Zin Agent Development Kit — build, deploy, and govern autonomous cybersecurity agents
Project description
Zin ADK — Agent Development Kit for Cybersecurity
Build, deploy, and govern autonomous cybersecurity agents.
ZIA provides a unified platform for building cybersecurity agents with bounded autonomy, policy enforcement, and full auditability — out of the box.
Install
pip install zin-adk
# With REST API support
pip install "zin-adk[api]"
# With graph database support (Python ≤ 3.13)
pip install "zin-adk[graph]"
Quick Start
# Scaffold a new agent
zia init --name "Vuln Triage Agent" --domain appsec --out ./agents
# Implement agents/vuln_triage_agent.py → execute()
# Validate
zia validate agents/vuln-triage-agent.yaml
# Run
zia run agents/vuln-triage-agent.yaml --tenant acme
# Or start the REST API
zia serve --host 0.0.0.0 --port 8000
What's included
| Component | What it does |
|---|---|
| US-ADSL | YAML DSL for declarative agent definitions — schema-validated |
| Agent Runtime | Lifecycle management (pre_run → execute → post_run) |
| Policy Engine | 6-rule in-process guardrails enforced on every tool call |
| Tool Substrate | @zia_tool decorator — policy-aware, auditable tool execution |
| Agent Registry | @register_agent — domain-based discovery and dispatch |
| SIF Graph | Time-aware security knowledge graph (Kuzu, namespace-isolated per tenant) |
| Multi-tenancy | Tenant isolation from day one — no leakage possible |
| REST API | FastAPI layer for portal and SIEM integration |
| CLI | zia init · zia validate · zia run · zia serve |
Supported Agent Domains
| Domain | Use case |
|---|---|
risk_quant |
Continuous risk scoring, FAIR-like modelling |
supply_chain |
Vendor posture, SBOM risk, 3rd-party exposure |
red_team |
Autonomous red teaming, attack path discovery |
appsec |
SAST, DAST, IaC scanning, dependency analysis |
ai_security |
Prompt risk, model exposure, LLM guardrail validation |
compliance |
Control monitoring, evidence collection, drift detection |
Build an agent in 3 steps
1. Define it
# agents/my-agent.yaml
agent:
id: my-agent
domain: appsec
version: "1.0.0"
intent:
goal: "Triage open vulnerabilities by severity"
reasoning:
mode: rule_based
autonomy_level: bounded
capabilities:
tools: [list_vulnerabilities]
boundaries:
allowed_actions: [agent_execute, list_vulnerabilities]
safety:
sandbox_profile: standard
audit_level: standard
2. Implement it
from zia.core.runtime.agent import AgentContext, AgentResult, BaseAgent
from zia.core.runtime.registry import register_agent
from zia.core.tools.substrate import ToolExecutor
import zia.core.tools.builtins as tools
@register_agent(domain="appsec")
class MyAgent(BaseAgent):
def execute(self, context: AgentContext) -> AgentResult:
vulns = ToolExecutor.call(tools.list_vulnerabilities, context=context)
critical = [v for v in vulns if v.get("severity") == "critical"]
return AgentResult.ok(context, output={"critical_count": len(critical)})
3. Run it
zia run agents/my-agent.yaml --tenant acme
REST API
zia serve --host 0.0.0.0 --port 8000
# Create tenant
curl -X POST http://localhost:8000/tenants \
-H "X-API-Key: your-key" \
-d '{"tenant_id": "acme", "name": "Acme Corp"}'
# Trigger agent run
curl -X POST http://localhost:8000/tenants/acme/runs \
-H "X-API-Key: your-key" \
-d '{"domain": "risk_quant", "environment": "staging"}'
# Interactive API docs
open http://localhost:8000/docs
Documentation
Full docs: zeron.one/zia/docs
Zeron Security © 2026 — zeron.one
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
zin_adk-0.1.0.tar.gz
(43.8 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
zin_adk-0.1.0-py3-none-any.whl
(54.6 kB
view details)
File details
Details for the file zin_adk-0.1.0.tar.gz.
File metadata
- Download URL: zin_adk-0.1.0.tar.gz
- Upload date:
- Size: 43.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
87c891e0386fa8c724f8404c9b7eae4f218d250ad8c21edd54aa23c7d29372d0
|
|
| MD5 |
3cf54b547e8fda6ad7617c4441d6da47
|
|
| BLAKE2b-256 |
c94e80f5ab6febda26be95ad37868bae33e761ce07595022c84f6ec90d025326
|
File details
Details for the file zin_adk-0.1.0-py3-none-any.whl.
File metadata
- Download URL: zin_adk-0.1.0-py3-none-any.whl
- Upload date:
- Size: 54.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bb991d00f05cd64d33b48d2ac9c2ea35fabd48c08b0f96f34804816b1b539c10
|
|
| MD5 |
90c976209a8030ecddc7f591d069a689
|
|
| BLAKE2b-256 |
21d8b4d53c22a42c54bc94b629ada42a6cf90b1a7e34987023aa3d331f411c44
|
