ag2 0.9.9__py3-none-any.whl → 0.10.0__py3-none-any.whl

autogen/agentchat/conversable_agent.py

@@ -14,7 +14,7 @@ import re
 import threading
 import warnings
 from collections import defaultdict
-from collections.abc import Callable, Generator, Iterable
+from collections.abc import Callable, Container, Generator, Iterable
 from contextlib import contextmanager
 from dataclasses import dataclass
 from inspect import signature
@@ -77,7 +77,7 @@ from .chat import (
     initiate_chats,
 )
 from .group.context_variables import ContextVariables
-from .group.guardrails import Guardrail
+from .group.guardrails import Guardrail, GuardrailResult
 from .group.handoffs import Handoffs
 from .utils import consolidate_chat_info, gather_usage_summary
 
@@ -132,11 +132,11 @@ class ConversableAgent(LLMAgent):
     For example, AssistantAgent and UserProxyAgent are subclasses of this class,
     configured with different default settings.
 
-    To modify auto reply, override `generate_reply` method.
-    To disable/enable human response in every turn, set `human_input_mode` to "NEVER" or "ALWAYS".
-    To modify the way to get human input, override `get_human_input` method.
-    To modify the way to execute code blocks, single code block, or function call, override `execute_code_blocks`,
-    `run_code`, and `execute_function` methods respectively.
+    To modify auto reply, override `generate_reply` method. \n
+    To disable/enable human response in every turn, set `human_input_mode` to "NEVER" or "ALWAYS". \n
+    To modify the way to get human input, override `get_human_input` method. \n
+    To modify the way to execute code blocks, single code block, or function call, override `execute_code_blocks`, \n
+    `run_code`, and `execute_function` methods respectively. \n
     """
 
     DEFAULT_CONFIG = False  # False or dict, the default config for llm inference
@@ -144,7 +144,7 @@ class ConversableAgent(LLMAgent):
 
     DEFAULT_SUMMARY_PROMPT = "Summarize the takeaway from the conversation. Do not add any introductory phrases."
     DEFAULT_SUMMARY_METHOD = "last_msg"
-    llm_config: dict[str, Any] | Literal[False]
+    llm_config: LLMConfig | Literal[False]
 
