agentmesh-proxy 0.2.1__tar.gz → 0.3.0__tar.gz

agentmesh_proxy-0.3.0/.dockerignore

@@ -0,0 +1,20 @@
+.git
+.venv
+venv
+__pycache__
+*.pyc
+*.pyo
+dist/
+build/
+*.egg-info/
+hf-space/
+.pytest_cache/
+.mypy_cache/
+.ruff_cache/
+htmlcov/
+.coverage
+*.log
+node_modules/
+agentmesh-extension/
+docs/
+spaces/

agentmesh_proxy-0.3.0/Dockerfile

@@ -0,0 +1,18 @@
+FROM python:3.11-slim
+
+WORKDIR /app
+
+# Install core deps first for layer caching
+COPY pyproject.toml README.md LICENSE ./
+RUN pip install --no-cache-dir "agentmesh-proxy[semantic]==0.2.1"
+
+# Copy source (for SDK / CLI usage on top of installed package)
+COPY agentmesh/ ./agentmesh/
+COPY examples/ ./examples/
+
+EXPOSE 8080
+
+ENV AGENTMESH_HOST=0.0.0.0
+ENV AGENTMESH_PORT=8080
+
+CMD ["python", "-m", "agentmesh.cli", "serve", "--host", "0.0.0.0", "--port", "8080"]

{agentmesh_proxy-0.2.1 → agentmesh_proxy-0.3.0}/PKG-INFO

@@ -1,7 +1,7 @@
 Metadata-Version: 2.4
 Name: agentmesh-proxy
-Version: 0.2.1
-Summary: Governance proxy for every AI tool — semantic cache, token quotas, vendor routing, Chrome extension
+Version: 0.3.0
+Summary: Governance proxy for every AI tool — PII/PHI masking, prompt injection detection, anomaly alerts, semantic cache, token quotas, vendor routing, compliance reports
 Project-URL: Homepage, https://github.com/anilatambharii/agentmesh
 Project-URL: Documentation, https://github.com/anilatambharii/agentmesh/tree/main/docs
 Project-URL: Repository, https://github.com/anilatambharii/agentmesh
@@ -34,7 +34,7 @@ Requires-Dist: pydantic>=2.0
 Requires-Dist: pyyaml>=6.0
 Requires-Dist: uvicorn>=0.29
 Provides-Extra: all
-Requires-Dist: agentmesh[compression,crewai,langgraph,openai,otel,semantic]; extra == 'all'
+Requires-Dist: agentmesh[compression,crewai,langgraph,openai,otel,pdf,redis,semantic]; extra == 'all'
 Provides-Extra: compression
 Requires-Dist: llmlingua>=0.2; extra == 'compression'
 Provides-Extra: crewai
@@ -59,6 +59,10 @@ Requires-Dist: openai>=1.50; extra == 'openai'
 Provides-Extra: otel
 Requires-Dist: opentelemetry-exporter-otlp-proto-grpc>=1.25; extra == 'otel'
 Requires-Dist: opentelemetry-sdk>=1.25; extra == 'otel'
+Provides-Extra: pdf
+Requires-Dist: reportlab>=4.0; extra == 'pdf'
+Provides-Extra: redis
+Requires-Dist: redis>=5.0; extra == 'redis'
 Provides-Extra: semantic
 Requires-Dist: sentence-transformers>=2.6; extra == 'semantic'
 Description-Content-Type: text/markdown
@@ -81,6 +85,75 @@ Description-Content-Type: text/markdown
 
