Skip to main content

RadhiOps — BYOE AI Engineering Platform SDK

Project description

radhiops

The Python SDK for RadhiOps — the BYOE (Bring Your Own Everything) AI Engineering Platform.

pip install radhiops
# providers are optional extras — install only what you use:
pip install 'radhiops[openai]'        # or [anthropic], [google], [huggingface], [all]
# ollama needs no extra (talks to your local server)

Quick start

from radhiops import RadhiOps

# New here? A demo key seeds 500 free credits, fully offline.
ops = RadhiOps(access_key="radhi_demo_yourtrialkey123")

# Run a local security audit (no AI, no network needed).
report = ops.soc.audit("./my-project")
print(report.counts())          # {'low': 0, 'medium': 1, 'high': 0, 'critical': 0}
print(report.passed)            # gate result for pre-push / pre-deploy

# Bring your own model for AI-assisted remediation.
ops.use_model("openai", model="gpt-4o-mini", api_key="sk-...")
print(ops.soc.remediate(report))

# Or run a fully local model via Ollama — no API key:
ops.use_model("ollama", model="llama3.1")

Repo agent — Git in plain English

repo = ops.repo("./my-project")

repo.command("what changed?")
repo.command('commit "fix: handle null user"')
repo.command("create a new branch feature/login")
repo.command("merge dev into main")

# push() runs a RadhiSOC security gate first and BLOCKS on high/critical
# findings unless you explicitly override.
result = repo.push()
if not result.ok:
    print(result.message)   # e.g. "Security gate blocked the push: 1 finding"

Common verbs are parsed by rules (free, offline). Ambiguous phrasing falls back to your BYOE model. Protected branches (main/master/prod) require allow_protected=True, and force pushes use --force-with-lease.

radhiops repo "push my changes" --path ./my-project
radhiops repo "merge dev into main"

Deployment agent — BYOE deploy targets

Bring your own platform token. RadhiOps never stores it.

# Vercel / Netlify / Render / Railway / Surge
dep = ops.deploy("vercel", token="<vercel-token>", team_id="team_...")

dep.list(limit=5)                  # recent deployments (normalized)
d = dep.trigger()                  # kick a new deployment (where supported)
final = dep.watch(d.id)            # poll until ready/failed
if final.status.failed:
    diag = dep.diagnose(d.id)      # rule-based + AI root-cause from the logs
    print(diag.rule_based["suggestion"])
Platform name Scope option Triggers deploys
Vercel vercel team_id (optional) via git integration
Netlify netlify site_id yes (build)
Render render service_id yes
Railway railway service_id (monitor)
Surge surge domain yes (CLI)

The log diagnoser recognises common failures (missing modules, unset env vars, OOM, port conflicts, lockfile mismatches) with zero credits; anything it can't classify is escalated to your BYOE model.

radhiops deploy render status --id dep_123 --token $RENDER_TOKEN --opt service_id=srv_abc
radhiops deploy vercel diagnose --id dpl_123 --token $VERCEL_TOKEN

Runtime Monitor — production health & incidents

mon = ops.monitor()
mon.add_target("api", "https://myapp.com/health", contains="ok")
mon.add_target("web", "https://myapp.com")

mon.poll()                         # probe every target once
for inc in mon.evaluate():         # anomalies -> incidents
    print(inc.severity, inc.summary, "->", inc.escalate_to)

# crash detection from a runtime log stream
crash = mon.ingest_logs("api", ["Traceback (most recent call last):", "MemoryError"])

# or run a monitoring loop with a callback per incident
mon.watch(rounds=10, interval=30, on_incident=lambda i: print(i.to_dict()))

Detects: endpoint down (consecutive failures), error-rate spikes, latency degradation (p95), and runtime crashes (OOM, segfault, unhandled exceptions, restart loops, DB connection failures). Each incident is tagged with the agent that should handle it next (DeploymentAgent, CyberDefenseAgent), ready for the autonomous loop. Thresholds are tunable via Thresholds.