     def __init__(
         self,
@@ -168,60 +168,60 @@ class ConversableAgent(LLMAgent):
         | None = None,
         handoffs: Handoffs | None = None,
     ):
-        """Args:
-        name (str): name of the agent.
-        system_message (str or list): system message for the ChatCompletion inference.
-        is_termination_msg (function): a function that takes a message in the form of a dictionary
+        """Args:\n
+        1) name (str): name of the agent.\n
+        2) system_message (str or list): system message for the ChatCompletion inference.\n
+        3) is_termination_msg (function): a function that takes a message in the form of a dictionary
             and returns a boolean value indicating if this received message is a termination message.
-            The dict can contain the following keys: "content", "role", "name", "function_call".
-        max_consecutive_auto_reply (int): the maximum number of consecutive auto replies.
+            The dict can contain the following keys: "content", "role", "name", "function_call".\n
+        4) max_consecutive_auto_reply (int): the maximum number of consecutive auto replies.
             default to None (no limit provided, class attribute MAX_CONSECUTIVE_AUTO_REPLY will be used as the limit in this case).
-            When set to 0, no auto reply will be generated.
-        human_input_mode (str): whether to ask for human inputs every time a message is received.
-            Possible values are "ALWAYS", "TERMINATE", "NEVER".
+            When set to 0, no auto reply will be generated.\n
+        5) human_input_mode (str): whether to ask for human inputs every time a message is received.\n
+            Possible values are "ALWAYS", "TERMINATE", "NEVER".\n
             (1) When "ALWAYS", the agent prompts for human input every time a message is received.
                 Under this mode, the conversation stops when the human input is "exit",
-                or when is_termination_msg is True and there is no human input.
+                or when is_termination_msg is True and there is no human input.\n
             (2) When "TERMINATE", the agent only prompts for human input only when a termination message is received or
-                the number of auto reply reaches the max_consecutive_auto_reply.
+                the number of auto reply reaches the max_consecutive_auto_reply.\n
             (3) When "NEVER", the agent will never prompt for human input. Under this mode, the conversation stops
-                when the number of auto reply reaches the max_consecutive_auto_reply or when is_termination_msg is True.
-        function_map (dict[str, callable]): Mapping function names (passed to openai) to callable functions, also used for tool calls.
-        code_execution_config (dict or False): config for the code execution.
-            To disable code execution, set to False. Otherwise, set to a dictionary with the following keys:
-            - work_dir (Optional, str): The working directory for the code execution.
-                If None, a default working directory will be used.
+                when the number of auto reply reaches the max_consecutive_auto_reply or when is_termination_msg is True. \n
+        6) function_map (dict[str, callable]): Mapping function names (passed to openai) to callable functions, also used for tool calls. \n
+        7) code_execution_config (dict or False): config for the code execution.\n
+            To disable code execution, set to False. Otherwise, set to a dictionary with the following keys:\n
+            - work_dir (Optional, str): The working directory for the code execution.\n
+                If None, a default working directory will be used.\n
                 The default working directory is the "extensions" directory under
-                "path_to_autogen".
-            - use_docker (Optional, list, str or bool): The docker image to use for code execution.
-                Default is True, which means the code will be executed in a docker container. A default list of images will be used.
-                If a list or a str of image name(s) is provided, the code will be executed in a docker container
-                with the first image successfully pulled.
-                If False, the code will be executed in the current environment.
-                We strongly recommend using docker for code execution.
-            - timeout (Optional, int): The maximum execution time in seconds.
+                "path_to_autogen".\n
+            - use_docker (Optional, list, str or bool): The docker image to use for code execution.\n
+                Default is True, which means the code will be executed in a docker container. A default list of images will be used.\n
+                If a list or a str of image name(s) is provided, the code will be executed in a docker container\n
+                with the first image successfully pulled.\n
+                If False, the code will be executed in the current environment.\n
+                We strongly recommend using docker for code execution.\n
+            - timeout (Optional, int): The maximum execution time in seconds.\n
             - last_n_messages (Experimental, int or str): The number of messages to look back for code execution.
-                If set to 'auto', it will scan backwards through all messages arriving since the agent last spoke, which is typically the last time execution was attempted. (Default: auto)
-        llm_config (LLMConfig or dict or False or None): llm inference configuration.
-            Please refer to [OpenAIWrapper.create](https://docs.ag2.ai/latest/docs/api-reference/autogen/OpenAIWrapper/#autogen.OpenAIWrapper.create)
-            for available options.
-            When using OpenAI or Azure OpenAI endpoints, please specify a non-empty 'model' either in `llm_config` or in each config of 'config_list' in `llm_config`.
-            To disable llm-based auto reply, set to False.
-            When set to None, will use self.DEFAULT_CONFIG, which defaults to False.
-        default_auto_reply (str or dict): default auto reply when no code execution or llm-based reply is generated.
-        description (str): a short description of the agent. This description is used by other agents
-            (e.g. the GroupChatManager) to decide when to call upon this agent. (Default: system_message)
-        chat_messages (dict or None): the previous chat messages that this agent had in the past with other agents.
+                If set to 'auto', it will scan backwards through all messages arriving since the agent last spoke, which is typically the last time execution was attempted. (Default: auto)\n
+        8) llm_config (LLMConfig or dict or False or None): llm inference configuration.\n
+            Please refer to [OpenAIWrapper.create](https://docs.ag2.ai/latest/docs/api-reference/autogen/OpenAIWrapper/#autogen.OpenAIWrapper.create)\n
+            for available options.\n
+            When using OpenAI or Azure OpenAI endpoints, please specify a non-empty 'model' either in `llm_config` or in each config of 'config_list' in `llm_config`.\n
+            To disable llm-based auto reply, set to False.\n
+            When set to None, will use self.DEFAULT_CONFIG, which defaults to False.\n
+        9) default_auto_reply (str or dict): default auto reply when no code execution or llm-based reply is generated.\n
+        10) description (str): a short description of the agent. This description is used by other agents
+            (e.g. the GroupChatManager) to decide when to call upon this agent. (Default: system_message)\n
+        11) chat_messages (dict or None): the previous chat messages that this agent had in the past with other agents.
             Can be used to give the agent a memory by providing the chat history. This will allow the agent to
-            resume previous had conversations. Defaults to an empty chat history.
-        silent (bool or None): (Experimental) whether to print the message sent. If None, will use the value of
-            silent in each function.
-        context_variables (ContextVariables or None): Context variables that provide a persistent context for the agent.
-            Note: This will be a reference to a shared context for multi-agent chats.
-            Behaves like a dictionary with keys and values (akin to dict[str, Any]).
-        functions (List[Callable[..., Any]]): A list of functions to register with the agent, these will be wrapped up as tools and registered for LLM (not execution).
-        update_agent_state_before_reply (List[Callable[..., Any]]): A list of functions, including UpdateSystemMessage's, called to update the agent before it replies.
-        handoffs (Handoffs): Handoffs object containing all handoff transition conditions.
+            resume previous had conversations. Defaults to an empty chat history.\n
+        12) silent (bool or None): (Experimental) whether to print the message sent. If None, will use the value of
+            silent in each function.\n
+        13) context_variables (ContextVariables or None): Context variables that provide a persistent context for the agent.
+            Note: This will be a reference to a shared context for multi-agent chats.\n
+            Behaves like a dictionary with keys and values (akin to dict[str, Any]).\n
+        14) functions (List[Callable[..., Any]]): A list of functions to register with the agent, these will be wrapped up as tools and registered for LLM (not execution).\n
+        15) update_agent_state_before_reply (List[Callable[..., Any]]): A list of functions, including UpdateSystemMessage's, called to update the agent before it replies.\n
+        16) handoffs (Handoffs): Handoffs object containing all handoff transition conditions.\n
         """
         self.handoffs = handoffs if handoffs is not None else Handoffs()
         self.input_guardrails: list[Guardrail] = []
@@ -370,6 +370,12 @@ class ConversableAgent(LLMAgent):
             "process_all_messages_before_reply": [],
             "process_message_before_send": [],
             "update_agent_state": [],
+            # Safeguard hooks for monitoring agent interactions
+            "safeguard_tool_inputs": [],  # Hook for processing tool inputs before execution
+            "safeguard_tool_outputs": [],  # Hook for processing tool outputs after execution
+            "safeguard_llm_inputs": [],  # Hook for processing LLM inputs before sending
+            "safeguard_llm_outputs": [],  # Hook for processing LLM outputs after receiving
+            "safeguard_human_inputs": [],  # Hook for processing human inputs
         }
 
