Semantic Firewall for AI Agent Transactions

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for take4534 from gravatar.com take4534

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: VetoNet
  • Tags ai , security , agents , firewall , prompt-injection , intent-drift , llm , crypto , web3
  • Requires: Python >=3.10
  • Provides-Extra: groq , anthropic , ollama , agentkit
Classifiers
Report project as malware

Project description

VetoNet

Semantic Firewall for AI Agent Transactions

VetoNet prevents "Intent Drift" when AI agents make purchases on your behalf. It intercepts transactions, compares them against your original intent, and vetoes if something's wrong.

Installation

pip install vetonet

With LLM Providers

pip install vetonet[groq]      # Free hosted LLM
pip install vetonet[anthropic] # Claude
pip install vetonet[ollama]    # Local Ollama (default)

Quick Start

from vetonet import VetoNet

veto = VetoNet()
result = veto.verify(
    intent="$50 Amazon Gift Card",
    payload={"item_description": "Amazon Gift Card", "unit_price": 50, "vendor": "amazon.com"}
)

if result.approved:
    process_payment()
else:
    print(f"Blocked: {result.reason}")

The Problem

AI agents are vulnerable to prompt injection attacks. A user says "buy me a $50 Amazon gift card" but a malicious website tricks the agent into:

  • Buying a $500 item instead
  • Swapping to a different product
  • Adding hidden fees
  • Using a scam vendor
  • Signing up for a subscription

The Solution

VetoNet acts as an independent security layer:

  1. Lock Intent - Extract and lock the user's intent before the agent shops
  2. Intercept - Catch the agent's transaction before execution
  3. Compare - Run 9 security checks (price, vendor, category, semantic match, etc.)
  4. Veto - Block if the transaction drifts from the original intent

Provider Options

Provider Setup Cost Best For
ollama Local install Free Development, privacy
groq API key Free tier Demos, testing
anthropic API key Paid Production
none None Free Deterministic-only mode

Basic Usage (Ollama - Default)

from vetonet import VetoNet

# Requires Ollama running locally with qwen2.5:7b
veto = VetoNet()

result = veto.verify(
    intent="$50 Amazon Gift Card",
    payload={
        "item_description": "Amazon Gift Card - $50 Digital",
        "item_category": "gift_card",
        "unit_price": 50.0,
        "vendor": "amazon.com"
    }
)

print(result.approved)  # True
print(result.reason)    # "All checks passed"

With Groq (Free, No Local Setup)

from vetonet import VetoNet

veto = VetoNet(provider="groq", api_key="your-groq-api-key")
result = veto.verify(intent="...", payload={...})

With Anthropic (Claude)

from vetonet import VetoNet

veto = VetoNet(provider="anthropic", api_key="your-anthropic-api-key")
result = veto.verify(intent="...", payload={...})

Deterministic Only (No LLM)

from vetonet import VetoNet, IntentAnchor

# Skip semantic check, only run deterministic checks
veto = VetoNet(provider="none")

result = veto.verify(
    intent=IntentAnchor(
        item_category="gift_card",
        max_price=50.0,
        core_constraints=["brand:Amazon"]
    ),
    payload={...}
)

Security Checks

VetoNet runs 10 security checks in order (fast to slow):

Check Type What It Catches
Price Deterministic Transaction exceeds budget
Quantity Deterministic Wrong number of items
Category Deterministic Different product type
Currency Deterministic Currency manipulation
Subscription Deterministic Sneaky recurring charges
Hidden Fees Deterministic Service fees, processing fees
Vendor Deterministic Scam domains, brand spoofing
Price Anomaly Deterministic Suspiciously cheap (scam indicator)
Scam Patterns Deterministic Gift card scams, tech support, IRS fraud
Semantic LLM-based Item doesn't match intent constraints

Checks run in order and fail fast - if price check fails, we don't waste time on semantic check.

CLI

# Verify a transaction
vetonet --intent "$50 Amazon Gift Card" \
        --payload '{"item_description": "...", "unit_price": 50}' \
        --provider ollama

# Output as JSON
vetonet -i "..." -p @payload.json --json

# Use with Groq
vetonet -i "$50 Amazon Gift Card" -p @payload.json --provider groq --api-key $GROQ_API_KEY

API Reference

VetoNet

VetoNet(
    provider: str = "ollama",  # "ollama", "groq", "anthropic", "openai", "none"
    model: str = None,         # Override default model
    api_key: str = None,       # API key for hosted providers
    base_url: str = None,      # Custom endpoint URL
)

verify()

result = veto.verify(
    intent: str | IntentAnchor,     # Natural language or structured
    payload: dict | AgentPayload,   # Transaction to verify
) -> VetoResult

VetoResult

result.approved  # bool - True if transaction is safe
result.vetoed    # bool - True if transaction was blocked
result.reason    # str - Explanation
result.checks    # list[CheckResult] - Details of each check

Use Cases

  • Crypto Wallets - Verify agent transactions before signing
  • AI Agent Platforms - Add security layer for autonomous agents
  • Fintech Apps - Fraud prevention for AI-powered spending
  • E-commerce - Protect users from malicious product recommendations

Links

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for take4534 from gravatar.com take4534

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: VetoNet
  • Tags ai , security , agents , firewall , prompt-injection , intent-drift , llm , crypto , web3
  • Requires: Python >=3.10
  • Provides-Extra: groq , anthropic , ollama , agentkit
Classifiers

Release history Release notifications | RSS feed

0.1.4

0.1.3

0.1.2

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vetonet-0.1.1.tar.gz (25.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vetonet-0.1.1-py3-none-any.whl (28.4 kB view details)

Uploaded Python 3

File details

Details for the file vetonet-0.1.1.tar.gz.

File metadata

  • Download URL: vetonet-0.1.1.tar.gz
  • Upload date:
  • Size: 25.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.7

File hashes

Hashes for vetonet-0.1.1.tar.gz
Algorithm Hash digest
SHA256 2be1b4418cb8e5dbebdd1a30170a819f503026f84b7d5e020e73fac81a6ac16c
MD5 45f4453072c4b9ae0e37f9fca5cdfb5e
BLAKE2b-256 5de938f212318ffd61c2bdb2d87dde95677f6660b6144ea42d6c4e7c2a2eefea

See more details on using hashes here.

File details

Details for the file vetonet-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: vetonet-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 28.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.7

File hashes

Hashes for vetonet-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 f180e019169779ff94fd61e74a56f7a493a6b92a7e5c6e7c5dd589c978bd5fdf
MD5 05d1ab9d0951c64cbb07af5a99c716ea
BLAKE2b-256 686c5a26bbee9a7a9e8d4447087ab06ba55c327eebf3f1e2311dac3a6f25d844

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page