Skip to main content

RadhiOps — BYOE AI Engineering Platform SDK

Project description

radhiops

The Python SDK for RadhiOps — the BYOE (Bring Your Own Everything) AI Engineering Platform.

pip install radhiops
# providers are optional extras — install only what you use:
pip install 'radhiops[openai]'        # or [anthropic], [google], [huggingface], [all]
# ollama needs no extra (talks to your local server)

Quick start

from radhiops import RadhiOps

# New here? A demo key seeds 500 free credits, fully offline.
ops = RadhiOps(access_key="radhi_demo_yourtrialkey123")

# Run a local security audit (no AI, no network needed).
report = ops.soc.audit("./my-project")
print(report.counts())          # {'low': 0, 'medium': 1, 'high': 0, 'critical': 0}
print(report.passed)            # gate result for pre-push / pre-deploy

# Bring your own model for AI-assisted remediation.
ops.use_model("openai", model="gpt-4o-mini", api_key="sk-...")
print(ops.soc.remediate(report))

# Or run a fully local model via Ollama — no API key:
ops.use_model("ollama", model="llama3.1")

Repo agent — Git in plain English

repo = ops.repo("./my-project")

repo.command("what changed?")
repo.command('commit "fix: handle null user"')
repo.command("create a new branch feature/login")
repo.command("merge dev into main")

# push() runs a RadhiSOC security gate first and BLOCKS on high/critical
# findings unless you explicitly override.
result = repo.push()
if not result.ok:
    print(result.message)   # e.g. "Security gate blocked the push: 1 finding"

Common verbs are parsed by rules (free, offline). Ambiguous phrasing falls back to your BYOE model. Protected branches (main/master/prod) require allow_protected=True, and force pushes use --force-with-lease.

radhiops repo "push my changes" --path ./my-project
radhiops repo "merge dev into main"

Deployment agent — BYOE deploy targets

Bring your own platform token. RadhiOps never stores it.

# Vercel / Netlify / Render / Railway / Surge
dep = ops.deploy("vercel", token="<vercel-token>", team_id="team_...")

dep.list(limit=5)                  # recent deployments (normalized)
d = dep.trigger()                  # kick a new deployment (where supported)
final = dep.watch(d.id)            # poll until ready/failed
if final.status.failed:
    diag = dep.diagnose(d.id)      # rule-based + AI root-cause from the logs
    print(diag.rule_based["suggestion"])
Platform name Scope option Triggers deploys
Vercel vercel team_id (optional) via git integration
Netlify netlify site_id yes (build)
Render render service_id yes
Railway railway service_id (monitor)
Surge surge domain yes (CLI)

The log diagnoser recognises common failures (missing modules, unset env vars, OOM, port conflicts, lockfile mismatches) with zero credits; anything it can't classify is escalated to your BYOE model.

radhiops deploy render status --id dep_123 --token $RENDER_TOKEN --opt service_id=srv_abc
radhiops deploy vercel diagnose --id dpl_123 --token $VERCEL_TOKEN

Runtime Monitor — production health & incidents

mon = ops.monitor()
mon.add_target("api", "https://myapp.com/health", contains="ok")
mon.add_target("web", "https://myapp.com")

mon.poll()                         # probe every target once
for inc in mon.evaluate():         # anomalies -> incidents
    print(inc.severity, inc.summary, "->", inc.escalate_to)

# crash detection from a runtime log stream
crash = mon.ingest_logs("api", ["Traceback (most recent call last):", "MemoryError"])

# or run a monitoring loop with a callback per incident
mon.watch(rounds=10, interval=30, on_incident=lambda i: print(i.to_dict()))

Detects: endpoint down (consecutive failures), error-rate spikes, latency degradation (p95), and runtime crashes (OOM, segfault, unhandled exceptions, restart loops, DB connection failures). Each incident is tagged with the agent that should handle it next (DeploymentAgent, CyberDefenseAgent), ready for the autonomous loop. Thresholds are tunable via Thresholds.

