Python SDK for the Kevros Governance Gateway. Seven endpoints for autonomous agent control: verify (ALLOW/CLAMP/DENY), attest (hash-chained provenance), bind (cryptographic intent binding), bundle (compliance evidence export), scan (threat detection), media/attest (PQC-signed media certificates), and batch operations.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for kevros-governance from gravatar.com kevros-governance

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Other/Proprietary License (BSL-1.1)
  • Author: TaskHawk Systems
  • Tags a2a , agent-security , agent-to-agent , agent-trust , agent-verification , ai-governance , ai-safety , audit-trail , autogen , autonomous-agents , compliance , crewai , guardrails , langchain , mcp , openai , owasp-agentic , policy-enforcement , provenance , x402
  • Requires: Python >=3.9
  • Provides-Extra: langchain , mcp
Classifiers
Report project as malware

This project has been archived.

The maintainers of this project have marked this project as archived. No new releases are expected.

Project description

kevros

Python SDK for the Kevros Governance Gateway. Seven endpoints for autonomous agent control: verify (ALLOW/CLAMP/DENY), attest (hash-chained provenance), bind (cryptographic intent binding), bundle (compliance evidence export), scan (threat detection), media/attest (PQC-signed media certificates), and batch operations.

Installation

pip install kevros

Quick Start

from kevros import KevrosClient

# Zero config — auto-signs up for free tier (1,000 calls/month) on first use
# Key is cached at ~/.kevros/api_key for future sessions
client = KevrosClient()

# Verify an agent action against policy bounds
result = client.verify(
    agent_id="agent-001",
    action="transfer",
    parameters={"amount": 150.00, "recipient": "vendor-xyz"},
    context={"session_id": "abc123"}
)

if result.decision == "ALLOW":
    # Attest the decision with hash-chained provenance
    attestation = client.attest(
        decision_id=result.decision_id,
        evidence=result.evidence
    )
    print(f"Attestation hash: {attestation.hash}")
elif result.decision == "CLAMP":
    print(f"Action clamped: {result.clamped_parameters}")
else:
    print(f"Action denied: {result.reason}")

Endpoints

Endpoint Method Price Description
/governance/verify POST $0.01 Action verification. Returns signed ALLOW, CLAMP, or DENY.
/governance/attest POST $0.02 Provenance attestation. Hash-chained evidence trail.
/governance/bind POST $0.02 Cryptographic intent-to-command binding proof.
/governance/bundle POST $0.05 Compliance evidence export. Full audit chain.
/shield/scan POST $0.01 Threat detection and input validation.
/media/attest POST $0.05 PQC-signed media attestation certificate.
/governance/batch POST $0.01 Batch operations. Multiple calls, one request.

Payment Protocols

Three ways to pay. No vendor lock-in.

Protocol Rail Settlement
x402 USDC on Base Per-call. Coinbase Commerce + Cloudflare.
L402 Lightning Network Per-call. Instant sats, cryptographic token auth.
MPP / Stripe Tempo Fiat (USD) Subscription or credit packs via Stripe.

Pricing

Tier Monthly Included Calls
Free $0 10
Scout $29 5,000
Sentinel $149 50,000
Sovereign $499 500,000

1,000 calls/month free. No credit card required. Overage billed at standard per-call rates.

Core Concepts

Fail-closed by default. If the gateway is unreachable or returns an error, the SDK returns DENY. No silent failures. No open-by-default fallbacks.

Hash-chained provenance. Every attestation links to the previous one via SHA-256 chain. Tampering with any record breaks the chain and is detectable by any verifier.

Signed decisions. Every ALLOW, CLAMP, and DENY response is cryptographically signed. Decisions are independently verifiable without trusting the gateway.

Configuration

client = KevrosClient(
    api_key="your-api-key",
    base_url="https://governance.taskhawktech.com",  # default
    timeout=10,          # seconds
    fail_closed=True     # default; DENY on any error
)

Environment Variables

KEVROS_API_KEY=your-api-key
KEVROS_BASE_URL=https://governance.taskhawktech.com

Links

Resource URL
Gateway https://governance.taskhawktech.com
API Docs https://governance.taskhawktech.com/docs
Status https://governance.taskhawktech.com/status
Pricing https://governance.taskhawktech.com/upgrade

License

Proprietary. Copyright 2026 TaskHawk Systems, LLC.

CAGE Code 10YV4. SAM.gov registered. NIST 800-171 / DFARS 252.204-7012 aligned.

Contact

info@taskhawktech.com

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for kevros-governance from gravatar.com kevros-governance

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Other/Proprietary License (BSL-1.1)
  • Author: TaskHawk Systems
  • Tags a2a , agent-security , agent-to-agent , agent-trust , agent-verification , ai-governance , ai-safety , audit-trail , autogen , autonomous-agents , compliance , crewai , guardrails , langchain , mcp , openai , owasp-agentic , policy-enforcement , provenance , x402
  • Requires: Python >=3.9
  • Provides-Extra: langchain , mcp
Classifiers

Release history Release notifications | RSS feed

0.3.13 yanked

0.3.12 yanked

This version

0.3.11 yanked

0.3.10 yanked

0.3.9 yanked

0.3.8 yanked

0.3.7 yanked

0.3.6 yanked

0.3.4 yanked

0.3.3 yanked

0.3.2 yanked

0.3.1 yanked

0.3.0 yanked

0.2.3 yanked

0.2.2 yanked

0.2.1 yanked

0.2.0 yanked

0.1.0 yanked

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kevros-0.3.11.tar.gz (26.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

kevros-0.3.11-py3-none-any.whl (24.4 kB view details)

Uploaded Python 3

File details

Details for the file kevros-0.3.11.tar.gz.

File metadata

  • Download URL: kevros-0.3.11.tar.gz
  • Upload date:
  • Size: 26.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for kevros-0.3.11.tar.gz
Algorithm Hash digest
SHA256 0282291225cb14db31d0cb6eaa4bf10c519738c4dd3063cf9b1378b2850ac9d4
MD5 eb10d317f3994087de314c020523426a
BLAKE2b-256 a00bf617749a796db18d870c493f5825d632db25dfeb35c149a06c32142dfd21

See more details on using hashes here.

Provenance

The following attestation bundles were made for kevros-0.3.11.tar.gz:

Publisher: publish-sdk.yml on taskhawk-systems/kevros

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file kevros-0.3.11-py3-none-any.whl.

File metadata

  • Download URL: kevros-0.3.11-py3-none-any.whl
  • Upload date:
  • Size: 24.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for kevros-0.3.11-py3-none-any.whl
Algorithm Hash digest
SHA256 9bb7ed70b4367f4269e528ca96b91b3102e50fb7d3c0e517f14b1b55d1d93db1
MD5 6d4c316dd936349d65471ec3bf5a85d0
BLAKE2b-256 66daaebb95753d995fe5dfb27f38500710cc5753a7c7fefcf1b2fb778e2bb53a

See more details on using hashes here.

Provenance

The following attestation bundles were made for kevros-0.3.11-py3-none-any.whl:

Publisher: publish-sdk.yml on taskhawk-systems/kevros

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page