RadhiOps — BYOE AI Engineering Platform SDK
Project description
radhiops
The Python SDK for RadhiOps — the BYOE (Bring Your Own Everything) AI Engineering Platform.
pip install radhiops
# providers are optional extras — install only what you use:
pip install 'radhiops[openai]' # or [anthropic], [google], [huggingface], [all]
# ollama needs no extra (talks to your local server)
Quick start
from radhiops import RadhiOps
# New here? A demo key seeds 500 free credits, fully offline.
ops = RadhiOps(access_key="radhi_demo_yourtrialkey123")
# Run a local security audit (no AI, no network needed).
report = ops.soc.audit("./my-project")
print(report.counts()) # {'low': 0, 'medium': 1, 'high': 0, 'critical': 0}
print(report.passed) # gate result for pre-push / pre-deploy
# Bring your own model for AI-assisted remediation.
ops.use_model("openai", model="gpt-4o-mini", api_key="sk-...")
print(ops.soc.remediate(report))
# Or run a fully local model via Ollama — no API key:
ops.use_model("ollama", model="llama3.1")
Repo agent — Git in plain English
repo = ops.repo("./my-project")
repo.command("what changed?")
repo.command('commit "fix: handle null user"')
repo.command("create a new branch feature/login")
repo.command("merge dev into main")
# push() runs a RadhiSOC security gate first and BLOCKS on high/critical
# findings unless you explicitly override.
result = repo.push()
if not result.ok:
print(result.message) # e.g. "Security gate blocked the push: 1 finding"
Common verbs are parsed by rules (free, offline). Ambiguous phrasing falls back
to your BYOE model. Protected branches (main/master/prod) require
allow_protected=True, and force pushes use --force-with-lease.
radhiops repo "push my changes" --path ./my-project
radhiops repo "merge dev into main"
Deployment agent — BYOE deploy targets
Bring your own platform token. RadhiOps never stores it.
# Vercel / Netlify / Render / Railway / Surge
dep = ops.deploy("vercel", token="<vercel-token>", team_id="team_...")
dep.list(limit=5) # recent deployments (normalized)
d = dep.trigger() # kick a new deployment (where supported)
final = dep.watch(d.id) # poll until ready/failed
if final.status.failed:
diag = dep.diagnose(d.id) # rule-based + AI root-cause from the logs
print(diag.rule_based["suggestion"])
| Platform | name | Scope option | Triggers deploys |
|---|---|---|---|
| Vercel | vercel |
team_id (optional) |
via git integration |
| Netlify | netlify |
site_id |
yes (build) |
| Render | render |
service_id |
yes |
| Railway | railway |
service_id |
(monitor) |
| Surge | surge |
domain |
yes (CLI) |
The log diagnoser recognises common failures (missing modules, unset env vars, OOM, port conflicts, lockfile mismatches) with zero credits; anything it can't classify is escalated to your BYOE model.
radhiops deploy render status --id dep_123 --token $RENDER_TOKEN --opt service_id=srv_abc
radhiops deploy vercel diagnose --id dpl_123 --token $VERCEL_TOKEN
Runtime Monitor — production health & incidents
mon = ops.monitor()
mon.add_target("api", "https://myapp.com/health", contains="ok")
mon.add_target("web", "https://myapp.com")
mon.poll() # probe every target once
for inc in mon.evaluate(): # anomalies -> incidents
print(inc.severity, inc.summary, "->", inc.escalate_to)
# crash detection from a runtime log stream
crash = mon.ingest_logs("api", ["Traceback (most recent call last):", "MemoryError"])
# or run a monitoring loop with a callback per incident
mon.watch(rounds=10, interval=30, on_incident=lambda i: print(i.to_dict()))
Detects: endpoint down (consecutive failures), error-rate spikes, latency
degradation (p95), and runtime crashes (OOM, segfault, unhandled exceptions,
restart loops, DB connection failures). Each incident is tagged with the agent
that should handle it next (DeploymentAgent, CyberDefenseAgent), ready for
the autonomous loop. Thresholds are tunable via Thresholds.
Cyber Defense agent — runtime attack detection
Feed inbound requests through the guard; it returns an allow/challenge/block verdict and auto-blocklists serious offenders.
guard = ops.defense()
verdict = guard.analyze({
"ip": "203.0.113.9",
"path": "/search",
"query": "q=' UNION SELECT password FROM users--",
})
if verdict.blocked:
return Response(status=403)
# behavioral: repeated failed logins from one IP -> brute force / stuffing
verdict, incident = guard.inspect({"ip": "203.0.113.9", "auth_failed": True, "user": "admin"})
# framework hook
guard_fn = guard.middleware(on_block=lambda v: log.warning("blocked %s", v.ip))
Detects: SQL injection, XSS, SSRF, path traversal, command injection, header
(CRLF) injection, brute force, credential stuffing, rate-limit abuse, and DDoS.
Code-level attacks escalate to RadhiSOC (fix the code); volumetric attacks are
blocked directly. Scoring/thresholds are tunable via DefenseConfig.
CLI
export RADHIOPS_ACCESS_KEY=radhi_demo_yourtrialkey123
radhiops audit ./my-project
radhiops audit . --json
The audit command exits non-zero when high/critical findings are present, so
it drops straight into CI or a Kiro pre-push hook.
Supported model providers (BYOE)
| Provider | name | Needs key? | Extra |
|---|---|---|---|
| OpenAI / compatible | openai |
yes | [openai] |
| Anthropic | anthropic |
yes | [anthropic] |
| Google Gemini | google |
yes | [google] |
| Ollama (local) | ollama |
no | — |
| Hugging Face | huggingface |
yes | [huggingface] |
Register your own (e.g. an MCP-backed model) with
radhiops.register_provider("mymodel", MyProviderClass).
Status
Phase 0–5: BYOE model layer, access-key client, credit ledger (local + hosted), and all five agents — RadhiSOC (security), Repo (Git + pre-push gate), Deployment (multi-platform + log diagnosis), Runtime Monitor (health, anomalies, crashes), and Cyber Defense (runtime attack detection) — plus the Supabase backend. The autonomous cross-agent loop (incidents routing Monitor → Deployment → RadhiSOC → Repo automatically) is next.
Online vs offline
# Offline (default): local credit ledger, demo keys seeded with 500 credits.
ops = RadhiOps(access_key="radhi_demo_...")
# Online: validate + meter against the hosted backend (Supabase edge functions).
ops = RadhiOps(
access_key="radhi_live_...",
offline=False,
api_base="https://<project-ref>.supabase.co",
anon_key="<supabase-anon-key>",
)
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file radhiops-0.0.1.tar.gz.
File metadata
- Download URL: radhiops-0.0.1.tar.gz
- Upload date:
- Size: 56.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
11d695edc5e63b7e3ef8c87b9fd60911ddb3a2ea402cc1907c86af0f70e0c832
|
|
| MD5 |
4535b5872984c13cab4a3c38066cf5ee
|
|
| BLAKE2b-256 |
f43cefc6cfebeb7108dda639f3357d795852346d4203685f4e86894ba9c54da6
|
File details
Details for the file radhiops-0.0.1-py3-none-any.whl.
File metadata
- Download URL: radhiops-0.0.1-py3-none-any.whl
- Upload date:
- Size: 71.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
779800a3d1fda3983b7ce49e76f4b842f9a99d5fdfa3811271c7254da0bb186d
|
|
| MD5 |
cc5afdde3fd6cf58f83ac67b70d31bb2
|
|
| BLAKE2b-256 |
9fc2114adc47ce39128766920fc2f10bf201355536187c695bb064f1dd5232b1
|