agentkeeper-runtime-sdk 0.1.0b1__tar.gz

agentkeeper_runtime_sdk-0.1.0b1/.gitignore

@@ -0,0 +1,35 @@
+.claude/*
+!.claude/skills/
+!.claude/skills/**
+.DS_Store
+node_modules/
+dist/
+!packages/runtime-sdk/dist/
+!packages/runtime-sdk/dist/index.js
+!packages/runtime-sdk/dist/index.d.ts
+__pycache__/
+*.py[cod]
+*.egg-info/
+build/
+
+# Desktop app
+desktop/node_modules/
+desktop/dist/
+desktop/src-tauri/target/
+.vercel
+.env*
+.env*.local
+.secrets/
+deploy/secrets/**/plaintext/
+web/supabase/.temp/
+supabase/.temp/
+*.pem
+
+# Local development worktrees
+.worktrees/
+
+# Browser extension local/generated artifacts
+extension/.output/
+extension/.wxt/
+temp/*
+.vibemaker.json

agentkeeper_runtime_sdk-0.1.0b1/PKG-INFO

@@ -0,0 +1,289 @@
+Metadata-Version: 2.4
+Name: agentkeeper-runtime-sdk
+Version: 0.1.0b1
+Summary: AgentKeeper AI Agents SDK Beta for app-embedded Python agents.
+Project-URL: Homepage, https://app.agentkeeper.dev
+Project-URL: Repository, https://github.com/rad-security/agentkeeper-web
+Author: AgentKeeper
+License-Expression: Apache-2.0
+Keywords: agentkeeper,ai-agent,monitoring,runtime,security
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Typing :: Typed
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+
+# AgentKeeper AI Agents SDK Beta for Python
+
+Beta Python package for sending promptless AI agent runtime events to AgentKeeper.
+
+```bash
+pip install agentkeeper-runtime-sdk
+```
+
+The Python package supports custom agents, LangChain, LangGraph, AWS Bedrock Runtime through boto3-style clients, OpenAI Agents SDK, Azure OpenAI, Claude Managed Agents, and Anthropic SDK message/tool surfaces. Vercel AI SDK remains TypeScript-only.
+
+## Usage
+
+```python
+import os
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+
+ak = create_agentkeeper_runtime_client(
+    endpoint="https://app.agentkeeper.dev",
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="custom",
+)
+
+ak.track({
+    "event_kind": "runtime_heartbeat",
+    "capability": "observe",
+    "evidence_summary": "AI agent runtime connected",
+})
+ak.flush()
+```
+
+## Guarded Tools
+
+```python
+def lookup_customer(args):
+    return {"customer_id": args["customer_id"], "tier": "enterprise"}
+
+guarded_lookup = ak.wrap_tool(
+    "lookup_customer",
+    lookup_customer,
+    evaluate=lambda args: {"verdict": "passed", "reason": "allowed"},
+)
+
+guarded_lookup({"customer_id": "cus_123"})
+```
+
+## OpenAI Agents SDK
+
+Wrap Python functions before passing them to `function_tool` so the OpenAI Agents SDK can still infer the function signature.
+
+```python
+import asyncio
+import os
+from agents import Agent, Runner, function_tool
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.openai_agents import (
+    wrap_openai_agents_run,
+    wrap_openai_agents_tool,
+)
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="openai_agents",
+)
+
+def lookup_customer(customer_id: str) -> dict:
+    return {"customer_id": customer_id, "tier": "enterprise"}
+
+guarded_lookup_customer = function_tool(
+    wrap_openai_agents_tool(
+        lookup_customer,
+        ak,
+        tool_name="lookup_customer",
+        evaluate=lambda args: {"verdict": "passed"},
+    )
+)
+
+async def main():
+    guarded_run = wrap_openai_agents_run(Runner.run, ak)
+    agent = Agent(name="Support triage", tools=[guarded_lookup_customer])
+    await guarded_run(agent, "Check customer risk without exposing raw payloads.")
+    ak.flush()
+
+asyncio.run(main())
+```
+
+## Anthropic SDK
+
+Anthropic message calls are model-only observation. Wrap local tool handlers or runnable `run(input)` functions for blocking.
+
+```python
+import os
+from anthropic import Anthropic
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.anthropic import (
+    wrap_anthropic_client,
+    wrap_anthropic_tool,
+)
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="anthropic_sdk",
+)
+
+anthropic = wrap_anthropic_client(Anthropic(), ak)
+lookup_customer = wrap_anthropic_tool(
+    "lookup_customer",
+    lambda args: {"customer_id": args["customer_id"], "tier": "enterprise"},
+    ak,
+    evaluate=lambda args: {"verdict": "passed"},
+)
+
+message = anthropic.messages.create(
+    model=os.environ.get("ANTHROPIC_MODEL", "claude-sonnet-4-6"),
+    max_tokens=1024,
+    tools=[{
+        "name": "lookup_customer",
