Skip to main content

The accountability layer for AI agents โ€” trace, explain, and circuit-break multi-agent pipelines.

Project description

AgentTrace Logo

AgentTrace ๐Ÿ›ก๏ธ

The open-source circuit breaker for multi-agent AI pipelines.
Trace every action. Block hallucinations. Short-circuit before damage propagates.

PyPI version npm version MIT License Tests


"Agent 1 made an error. Agent 2 built on it. Agent 3 executed it. All three returned status 200. Nobody knew."

AgentTrace is the circuit breaker your AI pipeline is missing.


Why AgentTrace

Everyone else AgentTrace
Observability (logs what happened) Accountability (blocks what shouldn't happen)
Single-agent guardrails Cross-agent circuit breaker
Cloud-dependent Zero-cloud, local NDJSON, self-hosted forever
Post-mortem debugging Pre-mortem intervention

Quick Start โ€” Python

pip install ai-agenttrace
# With OpenAI explainer support:
pip install "ai-agenttrace[openai]"
import asyncio
from agenttrace import AgentTrace, AgentTraceOptions

guard = AgentTrace(AgentTraceOptions(
    rules=["block_pii_leakage", "block_harmful_content", "block_hallucination"],
    persist=True,  # saves to .agenttrace/traces.ndjson
))

async def my_agent(prompt: str) -> str:
    # your LLM call here
    return "Agent response..."

async def main():
    result = await guard.guard_fn(
        lambda: my_agent("Process customer request"),
        original_input="Process customer request"
    )

    if result.blocked:
        print(f"BLOCKED: {result.reason}")
        print(f"Risk: {result.risk_level}")
        print(f"Audit ID: {result.audit_id}")
    else:
        print(result.result)        # safe to use
        print(result.explanation)   # "Agent processed refund. Risk: LOW."

asyncio.run(main())

Multi-Agent Pipeline โ€” Circuit Breaker

The key feature: when Agent 1 (researcher) is blocked, Agent 2 (drafter) and Agent 3 (executor) never run.

# TypeScript/Node version has full AgentPipeline โ€” Python parity in v3.0
# For now, compose manually:

result_1 = await guard.guard_fn(researcher_agent, input)
if result_1.blocked:
    print(f"Pipeline halted at researcher โ€” {result_1.risk_level}")
    # executor never runs
else:
    result_2 = await guard.guard_fn(executor_agent, result_1.result)

Full AgentPipeline Python class (with automatic circuit-breaking) is coming in v3.0. Use the Node.js/TypeScript SDK for full pipeline support today.


Built-in Rules

13 rules covering safety, privacy, security, and compliance โ€” all run in parallel with < 1ms overhead on the happy path.

Rule Category Severity
block_pii_leakage Privacy HIGHโ€“CRITICAL
block_special_category_data Privacy (GDPR Art 9) HIGHโ€“CRITICAL
block_harmful_content Safety HIGHโ€“CRITICAL
block_medical_advice Professional CRITICAL
block_legal_advice Professional HIGH
block_financial_advice Professional HIGH
block_hallucination Quality / Grounding HIGH
block_prompt_injection Security (OWASP LLM01) CRITICAL
block_system_prompt_leakage Security (OWASP LLM07) HIGH
block_discrimination Fairness (EU Charter) CRITICAL
block_manipulation EU AI Act Art 5 HIGHโ€“CRITICAL
block_ai_identity_deception EU AI Act Art 50 CRITICAL
require_human_approval Oversight HIGHโ€“CRITICAL

Compliance Bundles

from agenttrace import AgentTrace, AgentTraceOptions

# Pre-configured bundles โ€” no need to list rules manually
guard = AgentTrace(AgentTraceOptions(
    rules="OWASP_LLM",   # or: EU_AI_ACT | HEALTHCARE | FINANCE | ALL
))

Available bundles: EU_AI_ACT, OWASP_LLM, HEALTHCARE, FINANCE, ALL


Hallucination Detection

The block_hallucination rule checks outputs against your provided context โ€” no LLM needed:

result = await guard.guard_fn(
    lambda: my_agent(prompt),
    original_input=prompt,
    # Pass your RAG context so the rule can check grounding:
    # context=["The maximum dose is 2000mg per day per FDA guidelines."]
)
# If agent says "8000mg" โ†’ CRITICAL, confidence 0.98, BLOCKED

Detection approach:

  • Splits output into sentences
  • Finds factual assertion markers
  • Extracts numeric values and unit-normalizes them
  • Computes word-overlap with provided context
  • Mismatch โ†’ violation with confidence score