         # Associate agent update state hooks
@@ -379,9 +385,7 @@ class ConversableAgent(LLMAgent):
         if not self.llm_config:
             return
 
-        if any([
-            entry for entry in self.llm_config.config_list if entry.api_type == "openai" and re.search(r"\s", name)
-        ]):
+        if any(entry for entry in self.llm_config.config_list if entry.api_type == "openai" and re.search(r"\s", name)):
             raise ValueError(f"The name of the agent cannot contain any whitespace. The name provided is: '{name}'")
 
     def _get_display_name(self):
@@ -485,25 +489,15 @@ class ConversableAgent(LLMAgent):
     def _validate_llm_config(
         cls, llm_config: LLMConfig | dict[str, Any] | Literal[False] | None
     ) -> LLMConfig | Literal[False]:
-        # if not(llm_config in (None, False) or isinstance(llm_config, [dict, LLMConfig])):
-        #     raise ValueError(
-        #         "llm_config must be a dict or False or None."
-        #     )
-
         if llm_config is None:
             llm_config = LLMConfig.get_current_llm_config()
             if llm_config is None:
-                llm_config = cls.DEFAULT_CONFIG
-        elif isinstance(llm_config, dict):
-            llm_config = LLMConfig(**llm_config)
-        elif isinstance(llm_config, LLMConfig):
-            llm_config = llm_config.copy()
+                return cls.DEFAULT_CONFIG
+
         elif llm_config is False:
-            pass
-        else:
-            raise ValueError("llm_config must be a LLMConfig, dict or False or None.")
+            return False
 
-        return llm_config
+        return LLMConfig.ensure_config(llm_config)
 
     @classmethod
     def _create_client(cls, llm_config: LLMConfig | Literal[False]) -> OpenAIWrapper | None:
@@ -1050,7 +1044,11 @@ class ConversableAgent(LLMAgent):
         return name
 
     def _append_oai_message(
-        self, message: dict[str, Any] | str, role, conversation_id: Agent, is_sending: bool
+        self,
+        message: dict[str, Any] | str,
+        conversation_id: Agent,
+        role: str = "assistant",
+        name: str | None = None,
     ) -> bool:
         """Append a message to the ChatCompletion conversation.
 
@@ -1061,50 +1059,17 @@ class ConversableAgent(LLMAgent):
 
         Args:
             message (dict or str): message to be appended to the ChatCompletion conversation.
-            role (str): role of the message, can be "assistant" or "function".
             conversation_id (Agent): id of the conversation, should be the recipient or sender.
-            is_sending (bool): If the agent (aka self) is sending to the conversation_id agent, otherwise receiving.
+            role (str): role of the message, can be "assistant" or "function".
+            name (str | None): name of the message author, can be the name of the agent. If not provided, the name of the currentagent will be used.
 
