Skip to main content

Python SDK for Sentinel human-in-the-loop oversight

Project description

Sentinel SDK

License: MIT PyPI version

Oversight infrastructure for AI agents.

Sentinel adds human-in-the-loop approval to any Python function your agent calls. Wrap the function with @oversight, and the SDK pauses execution, requests approval, and only runs once a human approves.

Install

pip install sentinel-oversight

Quick start

# 1. Create an account at https://app.pauseapi.app/signup
#    Copy the API key it returns.

# 2. Wrap your function:
from sentinel import configure, oversight

configure(api_key="sk_live_…")

@oversight(
    risk_level="high",
    approvers=["sms:+15551234567", "alice@acme.com"],
    timeout_seconds=300,
)
def transfer_funds(amount: int, recipient: str):
    return stripe.transfers.create(amount=amount, destination=recipient)

When your agent calls transfer_funds(1000, "acct_xyz"):

  1. Sentinel pauses execution and creates an approval on the backend.
  2. Notifications fire to every approver in the list (rules below).
  3. A human clicks Approve from a signed text/email link or the dashboard.
  4. The wrapped function runs, and its return value flows back to the caller.

If rejected → ApprovalRejected(reason) is raised. If no response within timeout_secondsApprovalTimeout is raised (unless fallback="execute").

Approver formats

Each entry in approvers=[...] is a string. The format determines the channel.

Format Channel Example
name@company.com Email alice@acme.com
mailto:name@company.com Email (explicit) mailto:alice@acme.com
sms:+15551234567 SMS (Twilio) sms:+14155550123

You can mix formats — every approver receives a notification, the first decision wins.

Notification routing

  • Email — fires if RESEND_API_KEY is set AND any approver looks like an email address. Email contains signed approve/reject links (HMAC-SHA256, scoped to that action_id and timeout window).
  • SMS — fires if Twilio credentials are set AND an approver uses sms:.

By default, emails send from onboarding@resend.dev. To get branded approvals@yourdomain.app email, verify your domain in Resend (Pro plan).

Risk levels

risk_level is a string the dashboard uses for prioritization. Allowed values: low, medium, high, critical. Required.

Configuration

Set via configure(...) or environment variables:

Variable Default Description
SENTINEL_API_URL https://api.pauseapi.app Base URL of the Sentinel backend
SENTINEL_API_KEY required Your tenant API key
SENTINEL_TIMEOUT 300 Default timeout_seconds
SENTINEL_POLL_INTERVAL 2 Seconds between status polls
SENTINEL_FALLBACK reject reject or execute on timeout

Exceptions

  • SentinelError — base class for all Sentinel errors.
  • SentinelConfigError — SDK was used without an api_key.
  • SentinelAPIError(status_code, message, url) — backend returned a non-2xx.
  • ApprovalRejected(reason, action_id) — a human rejected the request.
  • ApprovalTimeout(action_id, timeout_seconds) — no decision before deadline.

Async

The decorator transparently supports async def functions:

@oversight(risk_level="medium", approvers=["alice@acme.com"])
async def send_email(to, body):
    await mailgun.send(to=to, body=body)

Audit log

Every approval creates a hash-chained audit trail. Fetch it:

from sentinel import SentinelClient
client = SentinelClient()
events = client.list_audit_events(action_id="act_…")  # or omit for full log

Each event has prev_hash and event_hash (SHA-256). Chain integrity can be verified by recomputing sha256(prev_hash + json(payload)).

LangChain

from sentinel.adapters.langchain import SentinelCallbackHandler

agent.run("…", callbacks=[SentinelCallbackHandler(risk_level="high")])

Install with pip install sentinel-oversight[langchain].

Links

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sentinel_oversight-0.1.3.tar.gz (8.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sentinel_oversight-0.1.3-py3-none-any.whl (9.9 kB view details)

Uploaded Python 3

File details

Details for the file sentinel_oversight-0.1.3.tar.gz.

File metadata

  • Download URL: sentinel_oversight-0.1.3.tar.gz
  • Upload date:
  • Size: 8.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for sentinel_oversight-0.1.3.tar.gz
Algorithm Hash digest
SHA256 2cfd9e67af0012a5f574d34d805196cfa74de124a97907afa153a19b6f094286
MD5 189fb78e124dbda39c890117ca42f173
BLAKE2b-256 e29e2d0cf61fb16fe8961a84f692f3041b04cca6a4afa68638a64f7c58fbd363

See more details on using hashes here.

Provenance

The following attestation bundles were made for sentinel_oversight-0.1.3.tar.gz:

Publisher: publish.yml on PetrefiedThunder/sentinel-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file sentinel_oversight-0.1.3-py3-none-any.whl.

File metadata

File hashes

Hashes for sentinel_oversight-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 0cf5f6293093ed0ef6540f63dd040e031c9c1b39ed4c8e12411b9b4b6167856b
MD5 b2c5ee84db67b4717b98bdfdf14aa656
BLAKE2b-256 7fafb66409bbe00fd1ed4879ad101d7e893dc4d496b8a62c805cf6f65e9b7d80

See more details on using hashes here.

Provenance

The following attestation bundles were made for sentinel_oversight-0.1.3-py3-none-any.whl:

Publisher: publish.yml on PetrefiedThunder/sentinel-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page