Python SDK for monitoring and intercepting AI agent actions with Trusera

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for trusera from gravatar.com trusera

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Trusera
  • Tags agents , ai , cedar , interceptor , monitoring , observability , policy , security
  • Requires: Python >=3.9
  • Provides-Extra: all , anthropic , autogen , crewai , dev , langchain , openai
Classifiers
Report project as malware

Project description

Trusera Python SDK

PyPI version Python versions License

Python SDK for monitoring and intercepting AI agent actions with Trusera. Track LLM invocations, tool calls, data access, and enforce Cedar security policies before actions execute.

Installation

pip install trusera-sdk

Optional Dependencies

# Framework integrations
pip install trusera-sdk[langchain]
pip install trusera-sdk[crewai]
pip install trusera-sdk[autogen]

# LLM client wrappers
pip install trusera-sdk[openai]
pip install trusera-sdk[anthropic]

# Everything
pip install trusera-sdk[all]

# Development tools
pip install trusera-sdk[dev]

Quick Start: Passive Monitoring

from trusera_sdk import TruseraClient, Event, EventType

client = TruseraClient(api_key="tsk_your_api_key")
agent_id = client.register_agent(name="my-agent", framework="custom")

client.track(Event(
    type=EventType.TOOL_CALL,
    name="web_search",
    payload={"query": "latest AI news"},
))

client.close()

Active Interception (v0.3.0+)

The SDK now supports active interception - evaluating agent actions against Cedar policies before they execute. Use intercept() for a one-liner setup, or TruseraInterceptor for full control.

intercept() - One-Liner Setup

import trusera_sdk

client = trusera_sdk.TruseraClient(api_key="tsk_...")
client.register_agent("my-agent", "custom")

# Intercept all HTTP calls (requests, httpx, urllib3)
interceptor = trusera_sdk.intercept(client, enforcement="block")

# Your agent code runs normally - policy violations raise PolicyViolationError
import requests
requests.get("https://allowed-api.com/data")  # OK
requests.get("https://blocked-api.com/data")  # Raises PolicyViolationError

interceptor.uninstall()

TruseraInterceptor - Full Control

from trusera_sdk import TruseraClient, TruseraInterceptor
from trusera_sdk.policy_cache import PolicyCache

client = TruseraClient(api_key="tsk_...")
cache = PolicyCache(client=client, refresh_interval=30)

with TruseraInterceptor(client=client, policy_cache=cache, enforcement="warn") as i:
    # All outbound HTTP is evaluated against Cedar policies
    # Warn mode logs violations but allows requests to proceed
    pass

Enforcement Modes

Mode Behavior
block Raise PolicyViolationError and prevent the action
warn Log a warning to stderr, allow the action
log Silently record the violation, allow the action

Using the Decorator

from trusera_sdk import TruseraClient, monitor, set_default_client, EventType

client = TruseraClient(api_key="tsk_your_api_key")
client.register_agent("my-agent", "custom")
set_default_client(client)

@monitor(event_type=EventType.TOOL_CALL)
def search_database(query: str) -> list[dict]:
    return [{"id": 1, "title": "Result"}]

@monitor(event_type=EventType.LLM_INVOKE, name="gpt4_call")
async def call_llm(prompt: str) -> str:
    return "AI response"

Framework Integrations

LangChain (Active Interception)

from trusera_sdk import TruseraClient
from trusera_sdk.policy_cache import PolicyCache
from trusera_sdk.integrations.langchain_interceptor import TruseraLangChainInterceptor

client = TruseraClient(api_key="tsk_...")
cache = PolicyCache(client=client)

with TruseraLangChainInterceptor(client=client, policy_cache=cache, enforcement="block"):
    # BaseTool._run and BaseLLM._generate are now policy-checked
    agent.run("Your query here")

LangChain (Passive Monitoring)

from trusera_sdk.integrations.langchain import TruseraCallbackHandler

handler = TruseraCallbackHandler(client)
llm = OpenAI(callbacks=[handler])

CrewAI (Active Interception)

from trusera_sdk.integrations.crewai_interceptor import TruseraCrewAIInterceptor

with TruseraCrewAIInterceptor(client=client, policy_cache=cache, enforcement="warn"):
    crew.kickoff()

AutoGen (Active Interception)

from trusera_sdk.integrations.autogen_interceptor import TruseraAutoGenInterceptor

interceptor = TruseraAutoGenInterceptor(client=client, policy_cache=cache, enforcement="block")
interceptor.install()

# Optionally wrap individual agent functions
interceptor.intercept_agent(my_agent)

OpenAI / Anthropic (LLM Interceptor)

from openai import OpenAI
from trusera_sdk.integrations.llm_interceptor import TruseraLLMInterceptor

llm_interceptor = TruseraLLMInterceptor(
    client=trusera_client,
    policy_cache=cache,
    enforcement="warn",
    redact_pii=True,  # Redact emails, phones, SSNs from logged prompts
)

openai_client = OpenAI()
llm_interceptor.wrap_openai(openai_client)