         Returns:
             bool: whether the message is appended to the ChatCompletion conversation.
         """
-        message = self._message_to_dict(message)
-        # create oai message to be appended to the oai conversation that can be passed to oai directly.
-        oai_message = {
-            k: message[k]
-            for k in ("content", "function_call", "tool_calls", "tool_responses", "tool_call_id", "name", "context")
-            if k in message and message[k] is not None
-        }
-        if "content" not in oai_message:
-            if "function_call" in oai_message or "tool_calls" in oai_message:
-                oai_message["content"] = None  # if only function_call is provided, content will be set to None.
-            else:
-                return False
-
-        if message.get("role") in ["function", "tool"]:
-            oai_message["role"] = message.get("role")
-            if "tool_responses" in oai_message:
-                for tool_response in oai_message["tool_responses"]:
-                    tool_response["content"] = str(tool_response["content"])
-        elif "override_role" in message:
-            # If we have a direction to override the role then set the
-            # role accordingly. Used to customise the role for the
-            # select speaker prompt.
-            oai_message["role"] = message.get("override_role")
-        else:
-            oai_message["role"] = role
-
-        if oai_message.get("function_call", False) or oai_message.get("tool_calls", False):
-            oai_message["role"] = "assistant"  # only messages with role 'assistant' can have a function call.
-        elif "name" not in oai_message:
-            # If we don't have a name field, append it
-            if is_sending:
-                oai_message["name"] = self.name
-            else:
-                oai_message["name"] = conversation_id.name
-
+        valid, oai_message = normilize_message_to_oai(message, role=role, name=name or self.name)
+        if not valid:
+            return False
         self._oai_messages[conversation_id].append(oai_message)
-
         return True
 
     def _process_message_before_send(
@@ -1158,7 +1123,7 @@ class ConversableAgent(LLMAgent):
         message = self._process_message_before_send(message, recipient, ConversableAgent._is_silent(self, silent))
         # When the agent composes and sends the message, the role of the message is "assistant"
         # unless it's "function".
-        valid = self._append_oai_message(message, "assistant", recipient, is_sending=True)
+        valid = self._append_oai_message(message, recipient, role="assistant", name=self.name)
         if valid:
             recipient.receive(message, self, request_reply, silent)
         else:
@@ -1206,7 +1171,7 @@ class ConversableAgent(LLMAgent):
         message = self._process_message_before_send(message, recipient, ConversableAgent._is_silent(self, silent))
         # When the agent composes and sends the message, the role of the message is "assistant"
         # unless it's "function".
-        valid = self._append_oai_message(message, "assistant", recipient, is_sending=True)
+        valid = self._append_oai_message(message, recipient, role="assistant", name=self.name)
         if valid:
             await recipient.a_receive(message, self, request_reply, silent)
         else:
@@ -1215,7 +1180,7 @@ class ConversableAgent(LLMAgent):
             )
 
     def _print_received_message(self, message: dict[str, Any] | str, sender: Agent, skip_head: bool = False):
-        message = self._message_to_dict(message)
+        message = message_to_dict(message)
         message_model = create_received_event_model(event=message, sender=sender, recipient=self)
         iostream = IOStream.get_default()
         # message_model.print(iostream.print)
@@ -1223,7 +1188,7 @@ class ConversableAgent(LLMAgent):
 
     def _process_received_message(self, message: dict[str, Any] | str, sender: Agent, silent: bool):
         # When the agent receives a message, the role of the message is "user". (If 'role' exists and is 'function', it will remain unchanged.)
-        valid = self._append_oai_message(message, "user", sender, is_sending=False)
+        valid = self._append_oai_message(message, sender, role="user", name=sender.name)
         if logging_enabled():
             log_event(self, "received_message", message=message, sender=sender.name, valid=valid)
 
@@ -1355,9 +1320,10 @@ class ConversableAgent(LLMAgent):
         Returns:
             bool: True if the chat should be terminated, False otherwise.
         """
+        content = message.get("content")
         return (
             isinstance(recipient, ConversableAgent)
-            and isinstance(message.get("content"), str)
+            and content is not None
             and hasattr(recipient, "_is_termination_msg")
             and recipient._is_termination_msg(message)
         )
@@ -2181,6 +2147,7 @@ class ConversableAgent(LLMAgent):
         messages: list[dict[str, Any]] | None = None,
         sender: Agent | None = None,
         config: OpenAIWrapper | None = None,
+        **kwargs: Any,
     ) -> tuple[bool, str | dict[str, Any] | None]:
         """Generate a reply using autogen.oai."""
         client = self.client if config is None else config
@@ -2188,12 +2155,34 @@ class ConversableAgent(LLMAgent):
             return False, None
         if messages is None:
             messages = self._oai_messages[sender]
+
+        # Process messages before sending to LLM, hook point for llm input monitoring
+        processed_messages = self._process_llm_input(self._oai_system_message + messages)
+        if processed_messages is None:
+            return True, {"content": "LLM call blocked by safeguard", "role": "assistant"}
+
         extracted_response = self._generate_oai_reply_from_client(
-            client, self._oai_system_message + messages, self.client_cache
+            client,
+            self._oai_system_message + messages,
+            self.client_cache,
+            **kwargs,
         )
+
+        # Process LLM response
+        if extracted_response is not None:
+            processed_extracted_response = self._process_llm_output(extracted_response)
+            if processed_extracted_response is None:
+                raise ValueError("safeguard_llm_outputs hook returned None")
+
         return (False, None) if extracted_response is None else (True, extracted_response)
 
