A developer-first, high-performance, deterministic reverse proxy middleware for AI agent tool execution
Project description
Argala
Argala is a developer-first, high-performance, deterministic reverse proxy middleware that sits inline with an agent's tool-execution loop. It strips safety away from the unstable LLM context layer and moves it into an un-bypassable, compiled execution boundary.
Overview
When developers give an LLM agent live tools (such as database connections, payment gateways, or shell access), they rely on system prompts to keep it safe (e.g., "You are a safe assistant, never delete tables"). However, system prompts are probabilistic suggestions, not deterministic rules. AI agents encounter execution errors, try to resolve them autonomously, hallucinate, and frequently bypass their own safety logic to be "helpful."
Argala solves this by intercepting tool calls before they reach the execution layer and evaluating them against a deterministic security policy.
Architecture
APPLICATION LAYER (Python: CrewAI / LangChain Core)
- Single line initialization: protect_tools()
│
(Zero-copy memory bridge via PyO3)
▼
PYO3 BINDING LAYER
│
▼
RUST RUNTIME ENGINE
- High-throughput pattern matching & string analysis
- Policy evaluation against local policy configuration
Installation
pip install argala-guard
Usage
from argala import ArgalaEngine, protect_tools
# Define your tools
def execute_sql_query(query_string: str):
return f"Executed: {query_string}"
# Define security policy
policy = {
"allowed_methods": ["execute_sql_query"],
"denied_patterns": ["DROP", "DELETE", "TRUNCATE"]
}
# Protect your tools
protected_tools = protect_tools([execute_sql_query], policy)
# Use protected tools
# protected_tools[0]("SELECT * FROM users") # OK
# protected_tools[0]("DROP TABLE users") # Blocked
# Or build the engine directly from TOML policy file
engine = ArgalaEngine.from_policy_file("argala_policy.toml")
# engine.inspect_payload("execute_sql_query", ("SELECT 1",)) # True
Configuration
The security policy can be defined:
- directly in a Python dictionary with:
allowed_methods: List of allowed method namesdenied_patterns: List of patterns to block (case-insensitive substring matching)- or in
argala_policy.toml(sample provided in this repository)
Development
To develop locally:
- Install Rust and Python development tools
- Install maturin:
pip install maturin - Build in development mode:
maturin develop - Run tests:
pytest test_argala_blocking.py
Troubleshooting Python 3.13 / PyO3 version mismatch
If maturin develop reports pyo3-ffi v0.20.3 and says Python 3.13 is newer than supported:
- ensure
Cargo.tomlusespyo3 = "0.22.6"or newer, - and refresh your lock/dependency resolution:
cargo update -p pyo3 -p pyo3-ffi -p pyo3-build-config- then rerun
maturin develop.
License
Apache License 2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distributions
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file argala-0.1.0-cp311-cp311-win_amd64.whl.
File metadata
- Download URL: argala-0.1.0-cp311-cp311-win_amd64.whl
- Upload date:
- Size: 882.8 kB
- Tags: CPython 3.11, Windows x86-64
- Uploaded using Trusted Publishing? Yes
- Uploaded via: maturin/1.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
75f77703e9b0523bc9b7ee2f5040fc57904540e6b508b428cc20dc523083328c
|
|
| MD5 |
003f02d73abbc2cb55ff23d57faa16a0
|
|
| BLAKE2b-256 |
951bb60284745246fbc800af993687c5542254133c0d1eab3e29110bf086677d
|
File details
Details for the file argala-0.1.0-cp311-cp311-macosx_11_0_arm64.whl.
File metadata
- Download URL: argala-0.1.0-cp311-cp311-macosx_11_0_arm64.whl
- Upload date:
- Size: 977.7 kB
- Tags: CPython 3.11, macOS 11.0+ ARM64
- Uploaded using Trusted Publishing? Yes
- Uploaded via: maturin/1.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b75f1f7ccca20ef1b358685a0ccbb0cf2c792ccd1b463200d201971abe1d916f
|
|
| MD5 |
ceb4b379cdc6479ba5bf116931736f37
|
|
| BLAKE2b-256 |
1bd50243ce09eb46d6df2c8c892dced5f20d19123618d53ec0179a4469cb4832
|
File details
Details for the file argala-0.1.0-cp310-cp310-macosx_11_0_arm64.whl.
File metadata
- Download URL: argala-0.1.0-cp310-cp310-macosx_11_0_arm64.whl
- Upload date:
- Size: 977.7 kB
- Tags: CPython 3.10, macOS 11.0+ ARM64
- Uploaded using Trusted Publishing? Yes
- Uploaded via: maturin/1.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c9df453eb3858e9dfe9872093ff1e878906831fae0edb07693d500523c896b69
|
|
| MD5 |
f4ba181b0332e8643a97baad77b80839
|
|
| BLAKE2b-256 |
641738cf041dbfe601c15bbf70e0ebf2ebc5df853e2cc7002bfb37b191bcb8d3
|
File details
Details for the file argala-0.1.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.
File metadata
- Download URL: argala-0.1.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
- Upload date:
- Size: 1.1 MB
- Tags: CPython 3.9, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? Yes
- Uploaded via: maturin/1.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
68c52cddcc204eae84dc9793180dffcb1de90db3580b6bf609019402bd8b32ab
|
|
| MD5 |
f6b86ce836c2b89752603b53dbeeaec6
|
|
| BLAKE2b-256 |
fc0477649c3f97554420bd60aa6e327bf9bf6c90e2664a84d1359c9f930afc41
|