# Tool-use calls in responses are now policy-checked
# PII is redacted from logged prompts (never from actual API calls)

Policy Cache

The PolicyCache fetches Cedar policies from the Trusera API and evaluates them locally (<1ms). It runs a background thread to keep policies fresh.

from trusera_sdk.policy_cache import PolicyCache

cache = PolicyCache(
    client=trusera_client,
    refresh_interval=60,   # Seconds between refreshes (default: 60)
    stale_ttl=300,         # Serve stale policies for this long when API is down (default: 300)
)

# Manual cache invalidation (e.g. on webhook)
cache.invalidate()

# Clean shutdown
cache.stop()

PII Redaction

from trusera_sdk import PIIRedactor

redactor = PIIRedactor()
redactor.redact_text("Email: john@example.com")
# => "Email: [REDACTED_EMAIL]"

redactor.redact({"user": "john@example.com", "age": 30})
# => {"user": "[REDACTED_EMAIL]", "age": 30}

Event Types

  • EventType.TOOL_CALL - Tool or function invocations
  • EventType.LLM_INVOKE - LLM API calls
  • EventType.DATA_ACCESS - Database queries, file reads
  • EventType.API_CALL - External API requests
  • EventType.FILE_WRITE - File system modifications
  • EventType.DECISION - Agent decision points
  • EventType.POLICY_VIOLATION - Cedar policy violations (new in 0.3.0)
  • EventType.INTERCEPTION - Intercepted HTTP requests (new in 0.3.0)

Migration from v0.2 to v0.3

v0.3.0 is fully backward compatible. All existing monitor(), TruseraClient, and StandaloneInterceptor APIs work unchanged.

New in v0.3.0:

  • TruseraInterceptor - Multi-library HTTP interceptor (requests + httpx + urllib3)
  • intercept() - One-liner convenience function
  • PolicyCache - Background-refreshing policy cache
  • PolicyViolationError - Typed exception for blocked actions
  • EnforcementMode - Enum for block/warn/log
  • PIIRedactor - PII detection and redaction
  • Framework interceptors: LangChain, CrewAI, AutoGen, OpenAI/Anthropic
  • New event types: POLICY_VIOLATION, INTERCEPTION

Configuration

client = TruseraClient(
    api_key="tsk_your_api_key",
    base_url="https://api.trusera.dev",
    flush_interval=5.0,
    batch_size=100,
    timeout=10.0,
)

Development

git clone https://github.com/Trusera/ai-bom.git
cd ai-bom/trusera-agent-sdk
pip install -e ".[dev]"
pytest
ruff check .

Documentation

Full documentation at docs.trusera.dev/sdk/python

Support

License

Apache License 2.0 - see LICENSE file for details.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for trusera from gravatar.com trusera

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Trusera
  • Tags agents , ai , cedar , interceptor , monitoring , observability , policy , security
  • Requires: Python >=3.9
  • Provides-Extra: all , anthropic , autogen , crewai , dev , langchain , openai
Classifiers

Release history Release notifications | RSS feed

This version

1.2.0

1.1.1

1.1.0

1.0.0

0.3.0

0.2.2

0.2.0

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

trusera_sdk-1.2.0.tar.gz (59.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

trusera_sdk-1.2.0-py3-none-any.whl (43.9 kB view details)

Uploaded Python 3

File details

Details for the file trusera_sdk-1.2.0.tar.gz.

File metadata

  • Download URL: trusera_sdk-1.2.0.tar.gz
  • Upload date:
  • Size: 59.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.8

File hashes

Hashes for trusera_sdk-1.2.0.tar.gz
Algorithm Hash digest
SHA256 7fd2d29b15c3cfe0db13a66e2aa5a9fd6acddfa3004c0f37fb822bb32e485e23
MD5 1778247f49262f4352513988226fb8c6
BLAKE2b-256 ab7c92d657f002e252d62c72b3ecd1a767fb427f33705f51cd617855f525dff6

See more details on using hashes here.

File details

Details for the file trusera_sdk-1.2.0-py3-none-any.whl.

File metadata

  • Download URL: trusera_sdk-1.2.0-py3-none-any.whl
  • Upload date:
  • Size: 43.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.8

File hashes

Hashes for trusera_sdk-1.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 6d001840d5c4e0ed913003d60a1735b638dac9eea1531bf56eb06627ef84935d
MD5 e814dc88e15bb0d11f330384b1e2bfbd
BLAKE2b-256 c4321d7029a41f121c837e0652557933e8d45fe14917a161cbddfe3bddc261d3

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page