-    def _generate_oai_reply_from_client(self, llm_client, messages, cache) -> str | dict[str, Any] | None:
+    def _generate_oai_reply_from_client(
+        self,
+        llm_client,
+        messages,
+        cache,
+        **kwargs: Any,
+    ) -> str | dict[str, Any] | None:
         # unroll tool_responses
         all_messages = []
         for message in messages:
@@ -2212,6 +2201,7 @@ class ConversableAgent(LLMAgent):
             messages=all_messages,
             cache=cache,
             agent=self,
+            **kwargs,
         )
         extracted_response = llm_client.extract_text_or_completion_object(response)[0]
 
@@ -2241,20 +2231,27 @@ class ConversableAgent(LLMAgent):
         messages: list[dict[str, Any]] | None = None,
         sender: Agent | None = None,
         config: Any | None = None,
+        **kwargs: Any,
     ) -> tuple[bool, str | dict[str, Any] | None]:
         """Generate a reply using autogen.oai asynchronously."""
         iostream = IOStream.get_default()
 
         def _generate_oai_reply(
-            self, iostream: IOStream, *args: Any, **kwargs: Any
+            self, iostream: IOStream, *args: Any, **kw: Any
         ) -> tuple[bool, str | dict[str, Any] | None]:
             with IOStream.set_default(iostream):
-                return self.generate_oai_reply(*args, **kwargs)
+                return self.generate_oai_reply(*args, **kw)
 
         return await asyncio.get_event_loop().run_in_executor(
             None,
             functools.partial(
-                _generate_oai_reply, self=self, iostream=iostream, messages=messages, sender=sender, config=config
+                _generate_oai_reply,
+                self=self,
+                iostream=iostream,
+                messages=messages,
+                sender=sender,
+                config=config,
+                **kwargs,
             ),
         )
 
@@ -2418,7 +2415,7 @@ class ConversableAgent(LLMAgent):
         if messages is None:
             messages = self._oai_messages[sender]
         message = messages[-1]
-        if "function_call" in message:
+        if message.get("function_call"):
             call_id = message.get("id", None)
             func_call = message["function_call"]
             func_name = func_call.get("name", "")
@@ -2449,14 +2446,26 @@ class ConversableAgent(LLMAgent):
         tool_returns = []
         for tool_call in message.get("tool_calls", []):
             function_call = tool_call.get("function", {})
+
+            # Hook: Process tool input before execution
+            processed_call = self._process_tool_input(function_call)
+            if processed_call is None:
+                raise ValueError("safeguard_tool_inputs hook returned None")
+
             tool_call_id = tool_call.get("id", None)
-            func = self._function_map.get(function_call.get("name", None), None)
-            if inspect.iscoroutinefunction(func):
-                coro = self.a_execute_function(function_call, call_id=tool_call_id)
+            func = self._function_map.get(processed_call.get("name", None), None)
+            if is_coroutine_callable(func):
+                coro = self.a_execute_function(processed_call, call_id=tool_call_id)
                 _, func_return = self._run_async_in_thread(coro)
             else:
-                _, func_return = self.execute_function(function_call, call_id=tool_call_id)
-            content = func_return.get("content", "")
+                _, func_return = self.execute_function(processed_call, call_id=tool_call_id)
+
+            # Hook: Process tool output before returning
+            processed_return = self._process_tool_output(func_return)
+            if processed_return is None:
+                raise ValueError("safeguard_tool_outputs hook returned None")
+
+            content = processed_return.get("content", "")
             if content is None:
                 content = ""
 
@@ -2805,7 +2814,7 @@ class ConversableAgent(LLMAgent):
         self,
         messages: list[dict[str, Any]] | None = None,
         sender: Optional["Agent"] = None,
-        **kwargs: Any,
+        exclude: Container[Any] = (),
     ) -> str | dict[str, Any] | None:
         """Reply based on the conversation history and the sender.
 