Cyber Defense agent — runtime attack detection

Feed inbound requests through the guard; it returns an allow/challenge/block verdict and auto-blocklists serious offenders.

guard = ops.defense()

verdict = guard.analyze({
    "ip": "203.0.113.9",
    "path": "/search",
    "query": "q=' UNION SELECT password FROM users--",
})
if verdict.blocked:
    return Response(status=403)

# behavioral: repeated failed logins from one IP -> brute force / stuffing
verdict, incident = guard.inspect({"ip": "203.0.113.9", "auth_failed": True, "user": "admin"})

# framework hook
guard_fn = guard.middleware(on_block=lambda v: log.warning("blocked %s", v.ip))

Detects: SQL injection, XSS, SSRF, path traversal, command injection, header (CRLF) injection, brute force, credential stuffing, rate-limit abuse, and DDoS. Code-level attacks escalate to RadhiSOC (fix the code); volumetric attacks are blocked directly. Scoring/thresholds are tunable via DefenseConfig.

CLI

export RADHIOPS_ACCESS_KEY=radhi_demo_yourtrialkey123
radhiops audit ./my-project
radhiops audit . --json

The audit command exits non-zero when high/critical findings are present, so it drops straight into CI or a Kiro pre-push hook.

Supported model providers (BYOE)

Provider name Needs key? Extra
OpenAI / compatible openai yes [openai]
Anthropic anthropic yes [anthropic]
Google Gemini google yes [google]
Ollama (local) ollama no
Hugging Face huggingface yes [huggingface]

Register your own (e.g. an MCP-backed model) with radhiops.register_provider("mymodel", MyProviderClass).

Status

Phase 0–5: BYOE model layer, access-key client, credit ledger (local + hosted), and all five agents — RadhiSOC (security), Repo (Git + pre-push gate), Deployment (multi-platform + log diagnosis), Runtime Monitor (health, anomalies, crashes), and Cyber Defense (runtime attack detection) — plus the Supabase backend. The autonomous cross-agent loop (incidents routing Monitor → Deployment → RadhiSOC → Repo automatically) is next.

Online vs offline

# Offline (default): local credit ledger, demo keys seeded with 500 credits.
ops = RadhiOps(access_key="radhi_demo_...")

# Online: validate + meter against the hosted backend (Supabase edge functions).
ops = RadhiOps(
    access_key="radhi_live_...",
    offline=False,
    api_base="https://<project-ref>.supabase.co",
    anon_key="<supabase-anon-key>",
)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

radhiops-0.0.3.tar.gz (69.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

radhiops-0.0.3-py3-none-any.whl (81.8 kB view details)

Uploaded Python 3

File details

Details for the file radhiops-0.0.3.tar.gz.

File metadata

  • Download URL: radhiops-0.0.3.tar.gz
  • Upload date:
  • Size: 69.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for radhiops-0.0.3.tar.gz
Algorithm Hash digest
SHA256 62762edccae9926517ab9f3b2aeead602ae3c37868d07fe8cc09f239d8505176
MD5 4024b98af3e5f4291392ea4b5186a772
BLAKE2b-256 75dc07d14333e44325de7d838d5f23a9f615f58722a0d29c141e292f22f27b48

See more details on using hashes here.

File details

Details for the file radhiops-0.0.3-py3-none-any.whl.

File metadata

  • Download URL: radhiops-0.0.3-py3-none-any.whl
  • Upload date:
  • Size: 81.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for radhiops-0.0.3-py3-none-any.whl
Algorithm Hash digest
SHA256 216fcc528e4db064c9e4c40bf2a49388153648e90fff64d6090f04391c4b43c6
MD5 e1aa55d3e2d21828ec41c85325175e3b
BLAKE2b-256 80ae4926e3c17bb2a6c25fe4763126166d8d72228c5c74f6ac7f6b749d88c635

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page