OpenBox SDK - Governance and observability for CrewAI agent workflows
Project description
OpenBox CrewAI SDK
openbox-crewai-sdk-python adds OpenBox governance, approvals, guardrails, and OpenTelemetry-backed operational telemetry to CrewAI crews and flows. When an agent is configured with an AIP DID and private key, governance requests are signed per agent.
Use it when you need to:
- evaluate tasks, LLM calls, and tool operations against OpenBox policy
- enforce approval flows from OpenBox verdicts
- apply input and output guardrails
- attach HTTP, database, and file telemetry to governed runs
- enable per-agent AIP request signing when DID credentials are configured
Requirements
- Python
>=3.10,<3.14 crewai >=1.14.1- an OpenBox account with each agent provisioned in the OpenBox Platform
When you provision an agent in the OpenBox Platform you receive:
- an OpenBox API URL
- an API key (
obx_live_...) - an AIP DID and one-time private key
Installation
pip install openbox-crewai-sdk-python
Required environment variables (one set per agent — the prefix matches the env_prefix passed to each OpenBoxAgent):
export OPENBOX_URL="<your OpenBox API URL>"
export OPENBOX_RESEARCHER_API_KEY="obx_live_..."
export OPENBOX_RESEARCHER_DID="did:aip:..."
export OPENBOX_RESEARCHER_PRIVATE_KEY="<base64 32-byte ed25519 seed>"
The DID and private key are returned once at agent creation and cannot be recovered later. If you enable AIP signing, store them with the same care as the API key.
Quick Start
from crewai import Crew, Process, Task
from crewai.agents.agent_builder.base_agent import BaseAgent
from crewai.project import CrewBase, agent, crew, task
from openbox import OpenBoxAgent, OpenBoxTask, create_openbox_engine
@CrewBase
class ResearchCrew:
agents: list[BaseAgent]
tasks: list[Task]
agents_config = "config/agents.yaml"
tasks_config = "config/tasks.yaml"
@agent
def researcher(self) -> OpenBoxAgent:
return OpenBoxAgent(
config=self.agents_config["researcher"], # type: ignore[index]
env_prefix="OPENBOX_RESEARCHER",
)
@task
def quick_research(self) -> OpenBoxTask:
return OpenBoxTask(
config=self.tasks_config["quick_research"], # type: ignore[index]
activity_type="research",
)
@crew
def crew(self) -> Crew:
return Crew(
name="research-crew",
agents=self.agents,
tasks=self.tasks,
process=Process.sequential,
)
with create_openbox_engine() as engine:
governed_crew = engine.govern(ResearchCrew().crew())
result = governed_crew.kickoff()
create_openbox_engine() is the recommended production entrypoint. It:
- resolves and validates SDK configuration
- constructs the shared OpenBox runtime and governance config
- installs HTTP, database, and (opt-in) file-IO instrumentation
- yields an engine that wraps standard CrewAI crews via
engine.govern(crew) - tears down instrumentation on context-manager exit
OpenBoxAgent, OpenBoxTask, and engine.govern(crew) opt a crew in to governance. Plain Agent and Task instances skip governance.
Runtime Model
The SDK emits two categories of OpenBox payloads:
- boundary task events:
ActivityStarted,ActivityCompleted - signal events:
SignalReceivedfor HITL resume and agent output
It also captures operational spans for:
- HTTP requests
- supported database libraries
- file operations when file instrumentation is enabled
- LLM calls
Important production behavior:
- when DID credentials are configured, governance requests are signed with the agent's AIP DID and verified by OpenBox before evaluation
- on OpenBox API errors the configured fallback policy decides whether execution halts or continues
Configuration Highlights
Most applications only need a small part of the config surface:
| Option | Default | Use it to |
|---|---|---|
api_url |
required | point the SDK at your OpenBox API URL |
governance_policy |
"fail_open" |
decide whether OpenBox outages should halt execution |
governance_timeout |
30.0 |
cap the time the SDK waits for an OpenBox verdict |
hitl_enabled |
True |
enable approval suspension and polling flows |
send_task_start_event |
True |
emit ActivityStarted |
send_task_completed_event |
True |
emit ActivityCompleted |
instrument_databases |
True |
capture supported database activity |
instrument_file_io |
False |
enable file operation telemetry when required |
debug_log |
False |
verbose SDK logging |
See docs/configuration.md for the complete surface.
