CrewAI tool that issues Vouch Credentials to authorize multi-agent tool calls.
Project description
vouch-crewai
A CrewAI tool that issues Vouch Credentials, so the agents in a crew can cryptographically authorize their tool calls, including across delegation.
Each signed call carries a W3C Verifiable Credential with an eddsa-jcs-2022
Data Integrity proof. When a supervisor agent delegates to a worker, the
worker's credential extends the supervisor's chain and can only narrow the
authority, never broaden it.
Install
pip install vouch-crewai
This pulls in vouch-protocol[crewai].
Configure
VOUCH_PRIVATE_KEYthe agent's private key (JWK JSON string).VOUCH_DIDthe agent's DID, e.g.did:web:agent.example.com.
Use
from vouch_crewai import sign_request
# Give the tool to a CrewAI agent. It calls it before an authenticated request.
credential_json = sign_request(
action="read",
target="https://api.example.com",
resource="customer:123",
)
Delegation between agents
See examples/integrations_delegation.py in the main repo for a supervisor
that issues a broad credential and a worker that narrows it under capability
attenuation.
Verify on the receiving side
from vouch import Verifier
ok, passport = Verifier.verify_credential(received_json, public_key=agent_pubkey)
License
Apache-2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file vouch_crewai-0.1.0.tar.gz.
File metadata
- Download URL: vouch_crewai-0.1.0.tar.gz
- Upload date:
- Size: 2.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
86455d834aeb20834364cd73b2be79cf14cf3c3618ccfb912ab9a629c18b1c9c
|
|
| MD5 |
dcb378790c9c01af0a8f30fa5718f638
|
|
| BLAKE2b-256 |
72e7721d42a52a1a3759b87cc98b29774ccb26b8390aefd3d1b4318d78af7c3e
|
Provenance
The following attestation bundles were made for vouch_crewai-0.1.0.tar.gz:
Publisher:
publish-pypi.yml on vouch-protocol/vouch
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
vouch_crewai-0.1.0.tar.gz -
Subject digest:
86455d834aeb20834364cd73b2be79cf14cf3c3618ccfb912ab9a629c18b1c9c - Sigstore transparency entry: 2083155071
- Sigstore integration time:
-
Permalink:
vouch-protocol/vouch@353754361e03afc4e237a165af06666e5d2a212f -
Branch / Tag:
refs/heads/main - Owner: https://github.com/vouch-protocol
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@353754361e03afc4e237a165af06666e5d2a212f -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file vouch_crewai-0.1.0-py3-none-any.whl.
File metadata
- Download URL: vouch_crewai-0.1.0-py3-none-any.whl
- Upload date:
- Size: 2.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
417ebe0b668fabe16a4cc5278d96a5571b0908e2cda8d1450c80bb8a299d6cc9
|
|
| MD5 |
3e1a0732aaed8e3de4d106d0ae91c79a
|
|
| BLAKE2b-256 |
68af1313e951558b5be8b0d65fd44083da6fc2cd36b4c3dabcd75a933b668906
|