Skip to main content

CrewAI integration for GaaS (Governance as a Service)

Project description

gaas-crewai

GaaS (Governance as a Service) integration for CrewAI.

Every tool call is governed before it executes: the adapter submits a governance intent to GaaS, and only an APPROVE (or an approved escalation) lets the tool run. On BLOCK the wrapped tool never executes and GovernanceBlockedError is raised from the tool.

pip install gaas-crewai[crewai]

Quickstart

from crewai import Agent
from gaas_crewai import govern_tools, GaaSGovernanceConfig

config = GaaSGovernanceConfig(api_key="gsk_...", agent_id="my-crew-agent")

researcher = Agent(
    role="researcher",
    goal="Find and share accurate information",
    backstory="...",
    tools=govern_tools([search_tool, email_tool], config=config),
)

Works with hand-written BaseTool subclasses and @tool-decorated functions alike. Name, description, and args_schema are preserved — the agent sees an identical tool.

Verdict flow

tool call → GaaS intent → ┌─────────┐
                          │ APPROVE │ → tool executes
                          │ BLOCK   │ → GovernanceBlockedError; tool never runs
                          │ ESCALATE│ → raises by default; hold-and-poll optional
                          └─────────┘

Honest enforcement note: inside a running Crew, CrewAI's tool-usage loop catches tool exceptions and surfaces them to the agent as an error observation (it may retry). The blocked action still never executes — each retry submits a fresh intent that is re-blocked, and every attempt lands on the signed audit chain server-side. For hard-stop semantics, catch GovernanceBlockedError where you invoke the crew or use the GaaS deviation/auto-suspend controls.

Configuration

from gaas_crewai import GaaSGovernanceConfig

config = GaaSGovernanceConfig(
    api_url="https://api.gaas.is",    # GaaS API endpoint
    api_key="gsk_...",                # Your API key
    agent_id="my-crew-agent",         # Agent identifier (appears in audit trail)
    block_on_escalate=True,           # Raise GovernanceBlockedError on ESCALATE
    timeout_seconds=5.0,              # Governance check timeout (fail open on timeout)
    sensitivity="INTERNAL",           # Default sensitivity level for tool inputs
    raise_on_governance_error=False,  # Fail open if GaaS API is unreachable
    extra_regulatory_domains=["HIPAA"],   # Additional domains for all intents
    extra_data_categories=["PHI"],        # Additional data categories for all intents
    hold_on_escalate=False,           # Wait for the human decision on ESCALATE
    escalation_poll_seconds=5.0,      # Poll interval while holding
    escalation_max_wait_seconds=600.0,  # Give up (treat as timeout) after this
)

Hold-and-Poll on ESCALATE

With hold_on_escalate=True, an ESCALATE verdict no longer raises immediately. The tool call holds while GaaS routes the escalation to a human reviewer, polling until it is decided:

  • approve / modify — the tool executes.
  • deny — raises GovernanceBlockedError with verdict ESCALATE_DENY.
  • timeout — raises GovernanceBlockedError with verdict ESCALATE_TIMEOUT.

hold_on_escalate takes precedence over block_on_escalate. Transient polling errors are retried until the deadline.

Handling blocked calls

from gaas_crewai import GovernanceBlockedError

try:
    result = governed_tool.run(to="all-customers@list", subject="...")
except GovernanceBlockedError as err:
    print(err.verdict)                  # BLOCK / ESCALATE / ESCALATE_DENY / ESCALATE_TIMEOUT
    print(err.decision_id)              # audit reference
    print(err.blocking_policies)        # policy IDs that triggered the block
    print(err.governance_proof_token)   # GPT token ID for the legal audit trail

Links

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gaas_crewai-0.1.0.tar.gz (13.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gaas_crewai-0.1.0-py3-none-any.whl (10.0 kB view details)

Uploaded Python 3

File details

Details for the file gaas_crewai-0.1.0.tar.gz.

File metadata

  • Download URL: gaas_crewai-0.1.0.tar.gz
  • Upload date:
  • Size: 13.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for gaas_crewai-0.1.0.tar.gz
Algorithm Hash digest
SHA256 c316330d5ad1231fd1aacd723bf7db8723e1baf434b2db3d143ecd55003774f0
MD5 912bb2b5382759aa51795320f8b5d416
BLAKE2b-256 4e271afd6e45c64678496cb89e9f5c97d56af3733999294f8bad7cbff3c7866e

See more details on using hashes here.

File details

Details for the file gaas_crewai-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: gaas_crewai-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 10.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for gaas_crewai-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 ae9d0d337f61da2fe692dc52dc448a845b07b2f8130b2e15cf8a004a9f353347
MD5 5d22f42c9c1e391a5e0ae4760ee9cefa
BLAKE2b-256 a8814b52235f5557635305d83081a0de5a111a1579b968ef6de7471201fb062b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page