Skip to main content
Triggers let the agent run without you starting a session. Each trigger carries a message template — the prompt that seeds every run, like “Check the health of the production cluster and flag anything unusual.” There are two kinds.

Cron triggers

A cron trigger runs the agent on a schedule you define with a standard 5-field cron expression.
ExpressionRuns
0 9 * * MONEvery Monday at 09:00
*/15 * * * *Every 15 minutes
0 * * * *Hourly, on the hour
The expression is validated when you save the trigger, so an invalid schedule is rejected up front.
Cron triggers depend on the scheduler being enabled on your Nuphos backend. If it isn’t available, the app warns you when you try to create one — webhook triggers are unaffected.

Webhook triggers

A webhook trigger runs the agent when it receives an HTTP POST — wire it to CI, an alerting tool, or any system that can call a URL. Each webhook trigger has its own URL and secret, both shown in the trigger’s details. Authenticate the request with the secret in an X-Webhook-Secret header: 
curl -X POST "<your-trigger-webhook-url>" \
  -H "X-Webhook-Secret: <your-trigger-secret>" \
  -H "Content-Type: application/json" \
  -d '{"alert": "high cpu on api-prod"}'
  • The secret is compared in constant time; a missing or wrong secret returns 401.
  • The body can be JSON or plain text — it’s passed along to the run.
  • Execution is fire-and-forget: the webhook returns quickly while the agent runs in the background.
Treat the webhook secret like a credential. Anyone with the URL and secret can trigger an agent run against your infrastructure.

What a triggered run can do

A triggered run behaves like any other session: it can investigate, and it can propose plans that still require human approval before any change executes. Automation schedules the work, not unattended changes.