+        "description": "Look up a customer before support actions.",
+        "input_schema": {
+            "type": "object",
+            "properties": {"customer_id": {"type": "string"}},
+            "required": ["customer_id"],
+        },
+    }],
+    messages=[{"role": "user", "content": "Check customer risk."}],
+)
+
+for block in getattr(message, "content", []):
+    if getattr(block, "type", None) == "tool_use" and getattr(block, "name", None) == "lookup_customer":
+        lookup_customer(getattr(block, "input", {}))
+
+ak.flush()
+```
+
+## Azure OpenAI
+
+Azure OpenAI is model-only observation. The wrapper records safe metadata for `chat.completions.create()`, `responses.create()`, and `embeddings.create()` without storing prompts, messages, inputs, outputs, or provider request/response bodies.
+
+```python
+import os
+from openai import AzureOpenAI
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.azure_openai import wrap_azure_openai_client
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="azure_openai",
+)
+
+deployment = os.environ.get("AZURE_OPENAI_DEPLOYMENT", "gpt-4o-mini")
+azure_openai = wrap_azure_openai_client(
+    AzureOpenAI(
+        api_key=os.environ["AZURE_OPENAI_API_KEY"],
+        azure_endpoint=os.environ["AZURE_OPENAI_ENDPOINT"],
+        api_version=os.environ.get("AZURE_OPENAI_API_VERSION", "2024-10-21"),
+    ),
+    ak,
+)
+
+azure_openai.chat.completions.create(
+    model=deployment,
+    messages=[{"role": "user", "content": "Check customer risk."}],
+)
+
+ak.flush()
+```
+
+## Claude Managed Agents
+
+Claude Managed Agents are hosted-session observation. The wrapper records safe agent, environment, session, event, stream, token, tool-name, and stop-reason metadata around Anthropic `client.beta.*` calls. It does not claim local pre-tool blocking for Anthropic-hosted sandbox/tool execution.
+
+```python
+import os
+from anthropic import Anthropic
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.claude_managed_agents import wrap_claude_managed_agents_client
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="claude_managed_agents",
+)
+
+client = wrap_claude_managed_agents_client(Anthropic(), ak)
+agent = client.beta.agents.create(
+    name="Support triage",
+    model=os.environ.get("ANTHROPIC_MANAGED_AGENT_MODEL", "claude-sonnet-4-6"),
+    system="Help support engineers without exposing raw payloads.",
+    tools=[{"type": "agent_toolset_20260401"}],
+)
+
+session = client.beta.sessions.create(
+    agent=agent.id,
+    environment_id=os.environ["ANTHROPIC_ENVIRONMENT_ID"],
+    title="Support triage",
+)
+
+with client.beta.sessions.events.stream(session.id) as stream:
+    client.beta.sessions.events.send(
+        session.id,
+        events=[{
+            "type": "user.message",
+            "content": [{"type": "text", "text": "Check customer risk."}],
+        }],
+    )
+    for event in stream:
+        if getattr(event, "type", None) == "session.status_idle":
+            break
+
+ak.flush()
+```
+
+## LangChain and LangGraph
+
+```python
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.langchain import (
+    create_langchain_callback_handler,
+    wrap_langchain_tool,
+)
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_integration="langchain",
+)
+
+callbacks = [create_langchain_callback_handler(ak)]
+guarded_lookup = wrap_langchain_tool(customer_lookup_tool, ak)
+
+chain.invoke({"input": "Check customer risk."}, {"callbacks": callbacks})
+ak.flush()
+```
+
+Use `create_langgraph_callback_handler()` and `wrap_langgraph_tool()` for LangGraph.
+
+## AWS Bedrock Runtime
+
+```python
+import boto3
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.bedrock import wrap_bedrock_runtime_client
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_integration="bedrock",
+)
+
+bedrock = wrap_bedrock_runtime_client(
+    boto3.client("bedrock-runtime", region_name="us-east-1"),
+    ak,
+)
+
+bedrock.converse(
+    modelId="anthropic.claude-3-5-sonnet-20241022-v2:0",
+    messages=[{"role": "user", "content": [{"text": "Hello"}]}],
+)
+ak.flush()
+```
+
+## Privacy
+
+Raw prompts, assistant output, tool arguments, provider request bodies, provider response bodies, and file contents are rejected by default. Send redacted summaries, hashes, model names, tool names, token counts, domains, and structured detector evidence instead.

