Skip to main content

Pluggable enforcement for AI agent actions. Inspect every tool call and block known-bad.

Project description

kaizen-security

Pluggable enforcement for AI agent actions. Inspect every tool call, skill load, or outbound connection, and block the known-bad before it reaches your data. Zero runtime dependencies.

Install

pip install kaizen-security

Quickstart

from kaizen_security import Kaizen

kz = Kaizen(api_key="kz_live_...")          # syncs policy from the control plane

verdict = kz.inspect(tool="clawhub2", publisher="hightower6eu", target="91.92.242.30")
if verdict.blocked:
    print(verdict.reason)                    # blocked by policy: blacklisted publisher, ...
    for f in verdict.evidence:
        print(f.kind, f.value)

Raise on a block instead of branching:

from kaizen_security import KaizenBlocked

try:
    kz.enforce(tool="clawhub2", publisher="hightower6eu")
except KaizenBlocked as e:
    handle(e.verdict)

Wrap a tool function:

@kz.guard
def call_tool(name, **kwargs):
    ...

Run it fully local, no account

from kaizen_security import Kaizen, Policy

policy = Policy(mode="blocklist", rules={
    "publishers": ["hightower6eu"],
    "ips": ["91.92.242.30"],
    "skill_patterns": [r"^clawhub[0-9]*$"],
})
kz = Kaizen(policies=[policy], report=False)

The contract

inspect(action) -> Verdict(decision, reason, evidence) where decision is allow or block. Enforcement runs locally for low latency. When an api_key is set, the client syncs policy from the control plane and reports verdicts back for the dashboard, fire and forget so it never adds latency.

Modes

  • blocklist: block on a match against blacklisted publishers, IPs, domains, skill patterns, or hashes.
  • allowlist: allow only approved publishers or tools, block the rest.
  • correlation: flag a risky session sequence, for example a sensitive read followed by an outbound connect.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kaizen_security-0.1.1.tar.gz (17.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

kaizen_security-0.1.1-py3-none-any.whl (17.7 kB view details)

Uploaded Python 3

File details

Details for the file kaizen_security-0.1.1.tar.gz.

File metadata

  • Download URL: kaizen_security-0.1.1.tar.gz
  • Upload date:
  • Size: 17.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for kaizen_security-0.1.1.tar.gz
Algorithm Hash digest
SHA256 fe797e64aa347e5a51c5e4726b65980b33947b74648fff8b3474c7baa5643c24
MD5 1ebaa47ca9464608ebeba29af8ac66ae
BLAKE2b-256 56abce9b90bb9606313f294cfee34f5a41407617a90e035b83e0d7e302b0b5a3

See more details on using hashes here.

File details

Details for the file kaizen_security-0.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for kaizen_security-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 5cc2f434713a1b7f4b7761f863ab01df3ede87e83d4dfa468eaa394701199469
MD5 01245843b4182c1979c753d6d858266b
BLAKE2b-256 550a7b3da2c8706a3f7791c425d20f300dd88fbbc031a7b791df50d4bbf7cb56

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page