Python SDK for monitoring and intercepting AI agent actions with Trusera

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for trusera from gravatar.com trusera

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Trusera
  • Tags agents , ai , cedar , interceptor , monitoring , observability , policy , security
  • Requires: Python >=3.9
  • Provides-Extra: all , anthropic , autogen , crewai , dev , langchain , openai
Classifiers
Report project as malware

Project description

Trusera Python SDK

PyPI version Python versions License

Python SDK for monitoring and intercepting AI agent actions with Trusera. Track LLM invocations, tool calls, data access, and enforce Cedar security policies before actions execute.

Installation

pip install trusera-sdk

Optional Dependencies

# Framework integrations
pip install trusera-sdk[langchain]
pip install trusera-sdk[crewai]
pip install trusera-sdk[autogen]

# LLM client wrappers
pip install trusera-sdk[openai]
pip install trusera-sdk[anthropic]

# Everything
pip install trusera-sdk[all]

# Development tools
pip install trusera-sdk[dev]

Quick Start: Passive Monitoring

from trusera_sdk import TruseraClient, Event, EventType

client = TruseraClient(api_key="tsk_your_api_key")
agent_id = client.register_agent(name="my-agent", framework="custom")

client.track(Event(
    type=EventType.TOOL_CALL,
    name="web_search",
    payload={"query": "latest AI news"},
))

client.close()

Active Interception (v0.3.0+)

The SDK now supports active interception - evaluating agent actions against Cedar policies before they execute. Use intercept() for a one-liner setup, or TruseraInterceptor for full control.

intercept() - One-Liner Setup

import trusera_sdk

client = trusera_sdk.TruseraClient(api_key="tsk_...")
client.register_agent("my-agent", "custom")

# Intercept all HTTP calls (requests, httpx, urllib3)
interceptor = trusera_sdk.intercept(client, enforcement="block")

# Your agent code runs normally - policy violations raise PolicyViolationError
import requests
requests.get("https://allowed-api.com/data")  # OK
requests.get("https://blocked-api.com/data")  # Raises PolicyViolationError

interceptor.uninstall()

TruseraInterceptor - Full Control

from trusera_sdk import TruseraClient, TruseraInterceptor
from trusera_sdk.policy_cache import PolicyCache

client = TruseraClient(api_key="tsk_...")
cache = PolicyCache(client=client, refresh_interval=30)

with TruseraInterceptor(client=client, policy_cache=cache, enforcement="warn") as i:
    # All outbound HTTP is evaluated against Cedar policies
    # Warn mode logs violations but allows requests to proceed
    pass

Enforcement Modes

Mode Behavior
block Raise PolicyViolationError and prevent the action
warn Log a warning to stderr, allow the action
log Silently record the violation, allow the action

Using the Decorator

from trusera_sdk import TruseraClient, monitor, set_default_client, EventType

client = TruseraClient(api_key="tsk_your_api_key")
client.register_agent("my-agent", "custom")
set_default_client(client)

@monitor(event_type=EventType.TOOL_CALL)
def search_database(query: str) -> list[dict]:
    return [{"id": 1, "title": "Result"}]

@monitor(event_type=EventType.LLM_INVOKE, name="gpt4_call")
async def call_llm(prompt: str) -> str:
    return "AI response"

Framework Integrations

LangChain (Active Interception)

from trusera_sdk import TruseraClient
from trusera_sdk.policy_cache import PolicyCache
from trusera_sdk.integrations.langchain_interceptor import TruseraLangChainInterceptor

client = TruseraClient(api_key="tsk_...")
cache = PolicyCache(client=client)

with TruseraLangChainInterceptor(client=client, policy_cache=cache, enforcement="block"):
    # BaseTool._run and BaseLLM._generate are now policy-checked
    agent.run("Your query here")

LangChain (Passive Monitoring)

from trusera_sdk.integrations.langchain import TruseraCallbackHandler

handler = TruseraCallbackHandler(client)
llm = OpenAI(callbacks=[handler])

CrewAI (Active Interception)

from trusera_sdk.integrations.crewai_interceptor import TruseraCrewAIInterceptor

with TruseraCrewAIInterceptor(client=client, policy_cache=cache, enforcement="warn"):
    crew.kickoff()

AutoGen (Active Interception)

from trusera_sdk.integrations.autogen_interceptor import TruseraAutoGenInterceptor

interceptor = TruseraAutoGenInterceptor(client=client, policy_cache=cache, enforcement="block")
interceptor.install()

# Optionally wrap individual agent functions
interceptor.intercept_agent(my_agent)

OpenAI / Anthropic (LLM Interceptor)

from openai import OpenAI
from trusera_sdk.integrations.llm_interceptor import TruseraLLMInterceptor

llm_interceptor = TruseraLLMInterceptor(
    client=trusera_client,
    policy_cache=cache,
    enforcement="warn",
    redact_pii=True,  # Redact emails, phones, SSNs from logged prompts
)

openai_client = OpenAI()
llm_interceptor.wrap_openai(openai_client)