agentkeeper_runtime_sdk-0.1.0b1/README.md

@@ -0,0 +1,272 @@
+# AgentKeeper AI Agents SDK Beta for Python
+
+Beta Python package for sending promptless AI agent runtime events to AgentKeeper.
+
+```bash
+pip install agentkeeper-runtime-sdk
+```
+
+The Python package supports custom agents, LangChain, LangGraph, AWS Bedrock Runtime through boto3-style clients, OpenAI Agents SDK, Azure OpenAI, Claude Managed Agents, and Anthropic SDK message/tool surfaces. Vercel AI SDK remains TypeScript-only.
+
+## Usage
+
+```python
+import os
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+
+ak = create_agentkeeper_runtime_client(
+    endpoint="https://app.agentkeeper.dev",
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="custom",
+)
+
+ak.track({
+    "event_kind": "runtime_heartbeat",
+    "capability": "observe",
+    "evidence_summary": "AI agent runtime connected",
+})
+ak.flush()
+```
+
+## Guarded Tools
+
+```python
+def lookup_customer(args):
+    return {"customer_id": args["customer_id"], "tier": "enterprise"}
+
+guarded_lookup = ak.wrap_tool(
+    "lookup_customer",
+    lookup_customer,
+    evaluate=lambda args: {"verdict": "passed", "reason": "allowed"},
+)
+
+guarded_lookup({"customer_id": "cus_123"})
+```
+
+## OpenAI Agents SDK
+
+Wrap Python functions before passing them to `function_tool` so the OpenAI Agents SDK can still infer the function signature.
+
+```python
+import asyncio
+import os
+from agents import Agent, Runner, function_tool
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.openai_agents import (
+    wrap_openai_agents_run,
+    wrap_openai_agents_tool,
+)
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="openai_agents",
+)
+
+def lookup_customer(customer_id: str) -> dict:
+    return {"customer_id": customer_id, "tier": "enterprise"}
+
+guarded_lookup_customer = function_tool(
+    wrap_openai_agents_tool(
+        lookup_customer,
+        ak,
+        tool_name="lookup_customer",
+        evaluate=lambda args: {"verdict": "passed"},
+    )
+)
+
+async def main():
+    guarded_run = wrap_openai_agents_run(Runner.run, ak)
+    agent = Agent(name="Support triage", tools=[guarded_lookup_customer])
+    await guarded_run(agent, "Check customer risk without exposing raw payloads.")
+    ak.flush()
+
+asyncio.run(main())
+```
+
+## Anthropic SDK
+
+Anthropic message calls are model-only observation. Wrap local tool handlers or runnable `run(input)` functions for blocking.
+
+```python
+import os
+from anthropic import Anthropic
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.anthropic import (
+    wrap_anthropic_client,
+    wrap_anthropic_tool,
+)
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="anthropic_sdk",
+)
+
+anthropic = wrap_anthropic_client(Anthropic(), ak)
+lookup_customer = wrap_anthropic_tool(
+    "lookup_customer",
+    lambda args: {"customer_id": args["customer_id"], "tier": "enterprise"},
+    ak,
+    evaluate=lambda args: {"verdict": "passed"},
+)
+
+message = anthropic.messages.create(
+    model=os.environ.get("ANTHROPIC_MODEL", "claude-sonnet-4-6"),
+    max_tokens=1024,
+    tools=[{
+        "name": "lookup_customer",
+        "description": "Look up a customer before support actions.",
+        "input_schema": {
+            "type": "object",
+            "properties": {"customer_id": {"type": "string"}},
+            "required": ["customer_id"],
+        },
+    }],
+    messages=[{"role": "user", "content": "Check customer risk."}],
+)
+
+for block in getattr(message, "content", []):
+    if getattr(block, "type", None) == "tool_use" and getattr(block, "name", None) == "lookup_customer":
+        lookup_customer(getattr(block, "input", {}))
+
+ak.flush()
+```
+
+## Azure OpenAI
+
+Azure OpenAI is model-only observation. The wrapper records safe metadata for `chat.completions.create()`, `responses.create()`, and `embeddings.create()` without storing prompts, messages, inputs, outputs, or provider request/response bodies.
