The accountability layer for AI agents โ trace, explain, and circuit-break multi-agent pipelines.
Project description
AgentTrace ๐ก๏ธ
The open-source circuit breaker for multi-agent AI pipelines.
Trace every action. Block hallucinations. Short-circuit before damage propagates.
"Agent 1 made an error. Agent 2 built on it. Agent 3 executed it. All three returned status 200. Nobody knew."
AgentTrace is the circuit breaker your AI pipeline is missing.
Why AgentTrace
| Everyone else | AgentTrace |
|---|---|
| Observability (logs what happened) | Accountability (blocks what shouldn't happen) |
| Single-agent guardrails | Cross-agent circuit breaker |
| Cloud-dependent | Zero-cloud, local NDJSON, self-hosted forever |
| Post-mortem debugging | Pre-mortem intervention |
Quick Start โ Python
pip install ai-agenttrace
# With OpenAI explainer support:
pip install "ai-agenttrace[openai]"
import asyncio
from agenttrace import AgentTrace, AgentTraceOptions
guard = AgentTrace(AgentTraceOptions(
rules=["block_pii_leakage", "block_harmful_content", "block_hallucination"],
persist=True, # saves to .agenttrace/traces.ndjson
))
async def my_agent(prompt: str) -> str:
# your LLM call here
return "Agent response..."
async def main():
result = await guard.guard_fn(
lambda: my_agent("Process customer request"),
original_input="Process customer request"
)
if result.blocked:
print(f"BLOCKED: {result.reason}")
print(f"Risk: {result.risk_level}")
print(f"Audit ID: {result.audit_id}")
else:
print(result.result) # safe to use
print(result.explanation) # "Agent processed refund. Risk: LOW."
asyncio.run(main())
Multi-Agent Pipeline โ Circuit Breaker
The key feature: when Agent 1 (researcher) is blocked, Agent 2 (drafter) and Agent 3 (executor) never run.
# TypeScript/Node version has full AgentPipeline โ Python parity in v3.0
# For now, compose manually:
result_1 = await guard.guard_fn(researcher_agent, input)
if result_1.blocked:
print(f"Pipeline halted at researcher โ {result_1.risk_level}")
# executor never runs
else:
result_2 = await guard.guard_fn(executor_agent, result_1.result)
Full
AgentPipelinePython class (with automatic circuit-breaking) is coming in v3.0. Use the Node.js/TypeScript SDK for full pipeline support today.
Built-in Rules
13 rules covering safety, privacy, security, and compliance โ all run in parallel with < 1ms overhead on the happy path.
| Rule | Category | Severity |
|---|---|---|
block_pii_leakage |
Privacy | HIGHโCRITICAL |
block_special_category_data |
Privacy (GDPR Art 9) | HIGHโCRITICAL |
block_harmful_content |
Safety | HIGHโCRITICAL |
block_medical_advice |
Professional | CRITICAL |
block_legal_advice |
Professional | HIGH |
block_financial_advice |
Professional | HIGH |
block_hallucination |
Quality / Grounding | HIGH |
block_prompt_injection |
Security (OWASP LLM01) | CRITICAL |
block_system_prompt_leakage |
Security (OWASP LLM07) | HIGH |
block_discrimination |
Fairness (EU Charter) | CRITICAL |
block_manipulation |
EU AI Act Art 5 | HIGHโCRITICAL |
block_ai_identity_deception |
EU AI Act Art 50 | CRITICAL |
require_human_approval |
Oversight | HIGHโCRITICAL |
Compliance Bundles
from agenttrace import AgentTrace, AgentTraceOptions
# Pre-configured bundles โ no need to list rules manually
guard = AgentTrace(AgentTraceOptions(
rules="OWASP_LLM", # or: EU_AI_ACT | HEALTHCARE | FINANCE | ALL
))
Available bundles: EU_AI_ACT, OWASP_LLM, HEALTHCARE, FINANCE, ALL
Hallucination Detection
The block_hallucination rule checks outputs against your provided context โ no LLM needed:
