Skip to main content

Humanbound — open-source AI agent red-team engine, SDK, and CLI.

Project description

Humanbound

humanbound

Open-source AI agent red-team engine, SDK, and CLI.
Runs locally or against the Humanbound Platform. No login required to start.

Quick Start · CLI · SDK · Documentation · Contributing

PyPI version Python versions Downloads CI License Discord Docs


📖 Full documentation lives at docs.humanbound.ai — this README covers the essentials; the docs have the depth.

Quick Start

Install

pip install humanbound                       # CLI + SDK, core deps
pip install humanbound[engine]               # + OpenAI / Anthropic / Gemini providers
pip install humanbound[firewall]             # + humanbound-firewall runtime
pip install humanbound[engine,firewall]      # everything

CLI usage

# Configure your LLM provider
export HB_PROVIDER=openai
export HB_API_KEY=sk-...

# Run a security test
hb test --endpoint ./bot-config.json --repo . --wait

# View results
hb posture                         # security score (0-100, A-F)
hb logs                            # conversation logs
hb report -o report.html           # HTML report
hb guardrails -o rules.yaml        # firewall rules

Full air-gap with Ollama — zero external API calls:

export HB_PROVIDER=ollama
export HB_MODEL=llama3.1:8b
hb test --endpoint ./bot-config.json --scope ./scope.yaml --wait

Python SDK

from humanbound import Bot, LocalRunner, OwaspAgentic, TestingLevel, EngineCallbacks

# Compose your own test pipeline
bot = Bot(endpoint="https://my-agent/chat", api_key="...")

class Callbacks(EngineCallbacks):
    def on_finding(self, insight): ...
    def on_progress(self, pct): ...

runner = LocalRunner()
# See docs.humanbound.ai for the full example

Stability contract

Import path Stability
from humanbound import X Stable — semver-protected
from humanbound.<module> import Y Stable — semver-protected
from humanbound_cli.* import Z Internal — may change any release, do not import from user code

The full Tier-by-Tier walkthrough, orchestrator authoring guide, Platform integration, and API reference all live on docs.humanbound.ai.

What's shipping in 2.0

  • Clean name: humanbound is the new PyPI install. The old humanbound-cli package is a discontinued transitional stub (final release 1.2.2 depends on humanbound>=2.0.2); please install humanbound directly.
  • Public SDK namespace alongside the CLI — use the CLI or drive the engine from Python. Both share the same implementation, so they can't drift.
  • Firewall integration: pip install humanbound[firewall] pulls the renamed humanbound-firewall (formerly hb-firewall) alongside the CLI.

See CHANGELOG.md for the full 2.0.0 release notes.

Contributing

Contributions welcome. See CONTRIBUTING.md for the dev loop, release process, and CLA requirement (see CLA.md).

Telemetry

The hb CLI sends anonymous usage data to help us improve it. Disable with hb telemetry disable, HB_TELEMETRY_DISABLED=1, or DO_NOT_TRACK=1. Full disclosure: PRIVACY.md.

License

Apache-2.0. Free to use in any context — commercial or open-source — with attribution. See TRADEMARK.md for the trademark policy. The code is open; the name is not.

The sibling project humanbound-firewall is also Apache-2.0 — same license, different product.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

humanbound-2.4.0.tar.gz (253.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

humanbound-2.4.0-py3-none-any.whl (302.5 kB view details)

Uploaded Python 3

File details

Details for the file humanbound-2.4.0.tar.gz.

File metadata

  • Download URL: humanbound-2.4.0.tar.gz
  • Upload date:
  • Size: 253.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for humanbound-2.4.0.tar.gz
Algorithm Hash digest
SHA256 91733dc6bb7217b7da0cbe0e12d7facd3ff227570aae5006445577914941aa33
MD5 8ad3afe80c80d48dae5c90a5b36608de
BLAKE2b-256 e0894f61710421b7f1d350538dcee9c8add5bf7443a6d9b8b56a36cef194de80

See more details on using hashes here.

Provenance

The following attestation bundles were made for humanbound-2.4.0.tar.gz:

Publisher: release.yml on humanbound/humanbound

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file humanbound-2.4.0-py3-none-any.whl.

File metadata

  • Download URL: humanbound-2.4.0-py3-none-any.whl
  • Upload date:
  • Size: 302.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for humanbound-2.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b668a109613a52e6a36b7a8bb444a2e6ca4dc8a4c5c136f05213b01b16ef6a85
MD5 1d41ec03629ef6c77c78a222531becf4
BLAKE2b-256 c85d814cf2fabf1fc551938954729564363948b55972e70a1ebe7d7ca7c1cca0

See more details on using hashes here.

Provenance

The following attestation bundles were made for humanbound-2.4.0-py3-none-any.whl:

Publisher: release.yml on humanbound/humanbound

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page