agentgovern 0.1.0b1__tar.gz

agentgovern-0.1.0b1/.gitignore

@@ -0,0 +1,23 @@
+node_modules/
+.env
+.env.local
+.env.production
+.env.development
+.next/
+dist/
+build/
+*.log
+.DS_Store
+__pycache__/
+*.pyc
+*.pyo
+.venv/
+.uv/
+coverage/
+.turbo/
+.vercel/
+.playwright/
+playwright-report/
+test-results/
+*.tsbuildinfo
+.drizzle/

agentgovern-0.1.0b1/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Zirahn
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

agentgovern-0.1.0b1/PKG-INFO

@@ -0,0 +1,148 @@
+Metadata-Version: 2.4
+Name: agentgovern
+Version: 0.1.0b1
+Summary: Compliance-as-code middleware for agentic AI workflows.
+Project-URL: Homepage, https://agentgovern.zirahn.com
+Project-URL: Repository, https://github.com/ahmedkhan-zirahn/agentgovern
+Project-URL: Issues, https://github.com/ahmedkhan-zirahn/agentgovern/issues
+Author-email: Azhar Khan <ahmed.khan@zirahn.com>
+License: MIT
+License-File: LICENSE
+Keywords: agent-governance,agents,ai,compliance,eu-ai-act,governance,langchain,nist
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Topic :: System :: Monitoring
+Requires-Python: >=3.9
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: pydantic>=2.10.0
+Requires-Dist: python-dotenv>=1.0.0
+Provides-Extra: crewai
+Requires-Dist: crewai>=0.80.0; extra == 'crewai'
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.24.0; extra == 'dev'
+Requires-Dist: pytest-cov>=6.0.0; extra == 'dev'
+Requires-Dist: pytest>=8.3.0; extra == 'dev'
+Requires-Dist: respx>=0.21.0; extra == 'dev'
+Requires-Dist: ruff>=0.8.0; extra == 'dev'
+Provides-Extra: langchain
+Requires-Dist: langchain-core>=0.3.0; extra == 'langchain'
+Provides-Extra: openai
+Requires-Dist: openai>=1.50.0; extra == 'openai'
+Description-Content-Type: text/markdown
+
+# AgentGovern Python SDK
+
+**Compliance-as-code for agentic AI workflows.**
+
+> **Beta** — API may change before 1.0. [Report issues](https://github.com/ahmedkhan-zirahn/agentgovern/issues).
+
+AgentGovern intercepts AI agent actions, evaluates them against configurable compliance policies (EU AI Act, NIST AI RMF, ISO 42001), and generates audit-ready evidence — in real-time. This SDK instruments your LangChain, CrewAI, or OpenAI Agents code with minimal changes.
+
+## Install
+
+```bash
+pip install agentgovern
+```
+
+## Quickstart — LangChain
+
+```python
+import agentgovern
+from langchain.agents import AgentExecutor, create_openai_tools_agent
+from langchain_openai import ChatOpenAI
+
+# 1. Initialize once at startup
+agentgovern.init(
+    api_key="ag_prod_...",           # from https://agentgovern.zirahn.com/settings/api-keys
+    base_url="https://agentgovern.zirahn.com",
+    environment="development",       # "production" | "staging" | "development"