+
+```python
+import os
+from openai import AzureOpenAI
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.azure_openai import wrap_azure_openai_client
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="azure_openai",
+)
+
+deployment = os.environ.get("AZURE_OPENAI_DEPLOYMENT", "gpt-4o-mini")
+azure_openai = wrap_azure_openai_client(
+    AzureOpenAI(
+        api_key=os.environ["AZURE_OPENAI_API_KEY"],
+        azure_endpoint=os.environ["AZURE_OPENAI_ENDPOINT"],
+        api_version=os.environ.get("AZURE_OPENAI_API_VERSION", "2024-10-21"),
+    ),
+    ak,
+)
+
+azure_openai.chat.completions.create(
+    model=deployment,
+    messages=[{"role": "user", "content": "Check customer risk."}],
+)
+
+ak.flush()
+```
+
+## Claude Managed Agents
+
+Claude Managed Agents are hosted-session observation. The wrapper records safe agent, environment, session, event, stream, token, tool-name, and stop-reason metadata around Anthropic `client.beta.*` calls. It does not claim local pre-tool blocking for Anthropic-hosted sandbox/tool execution.
+
+```python
+import os
+from anthropic import Anthropic
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.claude_managed_agents import wrap_claude_managed_agents_client
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_environment=os.environ.get("APP_ENV", "local"),
+    runtime_integration="claude_managed_agents",
+)
+
+client = wrap_claude_managed_agents_client(Anthropic(), ak)
+agent = client.beta.agents.create(
+    name="Support triage",
+    model=os.environ.get("ANTHROPIC_MANAGED_AGENT_MODEL", "claude-sonnet-4-6"),
+    system="Help support engineers without exposing raw payloads.",
+    tools=[{"type": "agent_toolset_20260401"}],
+)
+
+session = client.beta.sessions.create(
+    agent=agent.id,
+    environment_id=os.environ["ANTHROPIC_ENVIRONMENT_ID"],
+    title="Support triage",
+)
+
+with client.beta.sessions.events.stream(session.id) as stream:
+    client.beta.sessions.events.send(
+        session.id,
+        events=[{
+            "type": "user.message",
+            "content": [{"type": "text", "text": "Check customer risk."}],
+        }],
+    )
+    for event in stream:
+        if getattr(event, "type", None) == "session.status_idle":
+            break
+
+ak.flush()
+```
+
+## LangChain and LangGraph
+
+```python
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.langchain import (
+    create_langchain_callback_handler,
+    wrap_langchain_tool,
+)
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_integration="langchain",
+)
+
+callbacks = [create_langchain_callback_handler(ak)]
+guarded_lookup = wrap_langchain_tool(customer_lookup_tool, ak)
+
+chain.invoke({"input": "Check customer risk."}, {"callbacks": callbacks})
+ak.flush()
+```
+
+Use `create_langgraph_callback_handler()` and `wrap_langgraph_tool()` for LangGraph.
+
+## AWS Bedrock Runtime
+
+```python
+import boto3
+from agentkeeper_runtime_sdk import create_agentkeeper_runtime_client
+from agentkeeper_runtime_sdk.bedrock import wrap_bedrock_runtime_client
+
+ak = create_agentkeeper_runtime_client(
+    api_key=os.environ.get("AGENTKEEPER_RUNTIME_SDK_KEY"),
+    runtime_service="support-agent",
+    runtime_integration="bedrock",
+)
+
+bedrock = wrap_bedrock_runtime_client(
+    boto3.client("bedrock-runtime", region_name="us-east-1"),
+    ak,
+)
+
+bedrock.converse(
+    modelId="anthropic.claude-3-5-sonnet-20241022-v2:0",
+    messages=[{"role": "user", "content": [{"text": "Hello"}]}],
+)
+ak.flush()
+```
+
+## Privacy
+
+Raw prompts, assistant output, tool arguments, provider request bodies, provider response bodies, and file contents are rejected by default. Send redacted summaries, hashes, model names, tool names, token counts, domains, and structured detector evidence instead.

