Skip to main content

Pluggable enforcement for AI agent actions. Inspect every tool call and block known-bad.

Project description

kaizen-security

Pluggable enforcement for AI agent actions. Inspect every tool call, skill load, or outbound connection, and block the known-bad before it reaches your data. Zero runtime dependencies.

Install

pip install kaizen-security

Quickstart

from kaizen_security import Kaizen

kz = Kaizen(api_key="kz_live_...")          # syncs policy from the control plane

verdict = kz.inspect(tool="clawhub2", publisher="hightower6eu", target="91.92.242.30")
if verdict.blocked:
    print(verdict.reason)                    # blocked by policy: blacklisted publisher, ...
    for f in verdict.evidence:
        print(f.kind, f.value)

Raise on a block instead of branching:

from kaizen_security import KaizenBlocked

try:
    kz.enforce(tool="clawhub2", publisher="hightower6eu")
except KaizenBlocked as e:
    handle(e.verdict)

Wrap a tool function:

@kz.guard
def call_tool(name, **kwargs):
    ...

Run it fully local, no account

from kaizen_security import Kaizen, Policy

policy = Policy(mode="blocklist", rules={
    "publishers": ["hightower6eu"],
    "ips": ["91.92.242.30"],
    "skill_patterns": [r"^clawhub[0-9]*$"],
})
kz = Kaizen(policies=[policy], report=False)

The contract

inspect(action) -> Verdict(decision, reason, evidence) where decision is allow or block. Enforcement runs locally for low latency. When an api_key is set, the client syncs policy from the control plane and reports verdicts back for the dashboard, fire and forget so it never adds latency.

Modes

  • blocklist: block on a match against blacklisted publishers, IPs, domains, skill patterns, or hashes.
  • allowlist: allow only approved publishers or tools, block the rest.
  • correlation: flag a risky session sequence, for example a sensitive read followed by an outbound connect.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kaizen_security-0.1.2.tar.gz (17.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

kaizen_security-0.1.2-py3-none-any.whl (17.8 kB view details)

Uploaded Python 3

File details

Details for the file kaizen_security-0.1.2.tar.gz.

File metadata

  • Download URL: kaizen_security-0.1.2.tar.gz
  • Upload date:
  • Size: 17.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for kaizen_security-0.1.2.tar.gz
Algorithm Hash digest
SHA256 46585415f4f88cae4972cb84d59d8886d28d6a8a5ca21870649bddfe78195796
MD5 df24cbba4e4a1aae508e605424c26a5d
BLAKE2b-256 9e81d2d0bb873d3f1bdb3ead84fef5c02bf8ed1fcf2d63e8f9ad7f377f918c2a

See more details on using hashes here.

File details

Details for the file kaizen_security-0.1.2-py3-none-any.whl.

File metadata

File hashes

Hashes for kaizen_security-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 82935c2b74674c223115ef78372b7c899a9a0c83a997c40bb82f1d361023d20a
MD5 2dcdf4eafb365aae5e53b37aa65782de
BLAKE2b-256 57c9df6f84e356cba8a3add76f2015899c1469c9dbf61237c6999ca6ab230d23

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page