Developer SDK for Maelstrom Gate — tool access control for AI agents
Project description
gate-sdk
Developer SDK for Gatekeeper — tool access control for AI agents.
GateClient is the thing you import. Register tools with execution classes,
set a mode (or wire a signal source), call filter() before every agent turn,
and the visible manifest shrinks as threat rises. Ships adapters for OpenAI and
Anthropic tool formats.
Install
pip install gate-sdk # once published
# or from source:
pip install -e .[dev]
# framework extras:
pip install gate-sdk[openai]
pip install gate-sdk[anthropic]
Quick example
from gate_sdk import GateClient
client = GateClient(mode=0.0)
client.add_tool("read_file", "read_only")
client.add_tool("deploy", "high_impact")
result = client.filter()
# mode 0.0 -> both visible
client.mode = 0.85
result = client.filter()
# -> visible=['read_file'], suppressed=['deploy']
Framework adapters
from gate_sdk.adapters.openai import from_openai_tools, to_openai_tools
gate_tools = from_openai_tools(openai_schema, class_map={"deploy": "high_impact"})
client = GateClient(mode=current_threat_level)
client.add_tools(gate_tools)
safe_openai_tools = to_openai_tools(client.filter().visible)
Anthropic adapter mirrors the same API (from_anthropic_tools / to_anthropic_tools).
Mode sources
Pull mode from env, files, callables, or custom signals:
from gate_sdk.signals import StaticSignal, EnvSignal
client = GateClient(mode_source=EnvSignal("GATE_MODE"))
# GATE_MODE=0.8 python agent.py
Middleware and callbacks
client.use(lambda mode, result: log_filter(mode, result) or result)
client.on_suppress(lambda tool, mode: alert(f"{tool.name} suppressed at {mode}"))
client.on_mode_change(lambda old, new: audit_mode_change(old, new))
Envelope signing
env = client.authorize("read_file", signing_key="hmac-key", context_id="sess1")
# env.signature is HMAC-SHA256 over canonical form
assert client.verify(env, "hmac-key")
authorize() raises ValueError on suppressed tools — you can't sign what the
gate has hidden.
Export back to framework tools
client.export_openai() # only visible tools, ready for client.chat.completions
client.export_anthropic() # only visible tools, ready for messages.create
Tests
pytest tests/
48 tests across client, adapters, signals, middleware, envelope flows, and failure injection.
How it fits
Layer 1 (transport) in Gatekeeper.
Depends on gate-keeper (Layer 0). Feeds gate-policy (Layer 2) and
gate-compliance (Layer 2) via middleware hooks.
License
Apache-2.0.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sdkgate-0.1.1.tar.gz.
File metadata
- Download URL: sdkgate-0.1.1.tar.gz
- Upload date:
- Size: 22.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
04b7892a4f8f67c1fa50302fd2daaa9030c5375eadade5e72fb5ac9dc49e56c0
|
|
| MD5 |
d4fc77c8e82a154e8a984f0576247e06
|
|
| BLAKE2b-256 |
df2ee5bed29750d82ad311a0e13c6551bb84c88faa6f3dd62dad2822d3511bc0
|
File details
Details for the file sdkgate-0.1.1-py3-none-any.whl.
File metadata
- Download URL: sdkgate-0.1.1-py3-none-any.whl
- Upload date:
- Size: 23.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4a19db48678a8cb1ae8c4de9934763f874e9151c5115405e931ce40ef5524918
|
|
| MD5 |
d82eb59f454ce3eafe1651a586bc2dbe
|
|
| BLAKE2b-256 |
bd870cacdc0a8be97870ebc6d71e988cef4e2def764ed625f07e6679cf14b399
|
