministic behavior is proven by run evidence.

Beta status does not remove the need for rigor. It increases the need for explicit review gates, bounded loops, reliable retries, clear ownership, and practical monitoring of quality and spend. Teams that treat beta as a controlled rollout phase generally scale faster than teams that try to skip validation.

Who gets value fastest from NodeFox?

Teams that already feel orchestration fragmentation get value the fastest. That usually means groups where AI prompts, integration scripts, and operational procedures have drifted apart, and nobody can quickly answer why a branch executed or why a costly side effect happened.

Typical early adopters include product engineering, applied AI, operations, business systems, and trust/compliance groups that share responsibility for the same workflow outcomes. NodeFox is particularly useful when one workflow touches multiple external systems and multiple departments need an evidence-backed account of what happened.

What does it mean that NodeFox is a governance and execution layer?

It means NodeFox handles both route execution mechanics and control boundaries around high-impact actions. Teams define where logic can branch, where execution must pause for policy or human review, and where side effects are allowed to fire.

In practice, governance is represented in the graph itself, not in separate process documents. That makes policies inspectable at design time and verifiable at run time.

Getting runs to start correctly

Why does a workflow sometimes not start when Run is pressed?

The most common reason is that the graph has no eligible entry path at runtime. In NodeFox, a run starts when the first executable node is actually ready with the optional data and activation conditions. If entry data is missing, optional slots are not satisfied, or activation rules are too strict, the graph appears "idle" even though the design looks connected.

A reliable debugging approach is to reduce the graph to one minimum path and verify that path starts cleanly. Once that works, reintroduce additional branches one layer at a time. This isolates configuration mistakes faster than trying to debug the full graph at once.

Does the first node need to be in Ready state?

Yes in practice. The directed graph needs at least one executable node to begin propagation. If you use activation edges at the start of a workflow, make sure your release signal is explicit and not blocked by missing prerequisites. Teams often confuse "connected" with "eligible"; NodeFox requires both.

Why does a large graph still execute nothing?

Graph size does not guarantee execution. A large graph with no valid entry condition, or with overly strict slot/activation constraints, will not advance. Execution reliability comes from clear entry criteria and explicit branch logic, not from graph complexity.

What should I check first when a run is stuck?

Check entry-node eligibility, slot mapping completeness, activation wiring, and any gating Decision logic that might be blocking release. Most blocked runs are eligibility issues, not runtime failures.

If those checks look correct, isolate the graph into a minimum reproducible path and validate each branch one at a time. That typically resolves issues faster than tuning the full graph at once.

Slots, references, and data movement

What are the canonical nodes in NodeFox?

NodeFox has 10 canonical nodes: Reader, Writer, Data, Wait, Buffer, Global, Conversation, Code, Decision, and Network. These ten nodes are the stable building blocks for graph design. Terms like LLM node, trigger node, transform node, or HTTP node are legacy shorthand and are not canonical node types in NodeFox.

How should I think about `$1`, `$2`, and `$0` references?

$1 means the first input slot value for the current node, $2 means the second, and so on. $0 is a convenience reference used in specific contexts where combined input handling is enabled, but teams should prefer explicit slot references when deterministic behavior matters.

In Code nodes, slot access is zero-indexed in APIs (inputs.get(0) corresponds to slot 1 on canvas). That difference is expected and should be documented in your team's build conventions to avoid off-by-one mapping errors.

Where do slot references show up most often?

You will use slot references in Conversation prompts, Writer templates, Decision conditions, Data selectors, and API field mappings. They are the connective tissue of typed data movement in NodeFox, so teams should standardize naming and mapping conventions early.

How strict should schema and typing discipline be in early rollout?

Use stronger schema discipline on any branch that writes to external systems, triggers customer-facing actions, or drives compliance-sensitive decisions. Low-risk exploratory branches can remain more flexible while teams iterate.

A useful rule is simple: the higher the consequence of a branch, the stricter its data contracts should be before release.

Activation edges, branching, and loop safety

What is an activation edge, and why does it matter?