agentkeeper_runtime_sdk-0.1.0b1/pyproject.toml

@@ -0,0 +1,30 @@
+[build-system]
+requires = ["hatchling>=1.25"]
+build-backend = "hatchling.build"
+
+[project]
+name = "agentkeeper-runtime-sdk"
+version = "0.1.0b1"
+description = "AgentKeeper AI Agents SDK Beta for app-embedded Python agents."
+readme = "README.md"
+requires-python = ">=3.9"
+license = "Apache-2.0"
+authors = [
+  { name = "AgentKeeper" }
+]
+keywords = ["agentkeeper", "ai-agent", "runtime", "security", "monitoring"]
+classifiers = [
+  "Development Status :: 4 - Beta",
+  "Intended Audience :: Developers",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3 :: Only",
+  "Typing :: Typed",
+]
+
+[project.urls]
+Homepage = "https://app.agentkeeper.dev"
+Repository = "https://github.com/rad-security/agentkeeper-web"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/agentkeeper_runtime_sdk"]
+

agentkeeper_runtime_sdk-0.1.0b1/src/agentkeeper_runtime_sdk/__init__.py

@@ -0,0 +1,45 @@
+from .anthropic import (
+    wrap_anthropic_client,
+    wrap_anthropic_runnable_tool,
+    wrap_anthropic_tool,
+)
+from .bedrock import wrap_bedrock_runtime_client
+from .azure_openai import wrap_azure_openai_client
+from .claude_managed_agents import wrap_claude_managed_agents_client
+from .client import (
+    AgentKeeperRuntimeClient,
+    TrackResult,
+    create_agentkeeper_runtime_client,
+    find_raw_payload_keys,
+)
+from .langchain import (
+    create_langchain_callback_handler,
+    create_langgraph_callback_handler,
+    wrap_langchain_tool,
+    wrap_langgraph_tool,
+)
+from .openai_agents import (
+    wrap_openai_agents_run,
+    wrap_openai_agents_sdk,
+    wrap_openai_agents_tool,
+)
+
+__all__ = [
+    "AgentKeeperRuntimeClient",
+    "TrackResult",
+    "create_agentkeeper_runtime_client",
+    "find_raw_payload_keys",
+    "create_langchain_callback_handler",
+    "create_langgraph_callback_handler",
+    "wrap_langchain_tool",
+    "wrap_langgraph_tool",
+    "wrap_bedrock_runtime_client",
+    "wrap_azure_openai_client",
+    "wrap_claude_managed_agents_client",
+    "wrap_openai_agents_run",
+    "wrap_openai_agents_sdk",
+    "wrap_openai_agents_tool",
+    "wrap_anthropic_client",
+    "wrap_anthropic_runnable_tool",
+    "wrap_anthropic_tool",
+]