Skip to main content

The accountability layer for AI agents โ€” trace, explain, and circuit-break multi-agent pipelines.

Project description

AgentTrace Logo

AgentTrace ๐Ÿ›ก๏ธ

The open-source circuit breaker for multi-agent AI pipelines.
Trace every action. Block hallucinations. Short-circuit before damage propagates.

PyPI version npm version MIT License Tests


"Agent 1 made an error. Agent 2 built on it. Agent 3 executed it. All three returned status 200. Nobody knew."

AgentTrace is the circuit breaker your AI pipeline is missing.


Why AgentTrace

Everyone else AgentTrace
Observability (logs what happened) Accountability (blocks what shouldn't happen)
Single-agent guardrails Cross-agent circuit breaker
Cloud-dependent Zero-cloud, local NDJSON, self-hosted forever
Post-mortem debugging Pre-mortem intervention

Quick Start โ€” Python

pip install ai-agenttrace
# With OpenAI explainer support:
pip install "ai-agenttrace[openai]"
import asyncio
from agenttrace import AgentTrace, AgentTraceOptions

guard = AgentTrace(AgentTraceOptions(
    rules=["block_pii_leakage", "block_harmful_content", "block_hallucination"],
    persist=True,  # saves to .agenttrace/traces.ndjson
))

async def my_agent(prompt: str) -> str:
    # your LLM call here
    return "Agent response..."

async def main():
    result = await guard.guard_fn(
        lambda: my_agent("Process customer request"),
        original_input="Process customer request"
    )

    if result.blocked:
        print(f"BLOCKED: {result.reason}")
        print(f"Risk: {result.risk_level}")
        print(f"Audit ID: {result.audit_id}")
    else:
        print(result.result)        # safe to use
        print(result.explanation)   # "Agent processed refund. Risk: LOW."

asyncio.run(main())

Multi-Agent Pipeline โ€” Circuit Breaker

The key feature: when Agent 1 (researcher) is blocked, Agent 2 (drafter) and Agent 3 (executor) never run.

from agenttrace import AgentTrace, AgentTraceOptions, AgentPipeline, PipelineStage

pipeline = AgentPipeline(
    name="medical-decision-support",
    agents=[
        PipelineStage(
            name="researcher",
            guard=AgentTrace(AgentTraceOptions(
                rules=["block_hallucination"],
                context=["Metformin max dose: 2000mg/day per FDA."],
            )),
            agent=researcher_agent,
        ),
        PipelineStage(
            name="drafter",
            guard=AgentTrace(AgentTraceOptions(rules=["block_pii_leakage"])),
            agent=drafter_agent,
        ),
        PipelineStage(
            name="executor",
            guard=AgentTrace(AgentTraceOptions(rules=["require_human_approval"])),
            agent=executor_agent,
        ),
    ],
    on_stage_complete=lambda name, result: print(f"[{name}] {'โ›” BLOCKED' if result.blocked else 'โœ… OK'}"),
)

result = await pipeline.run("Patient needs medication review")

if result.short_circuited:
    print(f"Pipeline blocked at: {result.blocked_at}")
    print(f"Downstream agents were NOT run.")
else:
    print(f"All {len(result.stages)} stages completed.")

AgentPipeline is available in Python as of v2.1 โ€” full parity with TypeScript.


Built-in Rules

14 rules covering safety, privacy, security, and compliance โ€” all run in parallel with <1ms overhead on the happy path.

Rule Category Severity
block_pii_leakage Privacy HIGHโ€“CRITICAL
block_special_category_data Privacy (GDPR Art 9) HIGHโ€“CRITICAL
block_harmful_content Safety HIGHโ€“CRITICAL
block_medical_advice Professional CRITICAL
block_legal_advice Professional HIGH
block_financial_advice Professional HIGH
block_hallucination Quality / Grounding HIGH
block_prompt_injection Security (OWASP LLM01) CRITICAL
block_system_prompt_leakage Security (OWASP LLM07) HIGH
block_discrimination Fairness (EU Charter) CRITICAL
block_manipulation EU AI Act Art 5 HIGHโ€“CRITICAL
block_ai_identity_deception EU AI Act Art 50 CRITICAL
require_human_approval Oversight HIGHโ€“CRITICAL
block_token_budget_exceeded Resource (OWASP LLM10) HIGHโ€“CRITICAL

Compliance Bundles

from agenttrace import AgentTrace, AgentTraceOptions

# Pre-configured bundles โ€” no need to list rules manually
guard = AgentTrace(AgentTraceOptions(
    rules="OWASP_LLM",   # or: EU_AI_ACT | HEALTHCARE | FINANCE | ALL
))

Available bundles: EU_AI_ACT, OWASP_LLM, HEALTHCARE, FINANCE, ALL


Hallucination Detection

The block_hallucination rule checks outputs against your provided context โ€” no LLM needed:

result = await guard.guard_fn(
    lambda: my_agent(prompt),
    original_input=prompt,
    # Pass your RAG context so the rule can check grounding:
    # context=["The maximum dose is 2000mg per day per FDA guidelines."]
)
# If agent says "8000mg" โ†’ CRITICAL, confidence 0.98, BLOCKED