A data edge moves payloads. An activation edge moves execution permission. This distinction is central to NodeFox because it allows sensitive nodes to hold until a policy or review signal is explicitly granted, even when data is already present.

In practice, activation edges are most important around external writes, high-cost actions, and regulated operations. They separate "we have enough data" from "we are allowed to execute," which is exactly the control boundary most teams need in production.

Can a node execute just because data is present?

Not always. Slot requirements, Activated flags, and delay/optional behavior all influence eligibility. NodeFox evaluates eligibility rules explicitly, so wiring alone is not enough.

For strict release control, configure Activated and activation edges together: set Activated on the target node, then provide activation from the approval/gate branch.

How should teams interpret Optional, Keep, and Delay flags in the UI?

When selected, Optional is shown as blue O, and Keep is shown as green K.

Delay should be treated as step-based execution deferral (graph cycles), not a wall-clock seconds timer.

Scope model:

Optional is configured per input slot.
Keep is configured per input slot in general; exception: on Buffer nodes, Keep applies across all input slots.
Activated is configured per node.
Delay is configured per node (in steps/cycles, not seconds).

How should teams configure `Optional`, `Activated`, `Keep`, and `Delay` together in real workflows?

Use them as contract controls, not convenience toggles:

Start with blocking inputs by default, then mark only truly non-critical inputs as Optional.
Use Activated only on branches where release authority matters, and always pair it with explicit activation edges on the same target node.
Use Keep to persist state intentionally across iterations, not as a workaround for missing upstream wiring. Configure Keep per slot, except on Buffer where it applies across all slots when selected.
Use Delay as a per-node step/cycle control for sequencing and retry pacing, never as a hidden timing patch for unclear branch logic.

A strong practice is to document flag intent per critical node in your runbook. During incident review, responders should be able to answer why each flag exists and what failure mode it prevents.

What does a reliable activation-gated branch look like end-to-end?

A common production shape is:

Reader/Data/Code stages prepare and normalize payload state.
Decision evaluates policy/risk/quality criteria.
The action node (often Writer/API) is marked Activated.
Activation edge from the approved Decision path releases execution.
Run evidence captures both data lineage and release lineage.

This pattern keeps data readiness and execution permission separate. That separation is one of the most important differences between deterministic orchestration and fragile trigger-by-arrival automation.

How do I keep loops safe and bounded?

Use Decision logic with explicit pass criteria, explicit fallback routes, and a maximum iteration boundary. A safe loop has a clear convergence definition, a deterministic timeout path, and run analytics that make retry behavior visible.

Unbounded loops are usually a design error, not a model problem. Set limits before rollout, validate loop behavior under bad inputs, and make sure cost controls are tied to branch logic, not only dashboards.

How should branching and parallel paths be designed?

Branching should express policy and risk logic in the graph itself, not hidden text rules in prompts. Parallel paths should be used only when branches are truly independent, and merge behavior should be explicit so fan-in points stay predictable under load.

When teams combine branching, bounded loops, and parallel fan-out/fan-in with clear ownership, they can scale orchestration without losing explainability.

How should human review be inserted without slowing everything down?

Apply human review to the branches with meaningful downside risk, not to every branch. Most teams use a tiered model: low-risk paths auto-complete, medium-risk paths require review, and high-impact paths require explicit approval.

This keeps throughput high while maintaining clear accountability for consequential actions.

Writer behavior and side effects

Why did my file not download locally?

Most often the Writer path was missing the ./ prefix. Use ./filename.ext when you want browser download behavior. Paths without ./ are treated as workspace or registered-handle destinations.

How do I prevent early or unsafe writes?

Place Writer behind Decision logic and activation edges. The pattern is simple: compute and validate data first, then release execution only when policy and acceptance conditions are satisfied. This keeps side effects intentional and auditable.

How should idempotency be handled for write paths?

Use correlation IDs and deterministic deduplication checks in the branch before Writer execution. If retries occur, idempotency controls prevent duplicate external effects and make incident recovery cleaner.

Should writes happen in the same branch as generation?

Usually no for sensitive operations. A safer pattern is stage -> validate -> decide -> release -> write, with explicit activation between validation and side effects.