@@ -2827,8 +2836,7 @@ class ConversableAgent(LLMAgent):
         Args:
             messages: a list of messages in the conversation history.
             sender: sender of an Agent instance.
-            **kwargs (Any): Additional arguments to customize reply generation. Supported kwargs:
-                - exclude (List[Callable[..., Any]]): A list of reply functions to exclude from
+            exclude: A list of reply functions to exclude from
                 the reply generation process. Functions in this list will be skipped even if
                 they would normally be triggered.
 
@@ -2856,7 +2864,7 @@ class ConversableAgent(LLMAgent):
 
         for reply_func_tuple in self._reply_func_list:
             reply_func = reply_func_tuple["reply_func"]
-            if "exclude" in kwargs and reply_func in kwargs["exclude"]:
+            if reply_func in exclude:
                 continue
             if inspect.iscoroutinefunction(reply_func):
                 continue
@@ -2879,7 +2887,7 @@ class ConversableAgent(LLMAgent):
         self,
         messages: list[dict[str, Any]] | None = None,
         sender: Optional["Agent"] = None,
-        **kwargs: Any,
+        exclude: Container[Any] = (),
     ) -> str | dict[str, Any] | None:
         """(async) Reply based on the conversation history and the sender.
 
@@ -2901,8 +2909,7 @@ class ConversableAgent(LLMAgent):
         Args:
             messages: a list of messages in the conversation history.
             sender: sender of an Agent instance.
-            **kwargs (Any): Additional arguments to customize reply generation. Supported kwargs:
-                - exclude (List[Callable[..., Any]]): A list of reply functions to exclude from
+            exclude: A list of reply functions to exclude from
                 the reply generation process. Functions in this list will be skipped even if
                 they would normally be triggered.
 
@@ -2930,13 +2937,16 @@ class ConversableAgent(LLMAgent):
 
         for reply_func_tuple in self._reply_func_list:
             reply_func = reply_func_tuple["reply_func"]
-            if "exclude" in kwargs and reply_func in kwargs["exclude"]:
+            if reply_func in exclude:
                 continue
 
             if self._match_trigger(reply_func_tuple["trigger"], sender):
                 if inspect.iscoroutinefunction(reply_func):
                     final, reply = await reply_func(
-                        self, messages=messages, sender=sender, config=reply_func_tuple["config"]
+                        self,
+                        messages=messages,
+                        sender=sender,
+                        config=reply_func_tuple["config"],
                     )
                 else:
                     final, reply = reply_func(self, messages=messages, sender=sender, config=reply_func_tuple["config"])
@@ -2992,8 +3002,14 @@ class ConversableAgent(LLMAgent):
         iostream = IOStream.get_default()
 
         reply = iostream.input(prompt)
-        self._human_input.append(reply)
-        return reply
+
+        # Process the human input through hooks
+        processed_reply = self._process_human_input(reply)
+        if processed_reply is None:
+            raise ValueError("safeguard_human_inputs hook returned None")
+
+        self._human_input.append(processed_reply)
+        return processed_reply
 
     async def a_get_human_input(self, prompt: str) -> str:
         """(Async) Get human input.
@@ -3425,13 +3441,30 @@ class ConversableAgent(LLMAgent):
             logger.error(error_msg)
             raise AssertionError(error_msg)
 
+        self.llm_config = self._update_tool_config(
+            self.llm_config,
+            tool_sig=tool_sig,
+            is_remove=is_remove,
+            silent_override=silent_override,
+        )
+
+        self.client = OpenAIWrapper(**self.llm_config)
+
+    def _update_tool_config(
+        self,
+        llm_config: dict[str, Any] | LLMConfig,
+        tool_sig: str | dict[str, Any],
+        is_remove: bool,
+        silent_override: bool = False,
+    ) -> dict[str, Any]:
         if is_remove:
-            if "tools" not in self.llm_config or len(self.llm_config["tools"]) == 0:
+            if "tools" not in llm_config or len(llm_config["tools"]) == 0:
                 error_msg = f"The agent config doesn't have tool {tool_sig}."
                 logger.error(error_msg)
                 raise AssertionError(error_msg)
+
             else:
-                current_tools = self.llm_config["tools"]
+                current_tools = llm_config["tools"]
                 filtered_tools = []
 
                 # Loop through and rebuild tools list without the tool to remove
@@ -3444,36 +3477,39 @@ class ConversableAgent(LLMAgent):
                     if is_different:
                         filtered_tools.append(tool)
 