Detection approach:

  • Splits output into sentences
  • Finds factual assertion markers
  • Extracts numeric values and unit-normalizes them
  • Computes word-overlap with provided context
  • Mismatch โ†’ violation with confidence score

Audit Trail

Every run is stored in .agenttrace/traces.ndjson โ€” append-only, local, zero cloud:

{
  "audit_id": "1a552b8e-ddb0-4e0e-b05a-bb3ea38a2a0f",
  "blocked": true,
  "risk_level": "CRITICAL",
  "violations": [{"rule": "block_hallucination", "severity": "CRITICAL"}],
  "timestamp": "2026-05-30T09:42:11.334Z"
}

View the live dashboard:

# Install Node.js package for the dashboard CLI
npx @hackerx333/agenttrace ui
# Opens at http://localhost:5173

Shadow Mode

Detect violations without blocking โ€” for production monitoring before you enforce:

guard = AgentTrace(AgentTraceOptions(
    rules=["block_pii_leakage", "block_hallucination"],
    enforcement_mode="shadow",   # logs violations, never blocks
    persist=True,
))

Wrapping a LangChain Agent

from langchain.agents import initialize_agent
from agenttrace import AgentTrace, AgentTraceOptions

agent = initialize_agent(tools, llm, agent=AgentType.ZERO_SHOT_REACT_DESCRIPTION)
guard = AgentTrace(AgentTraceOptions(rules=["block_pii_leakage", "block_harmful_content"]))

# Wrap the agent โ€” same interface, now accountable
safe_agent = guard.wrap(agent)
result = await safe_agent.invoke("Process this customer request")

Architecture

Your Agent
    โ”‚
    โ–ผ  (Python wrap / guard_fn)
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚              AgentTrace               โ”‚
โ”‚                                       โ”‚
โ”‚  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”‚
โ”‚  โ”‚  Tracer  โ”‚  โ”‚  Rule Engine      โ”‚  โ”‚
โ”‚  โ”‚  (steps) โ”‚  โ”‚  (asyncio gather) โ”‚  โ”‚
โ”‚  โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ”‚  14 built-in rulesโ”‚  โ”‚
โ”‚                โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ”‚
โ”‚  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”‚
โ”‚  โ”‚ Explainerโ”‚  โ”‚  Store            โ”‚  โ”‚
โ”‚  โ”‚(optional)โ”‚  โ”‚  (.ndjson local)  โ”‚  โ”‚
โ”‚  โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
    โ”‚
    โ–ผ
GuardedResult {
  blocked, reason, explanation,
  risk_level, audit_id, audit_trail,
  violations, result
}

TypeScript / Node.js SDK

For the full feature set including AgentPipeline (circuit breaker), real-time dashboard, and 200+ tests:

npm install @hackerx333/agenttrace
npx @hackerx333/agenttrace ui   # launch dashboard

โ†’ GitHub ยท npm


Roadmap

  • v2.1 โ€” Hash-chain audit trail, input validation, rate limiting, Python AgentPipeline โœ…
  • v2.2 โ€” Semantic hallucination detection (embedding similarity)
  • v3.0 โ€” Cloud dashboard + team access

License

MIT ยฉ 2026 AgentTrace Contributors

โ†’ GitHub ยท Issues ยท Changelog

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ai_agenttrace-2.1.0.tar.gz (14.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ai_agenttrace-2.1.0-py3-none-any.whl (15.5 kB view details)

Uploaded Python 3

File details

Details for the file ai_agenttrace-2.1.0.tar.gz.

File metadata

  • Download URL: ai_agenttrace-2.1.0.tar.gz
  • Upload date:
  • Size: 14.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.0

File hashes

Hashes for ai_agenttrace-2.1.0.tar.gz
Algorithm Hash digest
SHA256 056bc1361ef51f95952b248ce82552479c53df4a43c89f42c25926efcd34df34
MD5 41a9a8585061e777b20e8cfdbb4950a7
BLAKE2b-256 4f2abfd3886cdc06ba82ddd2447033e3f00667c95bbd4fdb1064103257ad7eda

See more details on using hashes here.

File details

Details for the file ai_agenttrace-2.1.0-py3-none-any.whl.

File metadata

  • Download URL: ai_agenttrace-2.1.0-py3-none-any.whl
  • Upload date:
  • Size: 15.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.0

File hashes

Hashes for ai_agenttrace-2.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 ca8f1ec73418e530f1122d41ff25f032c06311bd1d435aa87a0ba7dc0659732b
MD5 2bbc33d4e3278e9640417f48ed183b23
BLAKE2b-256 69888b9ddd10c385be6df2302d3e416c33bd3bd03686a6ab8f2e47e494924abc

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page