That separation is easier to test, audit, and replay than direct generation-to-write chains.

Determinism, observability, and reproducibility

Does deterministic execution mean identical text outputs from models?

No. Deterministic execution means control-path semantics are explicit and predictable. Model text can vary, but node eligibility, branch routing, activation release, and side-effect boundaries should remain understandable and reproducible.

What should be captured for auditability and replay?

Capture run-level logs, branch transitions, activation events, node outcomes, and graph version context. Together, these let teams reconstruct why a route executed and how side effects were authorized.

What is the practical difference between snapshots and logs?

Logs are event trails of what happened over time. Snapshots preserve state context at specific execution points. Teams use logs for timeline analysis and snapshots for state inspection and replay setup.

How does Git-compatible versioning help operations?

It gives teams diffable change history for graph contracts. During incidents or regressions, responders can tie run behavior to specific graph revisions and review exactly what changed.

Problems NodeFox solves in practice

How does NodeFox address component explosion?

NodeFox uses a stable ten-node execution vocabulary plus composable Network modules instead of a constantly expanding primitive catalog. This reduces one-off component sprawl and makes architecture reviews more consistent.

As teams scale, reusable graph modules replace copy-pasted workflow fragments and disconnected script stacks.

How does NodeFox reduce context rot?

Context rot happens when branches rely on undocumented assumptions that drift over time. NodeFox counters this with explicit slot wiring, typed contracts, and visible routing logic so context dependencies stay inspectable.

When context requirements change, teams update contracts and branch logic directly instead of burying changes in prompt text.

How does NodeFox replace disconnected chatbot experiments?

NodeFox turns isolated chatbot pilots into governed workflow systems by putting model calls inside deterministic graphs with policy routing, release controls, and run evidence.

This lets teams move from demo chat behavior to production automation with clear ownership and operational traceability.

How does NodeFox reduce sensitive-data copy/paste into generic chat tools?

NodeFox keeps data movement inside explicit workflow boundaries. Nodes receive only the data wired into them, with clear integration paths and branch-level control.

This significantly reduces ad hoc manual copy/paste behavior that often creates privacy and compliance risk.

How does NodeFox avoid the "LLM as the brain for everything" anti-pattern?

NodeFox treats the model as one capability inside a governed control plane, not as the sole runtime controller. Decisions about external tool calls, data writes, and high-impact actions are represented in deterministic graph logic and policy checkpoints.

This preserves useful AI flexibility without surrendering control of side effects.

How does NodeFox prevent non-deterministic "fires willy-nilly" behavior?

Control-path behavior is explicit: eligibility, routing, activation release, and fallback handling are modeled in the graph. Branches do not execute purely because data appeared.

This reduces unpredictable side-effect triggering and improves run-to-run explainability.

How does NodeFox handle race conditions from out-of-order async responses?

NodeFox uses explicit branch and merge semantics so convergence behavior is visible and testable. Teams can define when parallel work is allowed, how fan-in is handled, and what conditions release downstream execution.

That prevents hidden async callback ordering from silently corrupting business logic.

How does NodeFox help with the hair-on-fire, phantom bug, and zombie process problems?

Hair-on-fire operations are reduced by deterministic routing, explicit guardrails, and run evidence that speeds incident triage. Phantom bugs are reduced by replayable control-path behavior and version-linked diagnostics. Zombie process classes are controlled with bounded loops, stop criteria, and fallback paths.

These controls shift operations from panic response to repeatable incident handling.

How does NodeFox solve auditability and tracing gaps ("what happened when")?

NodeFox emphasizes branch-level logs, activation lineage, snapshots, and replay context tied to graph versions. This allows teams to reconstruct execution timelines and explain who or what released sensitive actions.

That evidence supports both technical incident response and governance review.

What does data encapsulation mean in NodeFox?

Nodes only see data explicitly wired into their inputs. Shared state is handled deliberately with Global and Buffer nodes rather than implicit hidden memory.

This makes data exposure and dependency boundaries easier to review and safer to operate.

How do cost analytics, runtime stats, and budget enforcement fit into operations?