 ---
 
+## Enterprise Governance Features
+
+AgentMesh ships a complete enterprise security and compliance stack — no third-party SaaS required.
+
+| Feature | Module | What it does |
+|---|---|---|
+| **PII / PHI / PCI masking** | `agentmesh/security/pii_scanner.py` | Scans every prompt for SSN, credit cards, medical records, AWS keys, JWTs — masks or blocks before the LLM sees them |
+| **Prompt injection detection** | `agentmesh/security/injection_detector.py` | 14 rules covering DAN, roleplay jailbreaks, role confusion, encoding tricks — HIGH risk blocked automatically |
+| **Output toxicity filter** | `agentmesh/security/toxicity_filter.py` | Post-call scan of LLM responses for hate speech, hallucinations, policy leaks, refusal bypasses |
+| **Cost anomaly detection** | `agentmesh/monitoring/anomaly_detector.py` | Sliding-window burn rate, spend spike, runaway agent loop, cache miss flood — fires alerts in real time |
+| **Slack / PagerDuty alerts** | `agentmesh/integrations/webhooks.py` | Fire-and-forget alerts on anomalies, quota blocks, injection detections — never blocks the request path |
+| **Redis distributed cache** | `agentmesh/cache/redis_backend.py` | Shared semantic cache across multiple proxy instances — falls back to in-memory if Redis is unavailable |
+| **SAML / SSO identity** | `agentmesh/integrations/saml_handler.py` | Extracts team/user identity from SAML assertions, OIDC JWTs, or pre-verified proxy headers |
+| **Vendor health monitor** | `agentmesh/optimizer/health_monitor.py` | Per-vendor circuit breaker — automatically routes around degraded APIs |
+| **EU AI Act / HIPAA reports** | `agentmesh/compliance/pdf_report.py` | One-click compliance reports for EU AI Act, HIPAA, SOC2, NIST AI RMF — Markdown and PDF |
+| **Chargeback export** | `agentmesh/attribution/chargebacks.py` | Per-team, per-month, per-model cost attribution — CSV and JSON for internal billing |
+
+### Quick config
+
+```python
+from agentmesh.proxy.server import ProxyConfig, build_proxy_app
+
+app = build_proxy_app(ProxyConfig(
+    vendors=["anthropic", "openai", "google"],
+
+    # Security
+    pii_mode="mask",               # "mask" | "redact" | "block"
+    block_injections=True,         # block HIGH-risk prompt injection
+    toxicity_filter=True,          # filter harmful LLM output
+
+    # Monitoring
+    anomaly_detection=True,
+    slack_webhook="https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK",
+    pagerduty_key="YOUR_PD_ROUTING_KEY",
+
+    # Infrastructure
+    redis_url="redis://your-redis:6379/0",   # distributed cache
+    sso_enabled=True,                        # JWT/SAML identity extraction
+
+    # Deterministic mode — temperature=0 per team
+    deterministic_teams={"healthcare": "claude-haiku-4-5", "legal": "claude-sonnet-4-6"},
+))
+```
+
+New governance response headers:
+
+```
+X-AgentMesh-PII-Findings:     3           # entities masked in this prompt
+X-AgentMesh-PII-Types:        EMAIL,SSN   # types detected
+X-AgentMesh-Injection-Risk:   high        # injection detected (request blocked)
+X-AgentMesh-Toxicity:         TOXICITY    # output toxicity type
+X-AgentMesh-Toxicity-Action:  redacted    # redacted | blocked
+X-AgentMesh-Anomaly:          RUNAWAY_LOOP
+X-AgentMesh-SSO-Source:       jwt         # jwt | saml | header
+X-AgentMesh-Deterministic:    true
+```
+
+### Compliance report (one line)
+
+```python
+from agentmesh.compliance.pdf_report import ComplianceReporter, Framework
+
+reporter = ComplianceReporter(policy=your_policy, audit_trail=your_audit)
+reporter.generate_pdf(Framework.HIPAA, output_path="hipaa_report.pdf")
+reporter.generate_pdf(Framework.EU_AI_ACT, output_path="eu_ai_act_report.pdf")
+```
+
+---
+
 ## What it does
 
 AgentMesh sits between your engineers and every LLM API. It enforces token budgets, semantically caches repeated prompts, and routes calls to the cheapest capable model — without touching a single line of agent code.
@@ -99,7 +172,7 @@ Your LangGraph / CrewAI / AutoGen agents                                   OpenA
 ## Benchmark — real numbers, demo mode, no API keys needed
 
 ```bash
-pip install agentmesh-proxy-proxy sentence-transformers
+pip install agentmesh-proxy sentence-transformers
 python examples/benchmark.py
 ```
 
@@ -318,15 +391,15 @@ Your agents (LangGraph etc.) ─────────────────
               ┌─────────▼──────────┐
               │   AgentMesh Proxy  │
               │                    │
-              │  1. Exact cache    │   SHA-256 → 0 tokens
+              │  1. Circuit breaker│   kill runaway loops first
               │  2. Quota check    │   pre-call estimation
-              │  3. Compression    │   budget < 30%
-              │  4. Dry-run gate   │   require_approval mode
+              │  3. Exact cache    │   SHA-256 → 0 tokens
+              │  4. Semantic cache │   sentence-transformers cosine
               │  5. Vendor route   │   cheapest capable model
-              │  6. Audit log      │   Ed25519 tamper-evident
-              │  7. LLM call       │   Anthropic cache_control
+              │  6. Provider cache │   Anthropic cache_control
+              │  7. LLM call       │   only if all caches missed
               │  8. Cache store    │   semantic + exact
-              │  9. Cost calc      │   per-team attribution
+              │  9. Audit log      │   Ed25519 tamper-evident
               └─────────┬──────────┘
                         │
           ┌─────────────┼──────────────┐

