Skip to main content

RadhiOps — BYOE AI Engineering Platform SDK

Project description

radhiops

The Python SDK for RadhiOps — the BYOE (Bring Your Own Everything) AI Engineering Platform.

pip install radhiops
# providers are optional extras — install only what you use:
pip install 'radhiops[openai]'        # or [anthropic], [google], [huggingface], [all]
# ollama needs no extra (talks to your local server)

Quick start

from radhiops import RadhiOps

# New here? A demo key seeds 500 free credits, fully offline.
ops = RadhiOps(access_key="radhi_demo_yourtrialkey123")

# Run a local security audit (no AI, no network needed).
report = ops.soc.audit("./my-project")
print(report.counts())          # {'low': 0, 'medium': 1, 'high': 0, 'critical': 0}
print(report.passed)            # gate result for pre-push / pre-deploy

# Bring your own model for AI-assisted remediation.
ops.use_model("openai", model="gpt-4o-mini", api_key="sk-...")
print(ops.soc.remediate(report))

# Or run a fully local model via Ollama — no API key:
ops.use_model("ollama", model="llama3.1")

Repo agent — Git in plain English

repo = ops.repo("./my-project")

repo.command("what changed?")
repo.command('commit "fix: handle null user"')
repo.command("create a new branch feature/login")
repo.command("merge dev into main")

# push() runs a RadhiSOC security gate first and BLOCKS on high/critical
# findings unless you explicitly override.
result = repo.push()
if not result.ok:
    print(result.message)   # e.g. "Security gate blocked the push: 1 finding"

Common verbs are parsed by rules (free, offline). Ambiguous phrasing falls back to your BYOE model. Protected branches (main/master/prod) require allow_protected=True, and force pushes use --force-with-lease.

radhiops repo "push my changes" --path ./my-project
radhiops repo "merge dev into main"

Deployment agent — BYOE deploy targets

Bring your own platform token. RadhiOps never stores it.

# Vercel / Netlify / Render / Railway / Surge
dep = ops.deploy("vercel", token="<vercel-token>", team_id="team_...")

dep.list(limit=5)                  # recent deployments (normalized)
d = dep.trigger()                  # kick a new deployment (where supported)
final = dep.watch(d.id)            # poll until ready/failed
if final.status.failed:
    diag = dep.diagnose(d.id)      # rule-based + AI root-cause from the logs
    print(diag.rule_based["suggestion"])
Platform name Scope option Triggers deploys
Vercel vercel team_id (optional) via git integration
Netlify netlify site_id yes (build)
Render render service_id yes
Railway railway service_id (monitor)
Surge surge domain yes (CLI)

The log diagnoser recognises common failures (missing modules, unset env vars, OOM, port conflicts, lockfile mismatches) with zero credits; anything it can't classify is escalated to your BYOE model.

radhiops deploy render status --id dep_123 --token $RENDER_TOKEN --opt service_id=srv_abc
radhiops deploy vercel diagnose --id dpl_123 --token $VERCEL_TOKEN

Runtime Monitor — production health & incidents

mon = ops.monitor()
mon.add_target("api", "https://myapp.com/health", contains="ok")
mon.add_target("web", "https://myapp.com")

mon.poll()                         # probe every target once
for inc in mon.evaluate():         # anomalies -> incidents
    print(inc.severity, inc.summary, "->", inc.escalate_to)

# crash detection from a runtime log stream
crash = mon.ingest_logs("api", ["Traceback (most recent call last):", "MemoryError"])

# or run a monitoring loop with a callback per incident
mon.watch(rounds=10, interval=30, on_incident=lambda i: print(i.to_dict()))

Detects: endpoint down (consecutive failures), error-rate spikes, latency degradation (p95), and runtime crashes (OOM, segfault, unhandled exceptions, restart loops, DB connection failures). Each incident is tagged with the agent that should handle it next (DeploymentAgent, CyberDefenseAgent), ready for the autonomous loop. Thresholds are tunable via Thresholds.

Cyber Defense agent — runtime attack detection

Feed inbound requests through the guard; it returns an allow/challenge/block verdict and auto-blocklists serious offenders.

guard = ops.defense()

verdict = guard.analyze({
    "ip": "203.0.113.9",
    "path": "/search",
    "query": "q=' UNION SELECT password FROM users--",
})
if verdict.blocked:
    return Response(status=403)

# behavioral: repeated failed logins from one IP -> brute force / stuffing
verdict, incident = guard.inspect({"ip": "203.0.113.9", "auth_failed": True, "user": "admin"})

# framework hook
guard_fn = guard.middleware(on_block=lambda v: log.warning("blocked %s", v.ip))

Detects: SQL injection, XSS, SSRF, path traversal, command injection, header (CRLF) injection, brute force, credential stuffing, rate-limit abuse, and DDoS. Code-level attacks escalate to RadhiSOC (fix the code); volumetric attacks are blocked directly. Scoring/thresholds are tunable via DefenseConfig.

CLI

export RADHIOPS_ACCESS_KEY=radhi_demo_yourtrialkey123
radhiops audit ./my-project
radhiops audit . --json

The audit command exits non-zero when high/critical findings are present, so it drops straight into CI or a Kiro pre-push hook.

Supported model providers (BYOE)

Provider name Needs key? Extra
OpenAI / compatible openai yes [openai]
Anthropic anthropic yes [anthropic]
Google Gemini google yes [google]
Ollama (local) ollama no
Hugging Face huggingface yes [huggingface]

Register your own (e.g. an MCP-backed model) with radhiops.register_provider("mymodel", MyProviderClass).

Status

Phase 0–5: BYOE model layer, access-key client, credit ledger (local + hosted), and all five agents — RadhiSOC (security), Repo (Git + pre-push gate), Deployment (multi-platform + log diagnosis), Runtime Monitor (health, anomalies, crashes), and Cyber Defense (runtime attack detection) — plus the Supabase backend. The autonomous cross-agent loop (incidents routing Monitor → Deployment → RadhiSOC → Repo automatically) is next.

Online vs offline

# Offline (default): local credit ledger, demo keys seeded with 500 credits.
ops = RadhiOps(access_key="radhi_demo_...")

# Online: validate + meter against the hosted backend (Supabase edge functions).
ops = RadhiOps(
    access_key="radhi_live_...",
    offline=False,
    api_base="https://<project-ref>.supabase.co",
    anon_key="<supabase-anon-key>",
)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

radhiops-0.0.2.tar.gz (68.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

radhiops-0.0.2-py3-none-any.whl (81.5 kB view details)

Uploaded Python 3

File details

Details for the file radhiops-0.0.2.tar.gz.

File metadata

  • Download URL: radhiops-0.0.2.tar.gz
  • Upload date:
  • Size: 68.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for radhiops-0.0.2.tar.gz
Algorithm Hash digest
SHA256 20941b7fbf39f4115398797e4c131422d5e702fdd29a08484d858abde7ec1ea4
MD5 06394d99dc9c56340071ccf640b46429
BLAKE2b-256 7061b77795a210f7c871928816f6dbda66b72b562739cb8ab1c1801ebe02763e

See more details on using hashes here.

File details

Details for the file radhiops-0.0.2-py3-none-any.whl.

File metadata

  • Download URL: radhiops-0.0.2-py3-none-any.whl
  • Upload date:
  • Size: 81.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for radhiops-0.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 482a7be2a1431b14449963e7809b4955c509bee81ac1c1ca6f616c567fc4294f
MD5 e5f948a622cb0cffcb2a4cd501025d16
BLAKE2b-256 8472f6c36227f405cda933b9665c74355d818a9d7cfebe188b3ce1cebcb13e81

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page