NodeFox supports evidence-driven operations with run-level and branch-level visibility into outcomes, latency patterns, and cost paths. Teams can then apply deterministic thresholds and guardrail routes to limit retries, degrade safely, or pause risky execution when budgets or SLO boundaries are threatened.

Budget controls are most effective when encoded in branch logic rather than treated as post-hoc dashboard alerts.

Audience, ownership, and collaboration

Is NodeFox only for AI engineers?

No. AI engineers are a major audience, but not the only one. NodeFox is designed so operations teams, business systems owners, and decision-makers can inspect workflow behavior, run approved paths, and understand outcomes without reverse-engineering code.

The platform is strongest when technical and non-technical stakeholders share one runtime story. That shared story improves change management, faster escalation, and cleaner accountability.

Can non-technical teams execute workflows safely?

Yes, when workflow design includes role-aware controls. A common model is that engineering owns architecture and release quality, operations owns execution and incident handling, and policy/legal owners approve high-impact branches.

That structure keeps velocity high while preserving responsibility boundaries.

Account, security, and billing operations

Yes. Teams commonly enable both so access recovery remains practical when one authentication method is unavailable. Password reset and session review flows should be part of your standard access runbook.

What should teams do about 2FA and backup recovery?

Treat 2FA as baseline for privileged accounts. Store backup codes in secure vaults, keep contact methods current, and review access hygiene on a regular cadence. Access controls are operational safeguards, not optional housekeeping.

How should billing and cancellation be communicated?

Use explicit language about trial scope, conversion timing, renewal cadence, and cancellation timing responsibilities. Keep policy links next to decisions, and keep routing channels clear: billing@nodefox.ai for billing operations, support@nodefox.ai for account support, and legal@nodefox.ai or privacy@nodefox.ai for policy and rights requests.

Use Sign Up as the entry point, then continue through Pricing, Terms, and Privacy before moving into product usage in Features and Account settings. The current canonical path is intentionally product-facing: create account credentials, accept legal terms via checkbox flow, review applicable consent/disclaimer screens, choose plan and billing method if needed, and then operate workflows with ongoing access, security, and billing management available from account settings.

Integrations and provider posture

Do we need one fixed provider stack to use NodeFox?

No. NodeFox is intentionally provider-agnostic. You can connect MCP tools, OAuth systems, custom API key integrations, and AI/model providers while preserving one deterministic orchestration model.

Why is provider-agnostic orchestration important?

Provider capabilities, pricing, and contract posture change quickly. If orchestration logic is tightly coupled to one provider, every change becomes a migration event. NodeFox keeps orchestration architecture stable while allowing integration choices to evolve.

Are all integrations preconfigured out of the box?

Not always. Some integrations are available immediately, and others may require user setup through OAuth scopes, MCP configuration, or bring-your-own API keys. Availability can vary by workspace, release stage, and environment constraints.

How should teams handle integrations that are still in rollout?

Treat them as planned dependencies and keep fallback branches available during early adoption. Where needed, use custom API or MCP configurations until catalog coverage reaches your target setup.

This approach avoids blocking delivery while maintaining controlled runtime behavior.

Can one workflow mix multiple providers safely?

Yes. A single graph can include MCP tools, OAuth integrations, and API-key-based providers. Keep boundaries explicit, validate payload contracts at merge points, and record branch-level evidence so mixed-provider behavior remains auditable.

Practical rollout guidance

What is a strong first workflow candidate?

Choose a workflow where the current state creates repeated operational pain: manual exception handling, unclear incident ownership, costly retries, or unreliable cross-system writes. These are the scenarios where deterministic graph orchestration shows value quickly.

How should teams phase adoption?

Start with one workflow family, instrument quality and spend behavior, and set clear promotion criteria before expanding. Convert successful patterns into reusable Network modules and documented build standards so later teams start from proven architecture rather than from scratch.

What does "human-in-the-loop done right" mean in NodeFox?

It means human review is placed where risk actually exists, not everywhere. Low-risk paths can auto-complete, medium-risk paths can require review, and high-impact paths can require explicit approval with recorded context. That balance keeps throughput strong while preserving accountability.

