FortSignal-secured Deep Agents — cryptographically safe coding agent
Project description
FortSignal DeepAgents
Deep Agents with FortSignal enforcement — every risky tool call cryptographically authorized before execution.
Every risky operation (file write, edit, execute, sub-task) is intercepted and routed through FortSignal's challenge/verify flow — only cryptographically signed intents reach your machine.
Verifiable Intent Pilot — Now Open
Running a small, high-touch pilot for teams building real agents. Natural language policies, cryptographically enforced agent behavior, full audit visibility.
👉 Client Guide →
Interested? Contact us or open an issue.
Before you start
- API key — Sign up at fortsignal.com/signup → Dashboard → API Keys. Your key starts with
fs_live_. - Register your agent — In the dashboard, create an agent and generate an Ed25519 keypair. Download the private key as
agent-key.json. - Approve a delegation — In the dashboard, approve a delegation with your passkey. Agent calls return
delegation_invaliduntil this is done.
Install
pip install fortsignal-deepagents
Quick Start
Agent mode (autonomous — Ed25519 signs each challenge automatically):
export FORTSIGNAL_API_KEY="fs_live_..."
export FORTSIGNAL_AGENT_ID="your-agent-id"
export FORTSIGNAL_AGENT_KEY="/path/to/agent-key.json"
fortsignal-deepagents --model "openai:gpt-4o"
Human mode (passkey approval required per risky action):
export FORTSIGNAL_API_KEY="fs_live_..."
export FORTSIGNAL_USER_ID="your-user-id"
fortsignal-deepagents --model "openai:gpt-4o"
One-shot prompt:
fortsignal-deepagents --model "openai:gpt-4o" --message "create hello.py with a greeting"
Agent key file
FORTSIGNAL_AGENT_KEY points to a JSON file with your Ed25519 private key:
{ "privateKey": "<base64url-encoded Ed25519 private key>" }
Generate from the dashboard (recommended), or create it manually:
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
import base64, json
key = Ed25519PrivateKey.generate()
priv = base64.urlsafe_b64encode(key.private_bytes_raw()).rstrip(b"=").decode()
pub = base64.urlsafe_b64encode(key.public_key().public_bytes_raw()).rstrip(b"=").decode()
with open("agent-key.json", "w") as f:
json.dump({"privateKey": priv}, f)
print("Public key to register:", pub)
Register the public key in the dashboard, then approve a delegation before running.
How it works
- Agent calls a risky tool → FortSignalMiddleware intercepts it
/challenge/start— challenge bound to exact action + target- Agent signs with Ed25519 (autonomous) or human signs with passkey (human-in-the-loop)
/challenge/verify— only verified intents execute
Risky tools intercepted: write_file, edit_file, execute, task, write_todos
Read-only tools pass through without any verification check.
Python API
from fortsignal_deepagents import create_fortsignal_deep_agent
agent = create_fortsignal_deep_agent(
model="openai:gpt-4o",
agent_id="my-agent-id",
agent_key_path="/path/to/agent-key.json",
)
Or use the middleware directly:
from fortsignal_deepagents import FortSignalMiddleware
from deepagents import create_deep_agent
middleware = FortSignalMiddleware(
agent_id="my-agent-id",
agent_key_path="/path/to/agent-key.json",
)
agent = create_deep_agent(model="openai:gpt-4o", middleware=[middleware])
Environment variables
| Variable | Required | Description |
|---|---|---|
FORTSIGNAL_API_KEY |
Yes | Your fs_live_... API key |
FORTSIGNAL_AGENT_ID |
Agent mode | Your registered agent ID |
FORTSIGNAL_AGENT_KEY |
Agent mode | Path to agent-key.json |
FORTSIGNAL_USER_ID |
Human mode | Your userId for passkey approval |
FORTSIGNAL_BASE_URL |
No | Override API base (default: https://api.fortsignal.com) |
FORTSIGNAL_LOG_LEVEL |
No | Log verbosity (default: WARNING) |
Development
git clone https://github.com/fortsignal/fortsignal-deepagents.git
cd fortsignal-deepagents
uv sync
uv run pytest
Full detail → api.fortsignal.com/docs
Tests
66 tests — all mock (middleware logic), no API key required.
Mock tests run offline and cover config, safe-tool passthrough, risky-tool interception, challenge/verify flow (agent + passkey modes), retry logic, API error handling, and middleware injection.
uv run pytest tests/ -v
Policy Setup
After creating an Agent Passport, create a policy in the FortSignal dashboard to define what the agent can do. Example for a coding agent:
| Setting | Value |
|---|---|
| Actions | edit_file, file_write, execute, write_file, task, write_todos |
Action recipients — execute |
cmd:git *, cmd:python*, cmd:uv *, cmd:pip *, cmd:pytest *, cmd:npm *, cmd:npx * |
Action recipients — task |
task:* |
The cmd: prefix is added automatically by the middleware to execute
commands so they match the per-action policy overrides. The task: prefix
is added similarly for task descriptions.
License
MIT © FortSignal
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fortsignal_deepagents-0.1.9.tar.gz.
File metadata
- Download URL: fortsignal_deepagents-0.1.9.tar.gz
- Upload date:
- Size: 19.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.11 {"installer":{"name":"uv","version":"0.11.11","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Fedora Linux","version":"43","id":"","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5bc9785954ec563bef85586bd34ce3a4bd31d4e699956b1dd90ea97dff10e84e
|
|
| MD5 |
70955ed26f0706bccda5df2f926d0d94
|
|
| BLAKE2b-256 |
53d4134516abdfc952fb8b77eb7a7d0516041e7d703b5f24e3ce52c2b32e0a8e
|
File details
Details for the file fortsignal_deepagents-0.1.9-py3-none-any.whl.
File metadata
- Download URL: fortsignal_deepagents-0.1.9-py3-none-any.whl
- Upload date:
- Size: 13.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.11 {"installer":{"name":"uv","version":"0.11.11","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Fedora Linux","version":"43","id":"","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
621841d46b94c9b6e0a69ac62f0ee64da4ab085d575b760a5cac67d85ee6e336
|
|
| MD5 |
575558daa8cc20989ed56fe376749950
|
|
| BLAKE2b-256 |
b913dd6d4b3041cbc9df24be0a71c2b97a2e851a010abefc9d03fa24d298e935
|