result = await guard.guard_fn(
lambda: my_agent(prompt),
original_input=prompt,
# Pass your RAG context so the rule can check grounding:
# context=["The maximum dose is 2000mg per day per FDA guidelines."]
)
# If agent says "8000mg" โ CRITICAL, confidence 0.98, BLOCKED
Detection approach:
- Splits output into sentences
- Finds factual assertion markers
- Extracts numeric values and unit-normalizes them
- Computes word-overlap with provided context
- Mismatch โ violation with confidence score
Audit Trail
Every run is stored in .agenttrace/traces.ndjson โ append-only, local, zero cloud:
{
"audit_id": "1a552b8e-ddb0-4e0e-b05a-bb3ea38a2a0f",
"blocked": true,
"risk_level": "CRITICAL",
"violations": [{"rule": "block_hallucination", "severity": "CRITICAL"}],
"timestamp": "2026-05-30T09:42:11.334Z"
}
View the live dashboard:
# Install Node.js package for the dashboard CLI
npx @hackerx333/agenttrace ui
# Opens at http://localhost:5173
Shadow Mode
Detect violations without blocking โ for production monitoring before you enforce:
guard = AgentTrace(AgentTraceOptions(
rules=["block_pii_leakage", "block_hallucination"],
enforcement_mode="shadow", # logs violations, never blocks
persist=True,
))
Wrapping a LangChain Agent
from langchain.agents import initialize_agent
from agenttrace import AgentTrace, AgentTraceOptions
agent = initialize_agent(tools, llm, agent=AgentType.ZERO_SHOT_REACT_DESCRIPTION)
guard = AgentTrace(AgentTraceOptions(rules=["block_pii_leakage", "block_harmful_content"]))
# Wrap the agent โ same interface, now accountable
safe_agent = guard.wrap(agent)
result = await safe_agent.invoke("Process this customer request")
Architecture
Your Agent
โ
โผ (Python wrap / guard_fn)
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ AgentTrace โ
โ โ
โ โโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโ โ
โ โ Tracer โ โ Rule Engine โ โ
โ โ (steps) โ โ (asyncio gather) โ โ
โ โโโโโโโโโโโโ โ 13 built-in rulesโ โ
โ โโโโโโโโโโโโโโโโโโโโโ โ
โ โโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโ โ
โ โ Explainerโ โ Store โ โ
โ โ(optional)โ โ (.ndjson local) โ โ
โ โโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โผ
GuardedResult {
blocked, reason, explanation,
risk_level, audit_id, audit_trail,
violations, result
}
TypeScript / Node.js SDK
For the full feature set including AgentPipeline (circuit breaker), real-time dashboard, and 191 tests:
npm install @hackerx333/agenttrace
npx @hackerx333/agenttrace ui # launch dashboard
Roadmap
- v2.1 โ Tamper-proof SHA-256 hash-chain audit trail
- v2.2 โ Input validation (block prompt injection before it reaches the model)
- v2.3 โ Semantic hallucination detection (embedding similarity)
- v3.0 โ Full
AgentPipelinein Python (circuit breaker parity with TypeScript) - v3.1 โ Cloud dashboard + team access
License
MIT ยฉ 2026 AgentTrace Contributors
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ai_agenttrace-2.0.1.tar.gz.
File metadata
- Download URL: ai_agenttrace-2.0.1.tar.gz
- Upload date:
- Size: 10.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9ab6ad8033c7d19f7664e962d698287a8412e274933bbc3613dcd80febff9aca
|
|
| MD5 |
7c7778814c6adf8bf9d993bf14270b91
|
|
| BLAKE2b-256 |
ce5e64e43c75517b72407c2bd0911c27cfb73cb856df0aea801cd4f665bdec53
|
File details
Details for the file ai_agenttrace-2.0.1-py3-none-any.whl.
File metadata
- Download URL: ai_agenttrace-2.0.1-py3-none-any.whl
- Upload date:
- Size: 12.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ed84317e4fb308b9873105793c996cb00853096a43bf3a21cf3654590020dc54
|
|
| MD5 |
239c5caccc85bab841acc19ff937b57c
|
|
| BLAKE2b-256 |
977a21582737208d002508b1d4f5a0d0c15a5271a18732929c6e65b0478f1db7
|