+)
+
+# 2. Register your agent
+agentgovern.register_agent(
+    "credit-scoring-agent-01",
+    name="Credit Scoring Agent",
+    framework="langchain",
+)
+
+# 3. Get the callback handler
+handler = agentgovern.instrument_langchain()
+
+# 4. Pass it to your AgentExecutor — no other changes needed
+llm = ChatOpenAI(model="gpt-4o")
+agent = create_openai_tools_agent(llm, tools, prompt)
+executor = AgentExecutor(agent=agent, tools=tools, callbacks=[handler])
+
+result = executor.invoke({"input": "Evaluate loan application for customer #12345"})
+```
+
+Every tool call, LLM invocation, and agent step is automatically captured, evaluated against your enabled compliance policies, and visible in the dashboard.
+
+## Manual instrumentation (all frameworks)
+
+```python
+from agentgovern.types import ActionType, ActionStatus
+
+agentgovern.track_action(
+    agent_external_id="my-agent-id",
+    action_type=ActionType.TOOL_CALL,
+    action_name="fetch_credit_bureau_data",
+    status=ActionStatus.COMPLETED,
+    duration_ms=312,
+    input_payload={"bureau": "experian", "customer_id": "..."},
+    output_payload={"fico_score": 720},
+)
+```
+
+## Supported frameworks
+
+| Framework | Auto-instrumentation | Status |
+|-----------|---------------------|--------|
+| LangChain | `instrument_langchain()` — wraps tool and LLM callbacks | Stable |
+| CrewAI | Manual via `track_action()` | Beta |
+| OpenAI Agents API | Manual via `track_action()` | Beta |
+
+Auto-instrumentation for CrewAI and OpenAI Agents is on the roadmap.
+
+## Compliance frameworks
+
+| Framework | Status |
+|-----------|--------|
+| EU AI Act (High-Risk Systems) | Available |
+| NIST AI RMF | Coming soon |
+| ISO 42001 | Coming soon |
+
+Enable policy packs from the [AgentGovern dashboard](https://agentgovern.zirahn.com).
+
+## Configuration
+
+| Parameter | Default | Description |
+|-----------|---------|-------------|
+| `api_key` | required | SDK ingest key from the dashboard |
+| `base_url` | `https://agentgovern.zirahn.com` | API endpoint |
+| `environment` | `"production"` | `"production"` \| `"staging"` \| `"development"` |
+| `fail_silently` | `True` | If `True`, SDK errors never raise into your agent |
+
+## Design guarantees
+
+- `track_action()` returns in **< 5 ms** — all I/O is async in a background thread
+- Buffer cap: 10,000 actions; oldest dropped when full
+- Retry: 3 attempts with exponential backoff (1 s → 30 s max)
+- If AgentGovern is unreachable, your agent continues unaffected
+
+## Links
+
+- **Dashboard:** https://agentgovern.zirahn.com
+- **Documentation:** https://github.com/ahmedkhan-zirahn/agentgovern
+- **Issues:** https://github.com/ahmedkhan-zirahn/agentgovern/issues
+
+## License
+
+MIT — Copyright (c) 2026 Zirahn