What is a good acceptance criterion before expanding to more workflows?

Use measurable criteria: stable execution success rate, bounded retry behavior, clear on-call ownership, reproducible incident diagnosis, and documented release controls for high-impact branches.

When those signals are consistently healthy, pattern reuse and expansion become much lower risk.

How should teams structure a practical rollback plan?

Define rollback before launch, not after incident onset. Keep prior graph versions ready, document branch ownership, and predefine downgrade conditions for quality, latency, and cost thresholds.

A good rollback plan includes technical rollback steps, communication routing, and decision authority so teams can respond quickly without escalation confusion.

No. Sign-up acceptance should cover the required governing legal and policy document set presented in the legal consent flow, with the full canonical set accessible in Legal Center. Terms and Privacy are core, but they are not the only governing surfaces.

How should teams present legal acceptance without confusing users?

Use one clear required acceptance flow, keep links to controlling legal documents visible at point of action, and avoid ambiguous language that implies acceptance is optional when account activation depends on it.

No. Keep optional marketing/communications consent separate from required legal acceptance so user choice remains meaningful and revocable without creating legal acceptance ambiguity.

What is the right operational response when legal terms are updated?

Tie acceptance state to versioned policy records, gate protected actions when re-acceptance is required, and keep a clear audit trail of what text/version was presented and accepted.

Cost, runtime analytics, and budget controls

How should teams use cost analytics in daily operations?

Track cost by branch and workflow family, not only account-level totals. Branch-level visibility reveals which retries, loop paths, or provider routes are driving spend and where control updates are most effective.

What budget guardrail patterns work best?

Common patterns include tiered spend thresholds, automatic degrade routes for expensive paths, escalation gates for high-cost branches, and pause conditions when forecasted spend exceeds limits.

How do runtime stats help incident response?

Runtime stats expose latency hotspots, failure concentration, and branch instability. Combined with logs and snapshots, they help responders isolate root causes quickly and reduce guesswork during on-call events.

How should teams balance cost controls with output quality?

Use deterministic quality gates and fallback logic rather than blanket cutoffs. The goal is to preserve critical outcomes while controlling runaway spend, not to force the cheapest path in every scenario.

Documentation usage and troubleshooting

How should teams use docs day-to-day after onboarding?

Treat docs as an operating reference, not onboarding-only material. Teams usually keep one docs owner per workflow family who tracks updates, maps changes into build standards, and runs periodic review with engineering and operations stakeholders.

What is the fastest way to debug a misbehaving workflow using docs?

Start with Documentation FAQ for diagnosis heuristics, then open node-level docs for affected branches, and finally review concept pages for control-model intent. This sequence usually narrows the root-cause category faster than scanning everything at once.

How often should workflow teams review documentation changes?

For active production workflows, a biweekly or release-based review cadence is common. Tie doc review to graph version promotion so contract changes, policy updates, and runbook expectations stay aligned.

What should be documented internally beyond NodeFox docs?

Document branch ownership, approval authority, escalation thresholds, fallback rules, and rollback triggers for each critical workflow. Vendor docs explain capabilities; internal docs explain how your organization runs them safely.

How do docs help prevent repeated incident classes?

When teams convert incident findings into deterministic branch controls and documented playbooks, repeated failures usually drop. The key is to codify the fix in graph behavior and update operational guidance at the same time.

Should non-engineering teams use the docs directly?

Yes. Operations, trust, legal, and business-system owners should use docs to understand branch behavior, approval points, and evidence expectations. Shared documentation language reduces escalation confusion during high-pressure events.

What is a good “definition of done” for documentation quality?

A practical bar is: a new on-call owner can explain branch intent, run fallback actions, and identify escalation paths without relying on tribal knowledge. If that is not possible, documentation is still incomplete.

How should teams handle docs for beta features?

Mark beta-dependent branches explicitly in internal runbooks, define rollback expectations, and keep guardrails stricter until behavior is validated in your production context.

Where should enterprise teams start commercial and strategy discussions?

Use the enterprise strategy page and planning channels early in rollout:

Enterprise Strategy Scheduling
Email: james@nodefox.ai