Cyber Defense agent — runtime attack detection

Feed inbound requests through the guard; it returns an allow/challenge/block verdict and auto-blocklists serious offenders.

guard = ops.defense()

verdict = guard.analyze({
    "ip": "203.0.113.9",
    "path": "/search",
    "query": "q=' UNION SELECT password FROM users--",
})
if verdict.blocked:
    return Response(status=403)

# behavioral: repeated failed logins from one IP -> brute force / stuffing
verdict, incident = guard.inspect({"ip": "203.0.113.9", "auth_failed": True, "user": "admin"})

# framework hook
guard_fn = guard.middleware(on_block=lambda v: log.warning("blocked %s", v.ip))

Detects: SQL injection, XSS, SSRF, path traversal, command injection, header (CRLF) injection, brute force, credential stuffing, rate-limit abuse, and DDoS. Code-level attacks escalate to RadhiSOC (fix the code); volumetric attacks are blocked directly. Scoring/thresholds are tunable via DefenseConfig.

CLI — commands & actions

radhiops init                       # one-time setup (keys/providers, encrypted)
radhiops audit                      # scan ALL files in the current dir
radhiops audit ./app.py             # scan one file
radhiops audit . --fail-on critical # tune the gate severity
radhiops secure                     # SOC→Repo: .gitignore secrets + untrack them
radhiops repo "push my changes"     # Git in plain English
radhiops deploy vercel status --id   # deploy agent (list/status/logs/diagnose)
radhiops status                     # plan, balance, autonomy, agents
radhiops plans / subscribe pro      # billing
radhiops control --autonomy autopilot

# autonomous modes
radhiops --automode                 # one cycle: audit → secure → remediate
radhiops --polling 003000           # repeat every 30 min (HHMMSS) to save credits

audit exits non-zero on gate failure — drops into CI or a pre-push hook. Full guide: see USAGE.md.

Connect your terminal to the dashboard

export RADHIOPS_ACCESS_KEY=radhi_live_…           # generate in dashboard → Settings
export RADHIOPS_API_BASE=https://<ref>.supabase.co
export RADHIOPS_ANON_KEY=<anon public key>
radhiops audit .                                   # activity now streams to the dashboard

Supported model providers (BYOE)

Provider name Needs key? Extra
OpenRouter openrouter yes — (HTTP)
Bytez bytez yes — (HTTP)
OpenAI / compatible openai yes [openai]
Anthropic anthropic yes [anthropic]
Google Gemini google yes [google]
Ollama (local) ollama no
Hugging Face huggingface yes [huggingface]

Register your own (e.g. an MCP-backed model) with radhiops.register_provider("mymodel", MyProviderClass).

Status

Phase 0–5: BYOE model layer, access-key client, credit ledger (local + hosted), and all five agents — RadhiSOC (security), Repo (Git + pre-push gate), Deployment (multi-platform + log diagnosis), Runtime Monitor (health, anomalies, crashes), and Cyber Defense (runtime attack detection) — plus the Supabase backend. The autonomous cross-agent loop (incidents routing Monitor → Deployment → RadhiSOC → Repo automatically) is next.

Online vs offline

# Offline (default): local credit ledger, demo keys seeded with 500 credits.
ops = RadhiOps(access_key="radhi_demo_...")

# Online: validate + meter against the hosted backend (Supabase edge functions).
ops = RadhiOps(
    access_key="radhi_live_...",
    offline=False,
    api_base="https://<project-ref>.supabase.co",
    anon_key="<supabase-anon-key>",
)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

radhiops-0.0.5.tar.gz (80.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

radhiops-0.0.5-py3-none-any.whl (91.9 kB view details)

Uploaded Python 3

File details

Details for the file radhiops-0.0.5.tar.gz.

File metadata

  • Download URL: radhiops-0.0.5.tar.gz
  • Upload date:
  • Size: 80.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for radhiops-0.0.5.tar.gz
Algorithm Hash digest
SHA256 73d6264644d7ec06912e525861d4c4b52e812443e7d23335a5ce99bceb9888ed
MD5 0935ac5956f189378c5b54cde4f18156
BLAKE2b-256 29c3f57b3eb1b06f6820bdca603d183137d12d11920c4a575af84ccd08451372

See more details on using hashes here.

File details

Details for the file radhiops-0.0.5-py3-none-any.whl.

File metadata

  • Download URL: radhiops-0.0.5-py3-none-any.whl
  • Upload date:
  • Size: 91.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for radhiops-0.0.5-py3-none-any.whl
Algorithm Hash digest
SHA256 a4c21709733bd16ed4037ff477f6b52a93008e811dc23e14d0bf545012168bb1
MD5 69ae8d368175958a010723eee186c0d8
BLAKE2b-256 6d0d2eae8d5e804d79fb1216d134577352fe574a9295074eb280e55dee1a92d5

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page