agentgovern-0.1.0b1/README.md

@@ -0,0 +1,109 @@
+# AgentGovern Python SDK
+
+**Compliance-as-code for agentic AI workflows.**
+
+> **Beta** — API may change before 1.0. [Report issues](https://github.com/ahmedkhan-zirahn/agentgovern/issues).
+
+AgentGovern intercepts AI agent actions, evaluates them against configurable compliance policies (EU AI Act, NIST AI RMF, ISO 42001), and generates audit-ready evidence — in real-time. This SDK instruments your LangChain, CrewAI, or OpenAI Agents code with minimal changes.
+
+## Install
+
+```bash
+pip install agentgovern
+```
+
+## Quickstart — LangChain
+
+```python
+import agentgovern
+from langchain.agents import AgentExecutor, create_openai_tools_agent
+from langchain_openai import ChatOpenAI
+
+# 1. Initialize once at startup
+agentgovern.init(
+    api_key="ag_prod_...",           # from https://agentgovern.zirahn.com/settings/api-keys
+    base_url="https://agentgovern.zirahn.com",
+    environment="development",       # "production" | "staging" | "development"
+)
+
+# 2. Register your agent
+agentgovern.register_agent(
+    "credit-scoring-agent-01",
+    name="Credit Scoring Agent",
+    framework="langchain",
+)
+
+# 3. Get the callback handler
+handler = agentgovern.instrument_langchain()
+
+# 4. Pass it to your AgentExecutor — no other changes needed
+llm = ChatOpenAI(model="gpt-4o")
+agent = create_openai_tools_agent(llm, tools, prompt)
+executor = AgentExecutor(agent=agent, tools=tools, callbacks=[handler])
+
+result = executor.invoke({"input": "Evaluate loan application for customer #12345"})
+```
+
+Every tool call, LLM invocation, and agent step is automatically captured, evaluated against your enabled compliance policies, and visible in the dashboard.
+
+## Manual instrumentation (all frameworks)
+
+```python
+from agentgovern.types import ActionType, ActionStatus
+
+agentgovern.track_action(
+    agent_external_id="my-agent-id",
+    action_type=ActionType.TOOL_CALL,
+    action_name="fetch_credit_bureau_data",
+    status=ActionStatus.COMPLETED,
+    duration_ms=312,
+    input_payload={"bureau": "experian", "customer_id": "..."},
+    output_payload={"fico_score": 720},
+)
+```
+
+## Supported frameworks
+
+| Framework | Auto-instrumentation | Status |
+|-----------|---------------------|--------|
+| LangChain | `instrument_langchain()` — wraps tool and LLM callbacks | Stable |
+| CrewAI | Manual via `track_action()` | Beta |
+| OpenAI Agents API | Manual via `track_action()` | Beta |
+
+Auto-instrumentation for CrewAI and OpenAI Agents is on the roadmap.
+
+## Compliance frameworks
+
+| Framework | Status |
+|-----------|--------|
+| EU AI Act (High-Risk Systems) | Available |
+| NIST AI RMF | Coming soon |
+| ISO 42001 | Coming soon |
+
+Enable policy packs from the [AgentGovern dashboard](https://agentgovern.zirahn.com).
+
+## Configuration
+
+| Parameter | Default | Description |
+|-----------|---------|-------------|
+| `api_key` | required | SDK ingest key from the dashboard |
+| `base_url` | `https://agentgovern.zirahn.com` | API endpoint |
+| `environment` | `"production"` | `"production"` \| `"staging"` \| `"development"` |
+| `fail_silently` | `True` | If `True`, SDK errors never raise into your agent |
+
+## Design guarantees
+
+- `track_action()` returns in **< 5 ms** — all I/O is async in a background thread
+- Buffer cap: 10,000 actions; oldest dropped when full
+- Retry: 3 attempts with exponential backoff (1 s → 30 s max)
+- If AgentGovern is unreachable, your agent continues unaffected
+
+## Links
+
+- **Dashboard:** https://agentgovern.zirahn.com
+- **Documentation:** https://github.com/ahmedkhan-zirahn/agentgovern
+- **Issues:** https://github.com/ahmedkhan-zirahn/agentgovern/issues
+
+## License
+
+MIT — Copyright (c) 2026 Zirahn

