Pluggable enforcement for AI agent actions. Inspect every tool call and block known-bad.
Project description
kaizen-security
Pluggable enforcement for AI agent actions. Inspect every tool call, skill load, or outbound connection, and block the known-bad before it reaches your data. Zero runtime dependencies.
Install
pip install kaizen-security
Quickstart
from kaizen_security import Kaizen
kz = Kaizen(api_key="kz_live_...") # syncs policy from the control plane
verdict = kz.inspect(tool="clawhub2", publisher="hightower6eu", target="91.92.242.30")
if verdict.blocked:
print(verdict.reason) # blocked by policy: blacklisted publisher, ...
for f in verdict.evidence:
print(f.kind, f.value)
Raise on a block instead of branching:
from kaizen_security import KaizenBlocked
try:
kz.enforce(tool="clawhub2", publisher="hightower6eu")
except KaizenBlocked as e:
handle(e.verdict)
Wrap a tool function:
@kz.guard
def call_tool(name, **kwargs):
...
Run it fully local, no account
from kaizen_security import Kaizen, Policy
policy = Policy(mode="blocklist", rules={
"publishers": ["hightower6eu"],
"ips": ["91.92.242.30"],
"skill_patterns": [r"^clawhub[0-9]*$"],
})
kz = Kaizen(policies=[policy], report=False)
The contract
inspect(action) -> Verdict(decision, reason, evidence) where decision is allow or block. Enforcement runs locally for low latency. When an api_key is set, the client syncs policy from the control plane and reports verdicts back for the dashboard, fire and forget so it never adds latency.
Modes
blocklist: block on a match against blacklisted publishers, IPs, domains, skill patterns, or hashes.allowlist: allow only approved publishers or tools, block the rest.correlation: flag a risky session sequence, for example a sensitive read followed by an outbound connect.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file kaizen_security-0.1.1.tar.gz.
File metadata
- Download URL: kaizen_security-0.1.1.tar.gz
- Upload date:
- Size: 17.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fe797e64aa347e5a51c5e4726b65980b33947b74648fff8b3474c7baa5643c24
|
|
| MD5 |
1ebaa47ca9464608ebeba29af8ac66ae
|
|
| BLAKE2b-256 |
56abce9b90bb9606313f294cfee34f5a41407617a90e035b83e0d7e302b0b5a3
|
File details
Details for the file kaizen_security-0.1.1-py3-none-any.whl.
File metadata
- Download URL: kaizen_security-0.1.1-py3-none-any.whl
- Upload date:
- Size: 17.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5cc2f434713a1b7f4b7761f863ab01df3ede87e83d4dfa468eaa394701199469
|
|
| MD5 |
01245843b4182c1979c753d6d858266b
|
|
| BLAKE2b-256 |
550a7b3da2c8706a3f7791c425d20f300dd88fbbc031a7b791df50d4bbf7cb56
|