Cognition — AI That Acts in Production
Cognition puts an AI engine in your Node.js production environment. It collects errors, runtime health, and security events, then streams them to Skytells for analysis and action. Configurable from the Console. Requires Pro plan or higher.
Cognition requires a Pro plan or higher. See Plans for a tier comparison, or Upgrade to Pro ↗ directly.
Cognition puts an AI engine in your production environment. Install the SDK, point it at your Skytells project, and it starts collecting errors, watching process health, and scanning requests for threats. All of that data goes to Skytells, where the AI analyzes it and acts on what it finds.
You configure the AI from the Cognition Console ↗: choose what it monitors, set the conditions that trigger a response, and decide what it does. Results appear in the Console and through the Skytells CLI as events arrive.
Two lines of code are all it takes to get started.
How Cognition Works
Five Core Capabilities
Error Capture
When errors happen, Cognition catches them. Global handlers cover uncaughtException and unhandledRejection automatically. Use captureError() and captureMessage() for errors you've already caught. Each event arrives at Skytells with a full stack trace, breadcrumb history, user context, and release details.
Runtime Observer
Six health monitors run continuously: event loop timing, heap and RSS memory, CPU load, garbage collection, active handles, and HTTP traffic. Set thresholds and receive an anomaly event whenever a metric drifts past your limit.
Security Scanner
Incoming requests are checked against 16 built-in patterns covering SQL injection, XSS, path traversal, and command injection. Use the Express middleware for automatic coverage, or call the scanner directly in any framework. Findings go to Skytells for AI review.
OpenTelemetry Bridge
Already using OpenTelemetry? Enable the bridge and your spans travel through the same Cognition pipeline as errors, runtime data, and security events. One SDK, one destination.
AI That Acts
All events go to the Skytells AI engine. It correlates errors, anomalies, and threats, finds patterns across time, and takes the actions you've configured. You set up what to watch and what to do from the Cognition Console ↗.
Where Your Data Appears
Open the Cognition Console ↗ to see your data in the browser. The Console has dedicated views for errors, security threats, runtime health, anomalies, a live event stream, and AI analysis. Your project ID (find it on the Projects page) controls which project you're looking at.
Prefer the terminal? The skytells cognition CLI commands give you the same data without leaving the shell. See Analytics for the full command reference, or CLI reference for initial setup.
Event Types
All events share the same delivery path through the beforeSend hook, into the ring buffer, and on to Skytells.
| Event Type | type field | Emitted by |
|---|---|---|
| Error | error | Global handler / captureError() |
| Message | message | captureMessage() |
| Runtime Snapshot | runtime_snapshot | Runtime Observer (interval) |
| Anomaly | anomaly | Runtime Observer (threshold breach) |
| Security Threat | security | Security Scanner / middleware |
| HTTP Metric | http_metric | HttpMetricsMonitor |
| GC Event | gc | GCMonitor |
| Trace Span | trace_span | OTel bridge (CognitionSpanExporter) |
| Custom | user-defined | captureEvent() |
Design Principles
| Principle | What it means |
|---|---|
| Zero production dependencies | Built entirely on Node.js built-ins: perf_hooks, os, zlib, http. Nothing in node_modules at runtime. |
| Non-intrusive | All internal timers are unref()'d — the SDK never prevents your process from exiting naturally. |
| Fail-safe | Transport errors are caught and optionally logged (in debug mode). The SDK never throws into your application code. |
| Privacy-first | The beforeSend hook lets you scrub PII before any event leaves the process. Returning null drops the event silently. |
| Dual-format | Ships both ESM and CJS with full .d.ts TypeScript declarations. |
Requirements
- Node.js >= 18.0.0
- TypeScript >= 5.0 (optional, for type checking)
- A Skytells account on the Pro plan or higher — view plans · Upgrade to Pro ↗
- A project — create one in the Console
Optional peer dependencies (only needed for specific features):
| Package | Required for |
|---|---|
@opentelemetry/api ^1.x | OTel trace integration |
@opentelemetry/sdk-trace-base ^1.x | OTel trace integration |
Documentation
Quickstart
Install the SDK, initialize it with your API key and project ID, and send your first event.
Error Capture
Automatic and manual error handling, breadcrumbs, stack traces, context enrichment, and severity levels.
Runtime Observer
Six process health monitors, snapshot intervals, anomaly thresholds, and on-demand snapshots.
Security Scanner
HTTP threat detection, Express middleware, 16 built-in patterns, custom patterns, and blocking.
OpenTelemetry
OTel trace bridge, CognitionSpanExporter, auto-instrumentation, and sample rate.
Configuration
Complete reference for every configuration option, with defaults and validation notes.
Transport
Ring buffer, batching, HTTP delivery, gzip compression, retry strategy, and wire format.
Analytics
Viewing Cognition data in the Skytells Console and the CLI.
AI Report
Skytells AI audits your event data and generates a rich, structured report. Access it in Console → Cognition → AI Analysis, or view live events under Console → Cognition → Live.
Examples
Real-world integration patterns: Express, Fastify, workers, PII scrubbing, multi-service, and more.
How is this guide?