Runtime security SDK for AI agents — guard tool calls in 1 line
Project description
Clampd Python SDK
Runtime security for AI agents. Guard every tool call — OpenAI, Anthropic, LangChain, Google ADK — in 1 line. Prompt and response scanning enabled by default.
Installation
pip install clampd
With framework extras:
pip install clampd[langchain] # LangChain callback handler
pip install clampd[mcp] # MCP server support
pip install clampd[all] # Everything
Quick Start
import clampd
from openai import OpenAI
# Configure once at startup
clampd.init(
agent_id="my-agent",
secret="ags_...", # from dashboard → Agent → Secret
gateway_url="http://localhost:8080",
api_key="ag_live_...",
)
# Wrap your OpenAI client — done
client = clampd.openai(OpenAI())
# Use it exactly like before. Clampd intercepts every tool call.
response = client.chat.completions.create(
model="gpt-4o",
messages=[{"role": "user", "content": "Look up active users"}],
tools=[...],
)
# Dangerous tool calls → blocked before execution
# Safe tool calls → proceed normally
# Prompts scanned before LLM, responses scanned after
What's New in 0.4.0
scan_inputandscan_outputnow default toTrue— prompts are scanned before the LLM call, responses are scanned after. Setscan_input=Falseto opt out.- 50 detection rules across 20 languages
- 7 compliance frameworks (HIPAA, GDPR, PCI-DSS, CCPA, SOC 2, EU AI Act, NIST AI RMF)
Configuration
Three ways to configure (pick one):
# Option 1: Environment variables
# export CLAMPD_GATEWAY_URL=http://localhost:8080
# export CLAMPD_API_KEY=ag_live_...
# export CLAMPD_AGENT_ID=my-agent
# export JWT_SECRET=ags_...
# Option 2: Global init (recommended)
clampd.init(agent_id="my-agent", secret="ags_...", gateway_url="...", api_key="...")
# Option 3: Inline per-call
@clampd.guard("db.query", agent_id="my-agent", secret="ags_...", gateway_url="...", api_key="...")
def query(sql): ...
Anthropic / Claude
import clampd
from anthropic import Anthropic
clampd.init(agent_id="my-agent", secret="ags_...")
client = clampd.anthropic(Anthropic())
response = client.messages.create(
model="claude-sonnet-4-20250514",
max_tokens=1024,
messages=[{"role": "user", "content": "..."}],
tools=[...],
)
LangChain
import clampd
handler = clampd.langchain(agent_id="my-agent", secret="ags_...")
result = executor.invoke(
{"input": "Look up active users"},
config={"callbacks": [handler]},
)
Google ADK
import clampd
from google.adk import Agent
agent = Agent(
tools=[...],
before_tool_callback=clampd.adk(agent_id="my-agent", secret="ags_..."),
)
Direct Guard (any function)
import clampd
clampd.init(agent_id="my-agent", secret="ags_...")
@clampd.guard("database.query")
def run_query(sql: str):
return db.execute(sql)
# With response checking (opt-in)
@clampd.guard("file_read", check_response=True)
def read_file(path: str):
return open(path).read()
run_query("SELECT * FROM users") # allowed
run_query("DROP TABLE users") # raises ClampdBlockedError
Scanning Options
# Defaults (v0.4.0+): scan_input=True, scan_output=True
client = clampd.openai(OpenAI(), agent_id="my-agent")
# Opt out of scanning
client = clampd.openai(OpenAI(),
agent_id="my-agent",
scan_input=False, # skip prompt scanning
scan_output=False, # skip response scanning
)
Error Handling
from clampd import ClampdBlockedError
try:
run_query("DROP TABLE users")
except ClampdBlockedError as e:
print(f"Blocked: {e}")
# e.risk_score, e.denial_reason, e.request_id
API Reference
| Function | Description |
|---|---|
clampd.init(...) |
Configure global client (once at startup) |
clampd.openai(client, **opts) |
Wrap OpenAI client (scan_input/scan_output on by default) |
clampd.anthropic(client, **opts) |
Wrap Anthropic client (scan_input/scan_output on by default) |
clampd.guard(tool_name, **opts) |
Decorator for any function |
clampd.langchain(...) |
LangChain callback handler |
clampd.adk(...) |
Google ADK before_tool_callback |
Requirements
- Python 3.10+
- A running Clampd gateway
License
BUSL-1.1
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
clampd-0.5.1.tar.gz
(44.3 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
clampd-0.5.1-py3-none-any.whl
(28.2 kB
view details)
File details
Details for the file clampd-0.5.1.tar.gz.
File metadata
- Download URL: clampd-0.5.1.tar.gz
- Upload date:
- Size: 44.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
76fe0c2ad2df4f51778b3d41fb930ccfcc359dc70627303819f91e6211ce25f7
|
|
| MD5 |
33bc72489d42b118923aeb6552abb1ff
|
|
| BLAKE2b-256 |
8c160755cb9ce04b1c3468c340e36d96e8c6a771cc50d56fb123e5fe3fc18a95
|
File details
Details for the file clampd-0.5.1-py3-none-any.whl.
File metadata
- Download URL: clampd-0.5.1-py3-none-any.whl
- Upload date:
- Size: 28.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3d9a46b11ca2884e08ba000a590f92c327683fb3ed5918384d1c41cb9d01d9b3
|
|
| MD5 |
38fa2d7e3435c29b384dde2db7517c91
|
|
| BLAKE2b-256 |
d4735575caf77d79dc464be3849d6eb01adb126c55efc68088799ac948e0c41f
|