agentmesh_proxy-0.3.0/PRIVACY.md

@@ -0,0 +1,39 @@
+# Privacy Policy — AgentMesh
+
+**Last updated: June 2026**
+
+## Summary
+
+AgentMesh does not collect, transmit, or store any personal data on external servers. All data stays on your local machine.
+
+## What the Chrome extension does
+
+The AgentMesh Chrome extension:
+
+- Intercepts prompts you type into ChatGPT, Claude.ai, and Gemini **before** they are sent
+- Forwards those prompts to a **locally running proxy** on your own machine (localhost:8080 by default)
+- Displays governance metadata (cache hit/miss, quota usage, tokens saved) in a popup
+
+## Data collected
+
+| Data | Where it goes | Stored externally? |
+|---|---|---|
+| Prompt text | Local proxy only (localhost) | No |
+| Cache hit/miss stats | chrome.storage.local (your browser) | No |
+| Tokens saved / cost saved | chrome.storage.local (your browser) | No |
+| Proxy port setting | chrome.storage.sync (your Google account) | No |
+
+## What we do NOT do
+
+- We do not send any data to AgentMesh servers (there are none)
+- We do not collect analytics or telemetry
+- We do not sell, share, or transmit any user data to third parties
+- We do not store prompt content beyond the local proxy cache on your machine
+
+## Local proxy
+
+The AgentMesh proxy runs entirely on your own machine. Prompt data sent to `localhost` never leaves your device unless you explicitly forward it to an LLM API (Anthropic, OpenAI, Google) — the same call your browser would have made anyway.
+
+## Contact
+
+Questions? Open an issue at [github.com/anilatambharii/agentmesh/issues](https://github.com/anilatambharii/agentmesh/issues) or email anil@ambharii.com.