-                self.llm_config["tools"] = filtered_tools
+                llm_config["tools"] = filtered_tools
+
         else:
             if not isinstance(tool_sig, dict):
                 raise ValueError(
                     f"The tool signature must be of the type dict. Received tool signature type {type(tool_sig)}"
                 )
+
             self._assert_valid_name(tool_sig["function"]["name"])
-            if "tools" in self.llm_config and len(self.llm_config["tools"]) > 0:
+            if "tools" in llm_config and len(llm_config["tools"]) > 0:
                 if not silent_override and any(
-                    tool["function"]["name"] == tool_sig["function"]["name"] for tool in self.llm_config["tools"]
+                    tool["function"]["name"] == tool_sig["function"]["name"] for tool in llm_config["tools"]
                 ):
                     warnings.warn(f"Function '{tool_sig['function']['name']}' is being overridden.", UserWarning)
-                self.llm_config["tools"] = [
+
+                llm_config["tools"] = [
                     tool
-                    for tool in self.llm_config["tools"]
+                    for tool in llm_config["tools"]
                     if tool.get("function", {}).get("name") != tool_sig["function"]["name"]
                 ] + [tool_sig]
             else:
-                self.llm_config["tools"] = [tool_sig]
+                llm_config["tools"] = [tool_sig]
 
         # Do this only if llm_config is a dict. If llm_config is LLMConfig, LLMConfig will handle this.
-        if len(self.llm_config["tools"]) == 0 and isinstance(self.llm_config, dict):
-            del self.llm_config["tools"]
+        if len(llm_config["tools"]) == 0 and isinstance(llm_config, dict):
+            del llm_config["tools"]
 
-        self.client = OpenAIWrapper(**self.llm_config)
+        return llm_config
 
     def can_execute_function(self, name: list[str] | str) -> bool:
         """Whether the agent can execute the function."""
         names = name if isinstance(name, list) else [name]
-        return all([n in self._function_map for n in names])
+        return all(n in self._function_map for n in names)
 
     @property
     def function_map(self) -> dict[str, Callable[..., Any]]:
@@ -3727,7 +3763,7 @@ class ConversableAgent(LLMAgent):
             """
             tool = self._create_tool_if_needed(func_or_tool, name, description)
             chat_context = ChatContext(self)
-            chat_context_params = {param: chat_context for param in tool._chat_context_param_names}
+            chat_context_params = dict.fromkeys(tool._chat_context_param_names, chat_context)
 
             self.register_function(
                 {tool.name: self._wrap_function(tool.func, chat_context_params, serialize=serialize)},
@@ -3825,6 +3861,87 @@ class ConversableAgent(LLMAgent):
         messages[-1]["content"] = processed_user_content
         return messages
 
+    def _process_tool_input(self, tool_input: dict[str, Any]) -> dict[str, Any] | None:
+        """Process tool input through registered hooks."""
+        hook_list = self.hook_lists["safeguard_tool_inputs"]
+
+        # If no hooks are registered, allow the tool input
+        if len(hook_list) == 0:
+            return tool_input
+
+        # Process through each hook
+        processed_input = tool_input
+        for hook in hook_list:
+            processed_input = hook(processed_input)
+            if processed_input is None:
+                return None
+
+        return processed_input
+
+    def _process_tool_output(self, response: dict[str, Any]) -> dict[str, Any]:
+        """Process tool output through registered hooks"""
+        hook_list = self.hook_lists["safeguard_tool_outputs"]
+
+        # If no hooks are registered, return original response
+        if len(hook_list) == 0:
+            return response
+
+        # Process through each hook
+        processed_response = response
+        for hook in hook_list:
+            processed_response = hook(processed_response)
+
+        return processed_response
+
+    def _process_llm_input(self, messages: list[dict[str, Any]]) -> list[dict[str, Any]] | None:
+        """Process messages before sending to LLM through registered hooks."""
+        hook_list = self.hook_lists["safeguard_llm_inputs"]
+
+        # If no hooks registered, allow the messages through
+        if len(hook_list) == 0:
+            return messages
+
+        # Process through each hook
+        processed_messages = messages
+        for hook in hook_list:
+            processed_messages = hook(processed_messages)
+            if processed_messages is None:
+                return None
+
+        return processed_messages
+
+    def _process_llm_output(self, response: str | dict[str, Any]) -> str | dict[str, Any]:
+        """Process LLM response through registered hooks"""
+        hook_list = self.hook_lists["safeguard_llm_outputs"]
+
+        # If no hooks registered, return original response
+        if len(hook_list) == 0:
+            return response
+
+        # Process through each hook
+        processed_response = response
+        for hook in hook_list:
+            processed_response = hook(processed_response)
+
+        return processed_response
+
+    def _process_human_input(self, human_input: str) -> str | None:
+        """Process human input through registered hooks."""
+        hook_list = self.hook_lists["safeguard_human_inputs"]
+
+        # If no hooks registered, allow the input through
+        if len(hook_list) == 0:
+            return human_input
+
+        # Process through each hook
+        processed_input = human_input
+        for hook in hook_list:
+            processed_input = hook(processed_input)
+            if processed_input is None:
+                return None
+
+        return processed_input
+
     def print_usage_summary(self, mode: str | list[str] = ["actual", "total"]) -> None:
         """Print the usage summary."""
         iostream = IOStream.get_default()
@@ -3871,7 +3988,11 @@ class ConversableAgent(LLMAgent):
         if executor_kwargs is None:
             executor_kwargs = {}
         if "is_termination_msg" not in executor_kwargs:
-            executor_kwargs["is_termination_msg"] = lambda x: (x["content"] is not None) and "TERMINATE" in x["content"]
+            executor_kwargs["is_termination_msg"] = lambda x: "TERMINATE" in (
+                content_str(x.get("content"))
+                if isinstance(x.get("content"), (str, list)) or x.get("content") is None
+                else str(x.get("content"))
+            )
 
