OpenAI Agents SDK integration for LatchGate — execution security kernel for AI agents
Project description
latchgate-openai-agents
OpenAI Agents SDK integration for LatchGate — execution security kernel for AI agents.
Every tool call goes through LatchGate's enforcement pipeline: auth => policy => WASM sandbox => verification => signed receipt. The LLM never holds credentials and never contacts external systems directly.
Installation
pip install latchgate-openai-agents
Requires a running LatchGate instance:
curl -fsSL https://raw.githubusercontent.com/latchgate-ai/latchgate/main/install.sh | bash && latchgate up
Quick start
from agents import Agent, Runner
from latchgate_openai_agents import latchgate_tools
async def main():
tools = await latchgate_tools(gate_url="http://localhost:3000")
agent = Agent(
name="Secure Worker",
instructions="You have access to LatchGate-protected tools with full audit trail.",
tools=tools,
)
result = await Runner.run(agent, "Fetch https://httpbin.org/get")
print(result.final_output)
API
latchgate_tools(**kwargs)
Async factory — discovers actions and returns FunctionTool instances:
tools = await latchgate_tools(
gate_url="http://localhost:3000", # Required (or set LATCHGATE_URL)
agent_id="my-agent", # Default: "openai-agents"
include={"http_fetch", "database"}, # Optional
exclude={"send_message"}, # Optional
on_audit=my_audit_callback, # Optional: receipt callback
)
agent = Agent(name="Worker", tools=tools)
latchgate_tools_from_descriptors(descriptors, *, client)
Create tools from pre-fetched descriptors (no network):
from latchgate_openai_agents import latchgate_tools_from_descriptors, ActionDescriptor
create_tool(descriptor, client)
Create a single FunctionTool from an ActionDescriptor:
from latchgate_openai_agents import create_tool
Error handling
LatchGate errors are returned as structured strings (not raised):
| LatchGate error | Tool returns |
|---|---|
| Policy denied | "ERROR: Action '...' denied: {reason}..." |
| Approval required | "ERROR: ... requires human approval..." (approval_id emitted via log, not to the model) |
| Budget exhausted | "ERROR: Budget exhausted..." |
| Invalid JSON input | "ERROR: Invalid JSON input..." |
| Transport / infra | "ERROR: LatchGate error..." |
Output format
Tool output is a JSON string containing only the action result. Enforcement metadata (receipt ID, trace ID, verification) is never returned to the model — it is emitted at INFO log level and via the optional on_audit callback.
{"status": 200, "body": "{...}"}
License
Apache-2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file latchgate_openai_agents-0.1.0.tar.gz.
File metadata
- Download URL: latchgate_openai_agents-0.1.0.tar.gz
- Upload date:
- Size: 88.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d3c8f3a35f6e5e05788245449168e2d32743c5f678165d40d85ed29db8cffbd8
|
|
| MD5 |
17c70d4c612fed9b3b11f06add8af89f
|
|
| BLAKE2b-256 |
3b8844678510042b2dfea5fee4865ea964326cd48e328194a6546be920f29d39
|
File details
Details for the file latchgate_openai_agents-0.1.0-py3-none-any.whl.
File metadata
- Download URL: latchgate_openai_agents-0.1.0-py3-none-any.whl
- Upload date:
- Size: 11.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
aa2f2c7aa9212b209998e890d088126f9de16b8f9bea1be5dfa2a6d1753c1879
|
|
| MD5 |
68a30d7feac2f5a2c39a47e84ac53095
|
|
| BLAKE2b-256 |
d3604fee6160e80a33b1778eaef10febe5ac122feea45551a428c14bdc4a1540
|