Audit Trail

Every run is stored in .agenttrace/traces.ndjson โ€” append-only, local, zero cloud:

{
  "audit_id": "1a552b8e-ddb0-4e0e-b05a-bb3ea38a2a0f",
  "blocked": true,
  "risk_level": "CRITICAL",
  "violations": [{"rule": "block_hallucination", "severity": "CRITICAL"}],
  "timestamp": "2026-05-30T09:42:11.334Z"
}

View the live dashboard:

# Install Node.js package for the dashboard CLI
npx @hackerx333/agenttrace ui
# Opens at http://localhost:5173

Shadow Mode

Detect violations without blocking โ€” for production monitoring before you enforce:

guard = AgentTrace(AgentTraceOptions(
    rules=["block_pii_leakage", "block_hallucination"],
    enforcement_mode="shadow",   # logs violations, never blocks
    persist=True,
))

Wrapping a LangChain Agent

from langchain.agents import initialize_agent
from agenttrace import AgentTrace, AgentTraceOptions

agent = initialize_agent(tools, llm, agent=AgentType.ZERO_SHOT_REACT_DESCRIPTION)
guard = AgentTrace(AgentTraceOptions(rules=["block_pii_leakage", "block_harmful_content"]))

# Wrap the agent โ€” same interface, now accountable
safe_agent = guard.wrap(agent)
result = await safe_agent.invoke("Process this customer request")

Architecture

Your Agent
    โ”‚
    โ–ผ  (Python wrap / guard_fn)
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚              AgentTrace               โ”‚
โ”‚                                       โ”‚
โ”‚  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”‚
โ”‚  โ”‚  Tracer  โ”‚  โ”‚  Rule Engine      โ”‚  โ”‚
โ”‚  โ”‚  (steps) โ”‚  โ”‚  (asyncio gather) โ”‚  โ”‚
โ”‚  โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ”‚  13 built-in rulesโ”‚  โ”‚
โ”‚                โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ”‚
โ”‚  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”  โ”‚
โ”‚  โ”‚ Explainerโ”‚  โ”‚  Store            โ”‚  โ”‚
โ”‚  โ”‚(optional)โ”‚  โ”‚  (.ndjson local)  โ”‚  โ”‚
โ”‚  โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜  โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
    โ”‚
    โ–ผ
GuardedResult {
  blocked, reason, explanation,
  risk_level, audit_id, audit_trail,
  violations, result
}

TypeScript / Node.js SDK

For the full feature set including AgentPipeline (circuit breaker), real-time dashboard, and 191 tests:

npm install @hackerx333/agenttrace
npx @hackerx333/agenttrace ui   # launch dashboard

โ†’ GitHub ยท npm


Roadmap

  • v2.1 โ€” Tamper-proof SHA-256 hash-chain audit trail
  • v2.2 โ€” Input validation (block prompt injection before it reaches the model)
  • v2.3 โ€” Semantic hallucination detection (embedding similarity)
  • v3.0 โ€” Full AgentPipeline in Python (circuit breaker parity with TypeScript)
  • v3.1 โ€” Cloud dashboard + team access

License

MIT ยฉ 2026 AgentTrace Contributors

โ†’ GitHub ยท Issues ยท Changelog

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ai_agenttrace-2.0.1.tar.gz (10.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ai_agenttrace-2.0.1-py3-none-any.whl (12.4 kB view details)

Uploaded Python 3

File details

Details for the file ai_agenttrace-2.0.1.tar.gz.

File metadata

  • Download URL: ai_agenttrace-2.0.1.tar.gz
  • Upload date:
  • Size: 10.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.0

File hashes

Hashes for ai_agenttrace-2.0.1.tar.gz
Algorithm Hash digest
SHA256 9ab6ad8033c7d19f7664e962d698287a8412e274933bbc3613dcd80febff9aca
MD5 7c7778814c6adf8bf9d993bf14270b91
BLAKE2b-256 ce5e64e43c75517b72407c2bd0911c27cfb73cb856df0aea801cd4f665bdec53

See more details on using hashes here.

File details

Details for the file ai_agenttrace-2.0.1-py3-none-any.whl.

File metadata

  • Download URL: ai_agenttrace-2.0.1-py3-none-any.whl
  • Upload date:
  • Size: 12.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.0

File hashes

Hashes for ai_agenttrace-2.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 ed84317e4fb308b9873105793c996cb00853096a43bf3a21cf3654590020dc54
MD5 239c5caccc85bab841acc19ff937b57c
BLAKE2b-256 977a21582737208d002508b1d4f5a0d0c15a5271a18732929c6e65b0478f1db7

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page