         try:
             if not self.run_executor:
@@ -4056,6 +4177,32 @@ class ConversableAgent(LLMAgent):
         """
         self.output_guardrails.extend(guardrails)
 
+    def run_input_guardrails(self, messages: list[dict[str, Any]] | None = None) -> GuardrailResult | None:
+        """Run input guardrails for an agent before the reply is generated.
+
+        Args:
+            messages (Optional[list[dict[str, Any]]]): The messages to check against the guardrails.
+        """
+        for guardrail in self.input_guardrails:
+            guardrail_result = guardrail.check(context=messages)
+
+            if guardrail_result.activated:
+                return guardrail_result
+        return None
+
+    def run_output_guardrails(self, reply: str | dict[str, Any]) -> GuardrailResult | None:
+        """Run output guardrails for an agent after the reply is generated.
+
+        Args:
+            reply (str | dict[str, Any]): The reply generated by the agent.
+        """
+        for guardrail in self.output_guardrails:
+            guardrail_result = guardrail.check(context=reply)
+
+            if guardrail_result.activated:
+                return guardrail_result
+        return None
+
 
 @export_module("autogen")
 def register_function(
@@ -4083,3 +4230,65 @@ def register_function(
     """
     f = caller.register_for_llm(name=name, description=description)(f)
     executor.register_for_execution(name=name)(f)
+
+
+def normilize_message_to_oai(
+    message: dict[str, Any] | str,
+    name: str,
+    role: str = "assistant",
+) -> tuple[bool, dict[str, Any]]:
+    message = message_to_dict(message)
+    # create oai message to be appended to the oai conversation that can be passed to oai directly.
+    oai_message = {
+        k: message[k]
+        for k in ("content", "function_call", "tool_responses", "tool_call_id", "name", "context")
+        if k in message and message[k] is not None
+    }
+
+    if tools := message.get("tool_calls"):  # check for [], None and missed key
+        oai_message["tool_calls"] = tools
+
+    if "content" not in oai_message:
+        if "function_call" in oai_message or "tool_calls" in oai_message:
+            oai_message["content"] = None  # if only function_call is provided, content will be set to None.
+        else:
+            return False, oai_message
+
+    if message.get("role") in ["function", "tool"]:
+        oai_message["role"] = message.get("role")
+        if "tool_responses" in oai_message:
+            for tool_response in oai_message["tool_responses"]:
+                content_value = tool_response.get("content")
+                tool_response["content"] = (
+                    content_str(content_value)
+                    if isinstance(content_value, (str, list)) or content_value is None
+                    else str(content_value)
+                )
+    elif "override_role" in message:
+        # If we have a direction to override the role then set the
+        # role accordingly. Used to customise the role for the
+        # select speaker prompt.
+        oai_message["role"] = message.get("override_role")
+    else:
+        oai_message["role"] = role
+
+    if oai_message.get("function_call", False) or oai_message.get("tool_calls", False):
+        oai_message["role"] = "assistant"  # only messages with role 'assistant' can have a function call.
+    elif "name" not in oai_message:
+        # If we don't have a name field, append it
+        oai_message["name"] = name
+
+    return True, oai_message
+
+
+def message_to_dict(message: dict[str, Any] | str) -> dict:
+    """Convert a message to a dictionary.
+
+    The message can be a string or a dictionary. The string will be put in the "content" field of the new dictionary.
+    """
+    if isinstance(message, str):
+        return {"content": message}
+    elif isinstance(message, dict):
+        return message
+    else:
+        return dict(message)