# Tool-use calls in responses are now policy-checked
# PII is redacted from logged prompts (never from actual API calls)

Policy Cache

The PolicyCache fetches Cedar policies from the Trusera API and evaluates them locally (<1ms). It runs a background thread to keep policies fresh.

from trusera_sdk.policy_cache import PolicyCache

cache = PolicyCache(
    client=trusera_client,
    refresh_interval=60,   # Seconds between refreshes (default: 60)
    stale_ttl=300,         # Serve stale policies for this long when API is down (default: 300)
)

# Manual cache invalidation (e.g. on webhook)
cache.invalidate()

# Clean shutdown
cache.stop()

PII Redaction

from trusera_sdk import PIIRedactor

redactor = PIIRedactor()
redactor.redact_text("Email: john@example.com")
# => "Email: [REDACTED_EMAIL]"

redactor.redact({"user": "john@example.com", "age": 30})
# => {"user": "[REDACTED_EMAIL]", "age": 30}

Event Types

  • EventType.TOOL_CALL - Tool or function invocations
  • EventType.LLM_INVOKE - LLM API calls
  • EventType.DATA_ACCESS - Database queries, file reads
  • EventType.API_CALL - External API requests
  • EventType.FILE_WRITE - File system modifications
  • EventType.DECISION - Agent decision points
  • EventType.POLICY_VIOLATION - Cedar policy violations (new in 0.3.0)
  • EventType.INTERCEPTION - Intercepted HTTP requests (new in 0.3.0)

Migration from v0.2 to v0.3

v0.3.0 is fully backward compatible. All existing monitor(), TruseraClient, and StandaloneInterceptor APIs work unchanged.

New in v0.3.0:

  • TruseraInterceptor - Multi-library HTTP interceptor (requests + httpx + urllib3)
  • intercept() - One-liner convenience function
  • PolicyCache - Background-refreshing policy cache
  • PolicyViolationError - Typed exception for blocked actions
  • EnforcementMode - Enum for block/warn/log
  • PIIRedactor - PII detection and redaction
  • Framework interceptors: LangChain, CrewAI, AutoGen, OpenAI/Anthropic
  • New event types: POLICY_VIOLATION, INTERCEPTION

Configuration

client = TruseraClient(
    api_key="tsk_your_api_key",
    base_url="https://api.trusera.dev",
    flush_interval=5.0,
    batch_size=100,
    timeout=10.0,
)

Development

git clone https://github.com/Trusera/ai-bom.git
cd ai-bom/trusera-agent-sdk
pip install -e ".[dev]"
pytest
ruff check .

Documentation

Full documentation at docs.trusera.dev/sdk/python

Support

License

Apache License 2.0 - see LICENSE file for details.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for trusera from gravatar.com trusera

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Trusera
  • Tags agents , ai , cedar , interceptor , monitoring , observability , policy , security
  • Requires: Python >=3.9
  • Provides-Extra: all , anthropic , autogen , crewai , dev , langchain , openai
Classifiers

Release history Release notifications | RSS feed

1.2.0

1.1.1

1.1.0

This version

1.0.0

0.3.0

0.2.2

0.2.0

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

trusera_sdk-1.0.0.tar.gz (58.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

trusera_sdk-1.0.0-py3-none-any.whl (42.0 kB view details)

Uploaded Python 3

File details

Details for the file trusera_sdk-1.0.0.tar.gz.

File metadata

  • Download URL: trusera_sdk-1.0.0.tar.gz
  • Upload date:
  • Size: 58.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for trusera_sdk-1.0.0.tar.gz
Algorithm Hash digest
SHA256 6ea3f6bcfad5369ab0a1cc33d02662e14564a2ff273e1a2a85d5e0d0c4005474
MD5 d358c8dafdba4d95d6c938ac60d1ebb8
BLAKE2b-256 190cb5886e7c69c21dc4f139335ce45e60af3eaf7c1b3a0886ed415a706a806e

See more details on using hashes here.

File details

Details for the file trusera_sdk-1.0.0-py3-none-any.whl.

File metadata

  • Download URL: trusera_sdk-1.0.0-py3-none-any.whl
  • Upload date:
  • Size: 42.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for trusera_sdk-1.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 471c0ee38e2c5e91706fa72f84317744c2dc96a73d15531f6a8a2396fadf89b2
MD5 a5a85ce03df4e081f406a4c4755df610
BLAKE2b-256 fba31c974eabeca57fa500c795cb4b22e7ad1662b83e1c661863be6c2501b84a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page