Production Guidance
- Decide explicitly between
fail_openandfail_closedbefore deployment. - Give every agent its own
env_prefix— never share API keys or DIDs across agents. - If you enable AIP signing, treat the private key with the same care as the API key. It is returned once at provisioning and is unrecoverable; rotate it in the OpenBox Platform if compromised.
- Keep
instrument_file_iodisabled until you have a concrete file-governance requirement.
Documentation
- docs/installation.md: installation, startup, and shutdown
- docs/configuration.md: configuration surface, env vars, and defaults
- docs/architecture.md: runtime architecture and data flow
- docs/events-and-telemetry.md: event types, HTTP/DB/file capture, signals
- docs/approvals-and-guardrails.md: verdict enforcement, approvals, and guardrails
- docs/security-and-privacy.md: transport, AIP signing, capture boundaries
- docs/troubleshooting.md: common failures and diagnostics
- docs/api-reference.md: public API summary
Public API Summary
Top-level exports include:
create_openbox_engine()andcreate_openbox_flow()OpenBoxAgent,OpenBoxTask,GovernedCrew,OpenBoxEngineGovernanceConfig,GovernanceResponse,Verdict- error types:
OpenBoxError,OpenBoxConfigError,OpenBoxAuthError,OpenBoxNetworkError,OpenBoxInsecureURLError,GovernanceAPIError,GovernanceHaltError,GovernanceBlockedError,GovernanceApprovalExpiredError
See docs/api-reference.md for the full reference.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file openbox_crewai_sdk_python-1.0.0.tar.gz.
File metadata
- Download URL: openbox_crewai_sdk_python-1.0.0.tar.gz
- Upload date:
- Size: 386.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e6abf6ae5aa3ab3d051c018d511692824fe82ac521d5908a1f5f415220ac98f4
|
|
| MD5 |
79d71ab8c2bf5266386dd94abbd58bbc
|
|
| BLAKE2b-256 |
aa9f8a79655ef6232d04db81e660578bbdd771d6a538ef7ab416ae8735d15f4c
|
Provenance
The following attestation bundles were made for openbox_crewai_sdk_python-1.0.0.tar.gz:
Publisher:
release.yml on OpenBox-AI/openbox-crewai-sdk-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
openbox_crewai_sdk_python-1.0.0.tar.gz -
Subject digest:
e6abf6ae5aa3ab3d051c018d511692824fe82ac521d5908a1f5f415220ac98f4 - Sigstore transparency entry: 2010721159
- Sigstore integration time:
-
Permalink:
OpenBox-AI/openbox-crewai-sdk-python@5f8dacb0a11157b4877efcd624650e4a400b34da -
Branch / Tag:
refs/tags/1.0.0 - Owner: https://github.com/OpenBox-AI
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5f8dacb0a11157b4877efcd624650e4a400b34da -
Trigger Event:
push
-
Statement type:
File details
Details for the file openbox_crewai_sdk_python-1.0.0-py3-none-any.whl.
File metadata
- Download URL: openbox_crewai_sdk_python-1.0.0-py3-none-any.whl
- Upload date:
- Size: 60.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9fdb697611d2933aad1b1d56bbc62a49e9df7063fe93206731f88bfb969e9be4
|
|
| MD5 |
cf2889907653b31a2211ac6c5412d020
|
|
| BLAKE2b-256 |
2952228e47cb5f6ab751f37531da41a6b44b21db3abad0f408f43c03515a855e
|
Provenance
The following attestation bundles were made for openbox_crewai_sdk_python-1.0.0-py3-none-any.whl:
Publisher:
release.yml on OpenBox-AI/openbox-crewai-sdk-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
openbox_crewai_sdk_python-1.0.0-py3-none-any.whl -
Subject digest:
9fdb697611d2933aad1b1d56bbc62a49e9df7063fe93206731f88bfb969e9be4 - Sigstore transparency entry: 2010721409
- Sigstore integration time:
-
Permalink:
OpenBox-AI/openbox-crewai-sdk-python@5f8dacb0a11157b4877efcd624650e4a400b34da -
Branch / Tag:
refs/tags/1.0.0 - Owner: https://github.com/OpenBox-AI
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5f8dacb0a11157b4877efcd624650e4a400b34da -
Trigger Event:
push
-
Statement type: