Sentinel AI — client SDK for AI agent governance & identity. Sign agent actions with Ed25519 and enforce them through the Sentinel authorization gateway. Private beta: cosimo@plannest.net
Project description
sentinel-agent-trust
Python client SDK for Sentinel AI — the identity & governance layer for AI agents: control, authorize, and audit autonomous agents before they touch your production APIs.
Sentinel is in private beta. For source access, a hosted sandbox organization key, or to collaborate: cosimo@plannest.net
Install
pip install sentinel-agent-trust
Usage
import os
from agent_trust_sdk import AgentTrustClient, AgentPermissionDeniedException
client = AgentTrustClient(
agent_id="agt_...",
private_key=os.environ["SENTINEL_AGENT_PRIVATE_KEY"], # base64 Ed25519 seed
gateway_url="https://your-gateway.example.com",
)
try:
client.enforce_action("crm.refund.create", "crm://refunds", {"amount": 90})
crm.create_refund(amount=90) # authorized → do the real thing
except AgentPermissionDeniedException as exc:
# final denial: do NOT retry — branch (degrade, escalate to a human, give up)
escalate_to_human(exc.reason, exc.request_id)
Every request is signed with the agent's private Ed25519 key (never sent to
the server) and carries a timestamp + nonce, so requests cannot be replayed.
Denials carry a machine-readable code (permission_denied,
behavioral_limit_exceeded, rate_limited, …) so your agent can branch
instead of looping.
Proxy mode
With proxy mode the request travels through the gateway, which authorizes it, injects the upstream credential (the agent never holds it) and forwards it — enforcement the agent cannot skip:
resp = client.proxy_request("stripe", "POST", "v1/refunds",
payload={"charge": "ch_123", "amount": 90})
print(resp.status_code, resp.json()) # the upstream's response
Method, path, query and body are all covered by the Ed25519 signature.
Denials raise the same exceptions as enforce_action; a pending human
approval raises AgentApprovalPendingException — retry the identical call
after approval.
Generate a keypair
python -m agent_trust_sdk.keygen
Register the public key with your Sentinel gateway (POST /v1/agents); keep
the private seed in a secret store.
License
Apache 2.0 — see LICENSE and NOTICE.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sentinel_agent_trust-0.3.0.tar.gz.
File metadata
- Download URL: sentinel_agent_trust-0.3.0.tar.gz
- Upload date:
- Size: 13.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8d651d6aa948ba6b73d8ecd8e0ad29595dbd52cebbe709029d58f3b6d1c9a982
|
|
| MD5 |
048811ac1894d9d6622f9c37fc3cd328
|
|
| BLAKE2b-256 |
faa11bba054833313c9c6fd3b06585ef136cb5cb704aa8843c2e42efbdfe3dfe
|
Provenance
The following attestation bundles were made for sentinel_agent_trust-0.3.0.tar.gz:
Publisher:
release.yml on viperformanz/sentinel-ai
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sentinel_agent_trust-0.3.0.tar.gz -
Subject digest:
8d651d6aa948ba6b73d8ecd8e0ad29595dbd52cebbe709029d58f3b6d1c9a982 - Sigstore transparency entry: 2180763542
- Sigstore integration time:
-
Permalink:
viperformanz/sentinel-ai@ea1c1e0e34e6d3e31184efdebb9f7d2219126254 -
Branch / Tag:
refs/tags/sdk-py-v0.3.0 - Owner: https://github.com/viperformanz
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@ea1c1e0e34e6d3e31184efdebb9f7d2219126254 -
Trigger Event:
push
-
Statement type:
File details
Details for the file sentinel_agent_trust-0.3.0-py3-none-any.whl.
File metadata
- Download URL: sentinel_agent_trust-0.3.0-py3-none-any.whl
- Upload date:
- Size: 14.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c8881a8f3c87f52751e3601ef32a8ec967f981c04e72c4a06bfe363b2942b09b
|
|
| MD5 |
81ff07302f9c8de349b0d1d42841eace
|
|
| BLAKE2b-256 |
658506da5d810feb2f5a41dd9652f59fbd492b9c5a96ccc8e48a9e1c8d4d4d61
|
Provenance
The following attestation bundles were made for sentinel_agent_trust-0.3.0-py3-none-any.whl:
Publisher:
release.yml on viperformanz/sentinel-ai
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sentinel_agent_trust-0.3.0-py3-none-any.whl -
Subject digest:
c8881a8f3c87f52751e3601ef32a8ec967f981c04e72c4a06bfe363b2942b09b - Sigstore transparency entry: 2180763739
- Sigstore integration time:
-
Permalink:
viperformanz/sentinel-ai@ea1c1e0e34e6d3e31184efdebb9f7d2219126254 -
Branch / Tag:
refs/tags/sdk-py-v0.3.0 - Owner: https://github.com/viperformanz
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@ea1c1e0e34e6d3e31184efdebb9f7d2219126254 -
Trigger Event:
push
-
Statement type: