Skip to main content

Python SDK for Sentinel human-in-the-loop oversight

Project description

Sentinel SDK

License: MIT PyPI version

Oversight infrastructure for AI agents.

Sentinel adds human-in-the-loop approval to any Python function your agent calls. Wrap the function with @oversight, and the SDK pauses execution, requests approval, and only runs once a human approves.

Install

pip install sentinel-oversight

Quick start

# 1. Create an account at https://app.pauseapi.app/signup
#    Copy the API key it returns.

# 2. Wrap your function:
from sentinel import configure, oversight

configure(api_key="sk_live_…")

@oversight(
    risk_level="high",
    approvers=["sms:+15551234567", "alice@acme.com"],
    timeout_seconds=300,
)
def transfer_funds(amount: int, recipient: str):
    return stripe.transfers.create(amount=amount, destination=recipient)

When your agent calls transfer_funds(1000, "acct_xyz"):

  1. Sentinel pauses execution and creates an approval on the backend.
  2. Notifications fire to every approver in the list (rules below).
  3. A human clicks Approve from a signed text/email link or the dashboard.
  4. The wrapped function runs, and its return value flows back to the caller.

If rejected → ApprovalRejected(reason) is raised. If no response within timeout_secondsApprovalTimeout is raised (unless fallback="execute").

Approver formats

Each entry in approvers=[...] is a string. The format determines the channel.

Format Channel Example
name@company.com Email alice@acme.com
mailto:name@company.com Email (explicit) mailto:alice@acme.com
sms:+15551234567 SMS (Twilio) sms:+14155550123

You can mix formats — every approver receives a notification, the first decision wins.

Notification routing

  • Email — fires if RESEND_API_KEY is set AND any approver looks like an email address. Email contains signed approve/reject links (HMAC-SHA256, scoped to that action_id and timeout window).
  • SMS — fires if Twilio credentials are set AND an approver uses sms:.

By default, emails send from onboarding@resend.dev. To get branded approvals@yourdomain.app email, verify your domain in Resend (Pro plan).

Risk levels

risk_level is a string the dashboard uses for prioritization. Allowed values: low, medium, high, critical. Required.

Configuration

Set via configure(...) or environment variables:

Variable Default Description
SENTINEL_API_URL https://api.pauseapi.app Base URL of the Sentinel backend
SENTINEL_API_KEY required Your tenant API key
SENTINEL_TIMEOUT 300 Default timeout_seconds
SENTINEL_POLL_INTERVAL 2 Seconds between status polls
SENTINEL_FALLBACK reject reject or execute on timeout

Exceptions

  • SentinelError — base class for all Sentinel errors.
  • SentinelConfigError — SDK was used without an api_key.
  • SentinelAPIError(status_code, message, url) — backend returned a non-2xx.
  • ApprovalRejected(reason, action_id) — a human rejected the request.
  • ApprovalTimeout(action_id, timeout_seconds) — no decision before deadline.

Async

The decorator transparently supports async def functions:

@oversight(risk_level="medium", approvers=["alice@acme.com"])
async def send_email(to, body):
    await mailgun.send(to=to, body=body)

Audit log

Every approval creates a hash-chained audit trail. Fetch it:

from sentinel import SentinelClient
client = SentinelClient()
events = client.list_audit_events(action_id="act_…")  # or omit for full log

Each event has prev_hash and event_hash (SHA-256). Chain integrity can be verified by recomputing sha256(prev_hash + json(payload)).

LangChain

from sentinel.adapters.langchain import SentinelCallbackHandler

agent.run("…", callbacks=[SentinelCallbackHandler(risk_level="high")])

Install with pip install sentinel-oversight[langchain].

Links

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sentinel_oversight-0.1.5.tar.gz (8.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sentinel_oversight-0.1.5-py3-none-any.whl (10.4 kB view details)

Uploaded Python 3

File details

Details for the file sentinel_oversight-0.1.5.tar.gz.

File metadata

  • Download URL: sentinel_oversight-0.1.5.tar.gz
  • Upload date:
  • Size: 8.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for sentinel_oversight-0.1.5.tar.gz
Algorithm Hash digest
SHA256 c57eaf23f566d7cd4391e0bdeb6736873d4ac1839a7505bdaf6a2c09cfcb3696
MD5 1f140988485bd2be73ab75569ebf5c2f
BLAKE2b-256 b2e0b38e5ee75b5f206f0e2e84f8c719cec64e37cf44e59578cbf1af31a56c63

See more details on using hashes here.

Provenance

The following attestation bundles were made for sentinel_oversight-0.1.5.tar.gz:

Publisher: publish.yml on PetrefiedThunder/sentinel-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file sentinel_oversight-0.1.5-py3-none-any.whl.

File metadata

File hashes

Hashes for sentinel_oversight-0.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 3f9c52e6cf0fba6cd5f7ad86362720f91f39591d61546c0e6985fad2c480840d
MD5 fc7a6850aaff120628bfd6d8a2073508
BLAKE2b-256 21609bc482f1c4e52942e7814198ecba410e256e6148d8f66968cf3cbd4d1dc5

See more details on using hashes here.

Provenance

The following attestation bundles were made for sentinel_oversight-0.1.5-py3-none-any.whl:

Publisher: publish.yml on PetrefiedThunder/sentinel-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page