Runtime security for AI agents — policy engine, audit trail, and kill switch

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for thebotclub from gravatar.com thebotclub

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: AgentGuard
  • Tags ai , agents , security , governance , policy , langchain , openai
  • Requires: Python >=3.8
Classifiers
Report project as malware

Project description

agentguard-tech

Runtime security for AI agents — policy engine, audit trail, and kill switch.

PyPI version Python versions License: MIT

Overview

AgentGuard gives AI agents production-grade guardrails:

  • 🛡️ Policy evaluation — check every tool call before execution
  • 📋 Audit trail — tamper-evident hash chain of every action
  • 🔴 Kill switch — instantly halt all agents
  • 🔍 Audit verification — cryptographically verify the audit chain
  • Zero dependencies — pure Python stdlib, works anywhere

Installation

pip install agentguard-tech

Requires Python 3.8+. No external dependencies.

Quick Start

from agentguard import AgentGuard

guard = AgentGuard(api_key="ag_your_api_key")

# Evaluate an agent action before executing it
decision = guard.evaluate(
    tool="send_email",
    params={"to": "user@example.com", "subject": "Hello"}
)

if decision["result"] == "allow":
    print("Action allowed, risk score:", decision["riskScore"])
    # proceed with tool execution
elif decision["result"] == "block":
    print("Action blocked:", decision["reason"])
elif decision["result"] == "require_approval":
    print("Waiting for human approval...")
elif decision["result"] == "monitor":
    print("Action monitored (allowed but logged):", decision["reason"])

API Reference

AgentGuard(api_key, base_url=...)

Create a client instance.

guard = AgentGuard(
    api_key="ag_your_api_key",
    base_url="https://api.agentguard.tech"  # optional, default shown
)

evaluate(tool, params=None) → dict

Evaluate a tool call against your policy. Call this before every tool execution.

decision = guard.evaluate("read_file", {"path": "/data/report.csv"})
# Returns:
# {
#   "result": "allow",          # allow | block | monitor | require_approval
#   "riskScore": 5,             # 0-1000
#   "reason": "Matched allow-read rule",
#   "durationMs": 1.2,
#   "matchedRuleId": "allow-read"  # optional
# }

Integration pattern:

def safe_tool_call(tool_name, tool_func, **params):
    decision = guard.evaluate(tool_name, params)
    if decision["result"] in ("allow", "monitor"):
        return tool_func(**params)
    elif decision["result"] == "block":
        raise PermissionError(f"Blocked by policy: {decision['reason']}")
    elif decision["result"] == "require_approval":
        raise PermissionError("Awaiting human approval")

get_usage() → dict

Get usage statistics for your tenant.

usage = guard.get_usage()
print(usage)
# {
#   "requestsToday": 142,
#   "requestsThisMonth": 3891,
#   "plan": "pro",
#   "limits": { "requestsPerDay": 10000 }
# }

get_audit(limit=50, offset=0) → dict

Get audit trail events with pagination.

audit = guard.get_audit(limit=100, offset=0)
for event in audit["events"]:
    print(f"{event['timestamp']} | {event['tool']} | {event['decision']}")

kill_switch(active) → dict

Activate or deactivate the global kill switch.

# Emergency halt — stop all agents immediately
guard.kill_switch(True)

# Resume operations
guard.kill_switch(False)

verify_audit() → dict

Verify the cryptographic integrity of the audit hash chain.

result = guard.verify_audit()
if result["valid"]:
    print("Audit chain is intact")
else:
    print(f"Chain broken at event index: {result['invalidAt']}")

Complete Example — LangChain-style Agent

from agentguard import AgentGuard

guard = AgentGuard(api_key="ag_your_api_key")

def run_tool(name: str, func, **params):
    """Execute a tool with AgentGuard policy enforcement."""
    decision = guard.evaluate(name, params)
    
    result = decision["result"]
    if result == "block":
        raise PermissionError(f"Policy blocked {name}: {decision['reason']}")
    if result == "require_approval":
        raise PermissionError(f"Human approval required for {name}")
    
    # "allow" or "monitor" — proceed
    return func(**params)


# Your tools
def send_email(to: str, subject: str, body: str) -> str:
    # ... send the email
    return f"Email sent to {to}"

def read_file(path: str) -> str:
    with open(path) as f:
        return f.read()


# Use with policy enforcement
content = run_tool("read_file", read_file, path="/data/report.csv")
run_tool("send_email", send_email, to="boss@company.com", subject="Report", body=content)

Error Handling

from agentguard import AgentGuard

guard = AgentGuard(api_key="ag_your_key")

try:
    decision = guard.evaluate("dangerous_tool", {"target": "production_db"})
except RuntimeError as e:
    print(f"API error: {e}")
    # RuntimeError: AgentGuard API error: 401 Unauthorized

Links

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for thebotclub from gravatar.com thebotclub

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: AgentGuard
  • Tags ai , agents , security , governance , policy , langchain , openai
  • Requires: Python >=3.8
Classifiers

Release history Release notifications | RSS feed

0.10.0

0.9.0

0.8.0

0.7.2

0.7.1

0.7.0

0.6.0

0.2.1

0.2.0

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

agentguard_tech-0.1.1.tar.gz (5.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

agentguard_tech-0.1.1-py3-none-any.whl (5.8 kB view details)

Uploaded Python 3

File details

Details for the file agentguard_tech-0.1.1.tar.gz.

File metadata

  • Download URL: agentguard_tech-0.1.1.tar.gz
  • Upload date:
  • Size: 5.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for agentguard_tech-0.1.1.tar.gz
Algorithm Hash digest
SHA256 59126c136d182e03c57d8f0e866c55aa27b3569aa81916ba1295406a7455b009
MD5 147ced4c1f2b984a3f17edb701b18766
BLAKE2b-256 8bbbcee7bfdc3e2cab0b697951a3043af48f5295e385fbbb6532b8dde43b2822

See more details on using hashes here.

Provenance

The following attestation bundles were made for agentguard_tech-0.1.1.tar.gz:

Publisher: publish-pypi.yml on AgentGuard-tech/agentguard

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file agentguard_tech-0.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for agentguard_tech-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 51b7656072839e1c8d2572b2092f2fe69a437a8584786189c15bdea7cdbb745a
MD5 49134c107fd009d08afe399e8791a033
BLAKE2b-256 7512143bbea32ce39ad20c0e67404cad16d0d3aaf3d6c9b6c9addf060e122cdc

See more details on using hashes here.

Provenance

The following attestation bundles were made for agentguard_tech-0.1.1-py3-none-any.whl:

Publisher: publish-pypi.yml on AgentGuard-tech/agentguard

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page