agentgovern-0.1.0b1/agentgovern/__init__.py

@@ -0,0 +1,165 @@
+"""
+AgentGovern SDK — Compliance instrumentation for agentic AI workflows.
+
+Quickstart::
+
+    import agentgovern
+
+    agentgovern.init(api_key="ag_prod_...")
+    agentgovern.register_agent("my-credit-scoring-agent", name="Credit Scoring Agent")
+
+    # Then instrument LangChain:
+    agentgovern.instrument_langchain()
+
+    # Or track actions manually:
+    from agentgovern.types import ActionType
+    agentgovern.track_action(
+        agent_external_id="my-credit-scoring-agent",
+        action_type=ActionType.TOOL_CALL,
+        action_name="fetch_bureau_data",
+    )
+"""
+
+from __future__ import annotations
+
+from typing import Any
+
+from agentgovern.client import AgentGovernClient
+from agentgovern.exceptions import PolicyViolation
+from agentgovern.types import ActionStatus, ActionType, Environment
+
+_client: AgentGovernClient | None = None
+
+
+def init(
+    api_key: str,
+    *,
+    environment: str = "production",
+    base_url: str = "https://agentgovern.zirahn.com",
+    fail_silently: bool = True,
+) -> AgentGovernClient:
+    """
+    Initialize the AgentGovern SDK.
+
+    Must be called once at application startup before any other SDK calls.
+    The SDK is designed to never break the customer's agent — if AgentGovern
+    is unreachable, all errors are silently discarded.
+    """
+    global _client  # noqa: PLW0603
+    _client = AgentGovernClient(
+        api_key=api_key,
+        environment=environment,
+        base_url=base_url,
+        fail_silently=fail_silently,
+    )
+    return _client
+
+
+def register_agent(
+    external_id: str,
+    name: str,
+    *,
+    description: str | None = None,
+    framework: str = "custom",
+    framework_version: str | None = None,
+    owner_email: str | None = None,
+    tags: list[str] | None = None,
+    metadata: dict[str, Any] | None = None,
+) -> None:
+    """Fire-and-forget agent registration. No-op if SDK is not initialized."""
+    if _client is None:
+        return
+    _client.register_agent(
+        external_id,
+        name,
+        description=description,
+        framework=framework,
+        framework_version=framework_version,
+        owner_email=owner_email,
+        tags=tags,
+        metadata=metadata,
+    )
+
+
+def track_action(
+    agent_external_id: str,
+    action_type: ActionType,
+    action_name: str,
+    *,
+    status: ActionStatus = ActionStatus.COMPLETED,
+    duration_ms: int | None = None,
+    input_payload: dict[str, Any] | None = None,
+    output_payload: dict[str, Any] | None = None,
+    model_id: str | None = None,
+    token_count: int | None = None,
+    trace_id: str | None = None,
+    span_id: str | None = None,
+    metadata: dict[str, Any] | None = None,
+) -> None:
+    """Enqueue an action for async ingest. No-op if SDK is not initialized."""
+    if _client is None:
+        return
+    _client.track_action(
+        agent_external_id,
+        action_type,
+        action_name,
+        status=status,
+        duration_ms=duration_ms,
+        input_payload=input_payload,
+        output_payload=output_payload,
+        model_id=model_id,
+        token_count=token_count,
+        trace_id=trace_id,
+        span_id=span_id,
+        metadata=metadata,
+    )
+
+
+def instrument_langchain(agent_external_id: str | None = None) -> Any:
+    """
+    Attach AgentGovern to LangChain callbacks.
+
+    Returns the callback handler instance. Requires the 'langchain' extra:
+    ``pip install agentgovern[langchain]``
+    """
+    if _client is None:
+        raise RuntimeError("Call agentgovern.init() before instrument_langchain()")
+    from agentgovern.instrumentors.langchain import AgentGovernCallbackHandler
+
+    return AgentGovernCallbackHandler(client=_client, agent_external_id=agent_external_id)
+
+
+def heartbeat() -> dict[str, Any]:
+    """POST /v1/ingest/heartbeat — returns status dict. No-op dict if not initialized."""
+    if _client is None:
+        return {"status": "not_initialized"}
+    return _client.heartbeat()
+
+
+def status() -> dict[str, Any]:
+    """Return SDK health status."""
+    if _client is None:
+        return {"initialized": False}
+    return _client.status()
+
+
+def shutdown(timeout: float = 5.0) -> None:
+    """Flush remaining actions and stop the background thread."""
+    if _client is not None:
+        _client.shutdown(timeout=timeout)
+
+
+__all__ = [
+    "init",
+    "register_agent",
+    "track_action",
+    "instrument_langchain",
+    "heartbeat",
+    "status",
+    "shutdown",
+    "AgentGovernClient",
+    "PolicyViolation",
+    "ActionType",
+    "ActionStatus",
+    "Environment",
+]