Skip to main content

Pluggable enforcement for AI agent actions. Inspect every tool call and block known-bad.

Project description

kaizen-security

Pluggable enforcement for AI agent actions. Inspect every tool call, skill load, or outbound connection, and block the known-bad before it reaches your data. Zero runtime dependencies.

Install

pip install kaizen-security

Quickstart

from kaizen_security import Kaizen

kz = Kaizen(api_key="kz_live_...")          # syncs policy from the control plane

verdict = kz.inspect(tool="clawhub2", publisher="hightower6eu", target="91.92.242.30")
if verdict.blocked:
    print(verdict.reason)                    # blocked by policy: blacklisted publisher, ...
    for f in verdict.evidence:
        print(f.kind, f.value)

Raise on a block instead of branching:

from kaizen_security import KaizenBlocked

try:
    kz.enforce(tool="clawhub2", publisher="hightower6eu")
except KaizenBlocked as e:
    handle(e.verdict)

Wrap a tool function:

@kz.guard
def call_tool(name, **kwargs):
    ...

Run it fully local, no account

from kaizen_security import Kaizen, Policy

policy = Policy(mode="blocklist", rules={
    "publishers": ["hightower6eu"],
    "ips": ["91.92.242.30"],
    "skill_patterns": [r"^clawhub[0-9]*$"],
})
kz = Kaizen(policies=[policy], report=False)

The contract

inspect(action) -> Verdict(decision, reason, evidence) where decision is allow or block. Enforcement runs locally for low latency. When an api_key is set, the client syncs policy from the control plane and reports verdicts back for the dashboard, fire and forget so it never adds latency.

Modes

  • blocklist: block on a match against blacklisted publishers, IPs, domains, skill patterns, or hashes.
  • allowlist: allow only approved publishers or tools, block the rest.
  • correlation: flag a risky session sequence, for example a sensitive read followed by an outbound connect.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kaizen_security-0.1.0.tar.gz (15.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

kaizen_security-0.1.0-py3-none-any.whl (14.8 kB view details)

Uploaded Python 3

File details

Details for the file kaizen_security-0.1.0.tar.gz.

File metadata

  • Download URL: kaizen_security-0.1.0.tar.gz
  • Upload date:
  • Size: 15.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for kaizen_security-0.1.0.tar.gz
Algorithm Hash digest
SHA256 0b69b01c8f04ba46be6b1bfb5985b49c08c8924a17a2473aea11b32fe6c2b805
MD5 b5ed2c7f65a717d5a506931d14d1c8e1
BLAKE2b-256 277dc8dba5bc422aedba26a264072a44e092d556374f017e81d6d232b237d1bd

See more details on using hashes here.

File details

Details for the file kaizen_security-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for kaizen_security-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 c143c077ac48cda0e73771320161a846ef8f4bdf5b4654bcb619514f8daa8179
MD5 149ccc5acdf72cbfc2b0c056dfc29d72
BLAKE2b-256 d138ae6719a933db85bea2c242ac3ff210ea4e4d3f84ed4f3cb87ea15f320a19

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page