{agentmesh_proxy-0.2.1 → agentmesh_proxy-0.3.0}/README.md

@@ -16,6 +16,75 @@
 
 ---
 
+## Enterprise Governance Features
+
+AgentMesh ships a complete enterprise security and compliance stack — no third-party SaaS required.
+
+| Feature | Module | What it does |
+|---|---|---|
+| **PII / PHI / PCI masking** | `agentmesh/security/pii_scanner.py` | Scans every prompt for SSN, credit cards, medical records, AWS keys, JWTs — masks or blocks before the LLM sees them |
+| **Prompt injection detection** | `agentmesh/security/injection_detector.py` | 14 rules covering DAN, roleplay jailbreaks, role confusion, encoding tricks — HIGH risk blocked automatically |
+| **Output toxicity filter** | `agentmesh/security/toxicity_filter.py` | Post-call scan of LLM responses for hate speech, hallucinations, policy leaks, refusal bypasses |
+| **Cost anomaly detection** | `agentmesh/monitoring/anomaly_detector.py` | Sliding-window burn rate, spend spike, runaway agent loop, cache miss flood — fires alerts in real time |
+| **Slack / PagerDuty alerts** | `agentmesh/integrations/webhooks.py` | Fire-and-forget alerts on anomalies, quota blocks, injection detections — never blocks the request path |
+| **Redis distributed cache** | `agentmesh/cache/redis_backend.py` | Shared semantic cache across multiple proxy instances — falls back to in-memory if Redis is unavailable |
+| **SAML / SSO identity** | `agentmesh/integrations/saml_handler.py` | Extracts team/user identity from SAML assertions, OIDC JWTs, or pre-verified proxy headers |
+| **Vendor health monitor** | `agentmesh/optimizer/health_monitor.py` | Per-vendor circuit breaker — automatically routes around degraded APIs |
+| **EU AI Act / HIPAA reports** | `agentmesh/compliance/pdf_report.py` | One-click compliance reports for EU AI Act, HIPAA, SOC2, NIST AI RMF — Markdown and PDF |
+| **Chargeback export** | `agentmesh/attribution/chargebacks.py` | Per-team, per-month, per-model cost attribution — CSV and JSON for internal billing |
+
+### Quick config
+
+```python
+from agentmesh.proxy.server import ProxyConfig, build_proxy_app
+
+app = build_proxy_app(ProxyConfig(
+    vendors=["anthropic", "openai", "google"],
+
+    # Security
+    pii_mode="mask",               # "mask" | "redact" | "block"
+    block_injections=True,         # block HIGH-risk prompt injection
+    toxicity_filter=True,          # filter harmful LLM output
+
+    # Monitoring
+    anomaly_detection=True,
+    slack_webhook="https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK",
+    pagerduty_key="YOUR_PD_ROUTING_KEY",
+
+    # Infrastructure
+    redis_url="redis://your-redis:6379/0",   # distributed cache
+    sso_enabled=True,                        # JWT/SAML identity extraction
+
+    # Deterministic mode — temperature=0 per team
+    deterministic_teams={"healthcare": "claude-haiku-4-5", "legal": "claude-sonnet-4-6"},
+))
+```
+
+New governance response headers:
+
+```
+X-AgentMesh-PII-Findings:     3           # entities masked in this prompt
+X-AgentMesh-PII-Types:        EMAIL,SSN   # types detected
+X-AgentMesh-Injection-Risk:   high        # injection detected (request blocked)
+X-AgentMesh-Toxicity:         TOXICITY    # output toxicity type
+X-AgentMesh-Toxicity-Action:  redacted    # redacted | blocked
+X-AgentMesh-Anomaly:          RUNAWAY_LOOP
+X-AgentMesh-SSO-Source:       jwt         # jwt | saml | header
+X-AgentMesh-Deterministic:    true
+```
+
+### Compliance report (one line)
+
+```python
+from agentmesh.compliance.pdf_report import ComplianceReporter, Framework
+
+reporter = ComplianceReporter(policy=your_policy, audit_trail=your_audit)
+reporter.generate_pdf(Framework.HIPAA, output_path="hipaa_report.pdf")
+reporter.generate_pdf(Framework.EU_AI_ACT, output_path="eu_ai_act_report.pdf")
+```
+
+---
+
 ## What it does
 
 AgentMesh sits between your engineers and every LLM API. It enforces token budgets, semantically caches repeated prompts, and routes calls to the cheapest capable model — without touching a single line of agent code.
@@ -34,7 +103,7 @@ Your LangGraph / CrewAI / AutoGen agents                                   OpenA
 ## Benchmark — real numbers, demo mode, no API keys needed
 
 ```bash
-pip install agentmesh-proxy-proxy sentence-transformers
+pip install agentmesh-proxy sentence-transformers
 python examples/benchmark.py
 ```
 
@@ -253,15 +322,15 @@ Your agents (LangGraph etc.) ─────────────────
               ┌─────────▼──────────┐
               │   AgentMesh Proxy  │
               │                    │
-              │  1. Exact cache    │   SHA-256 → 0 tokens
+              │  1. Circuit breaker│   kill runaway loops first
               │  2. Quota check    │   pre-call estimation
-              │  3. Compression    │   budget < 30%
-              │  4. Dry-run gate   │   require_approval mode
+              │  3. Exact cache    │   SHA-256 → 0 tokens
+              │  4. Semantic cache │   sentence-transformers cosine
               │  5. Vendor route   │   cheapest capable model
-              │  6. Audit log      │   Ed25519 tamper-evident
-              │  7. LLM call       │   Anthropic cache_control
+              │  6. Provider cache │   Anthropic cache_control
+              │  7. LLM call       │   only if all caches missed
               │  8. Cache store    │   semantic + exact
-              │  9. Cost calc      │   per-team attribution
+              │  9. Audit log      │   Ed25519 tamper-evident
               └─────────┬──────────┘
                         │
           ┌─────────────┼──────────────┐

agentmesh_proxy-0.3.0/agentmesh/cache/__init__.py

@@ -0,0 +1 @@
+

agentmesh_proxy-0.3.0/agentmesh/cache/redis_backend.py

@@ -0,0 +1,184 @@
+"""
+Redis Distributed Cache Backend
+
+Drop-in replacement for the in-memory CostOptimizer cache.
+Enables shared cache across multiple AgentMesh proxy instances.
+
+Features:
+  - Exact match cache (SHA-256 key → JSON blob)
+  - Semantic cache (vector stored as JSON array alongside blob)
+  - TTL support (configurable per cache tier)
+  - Atomic get+set via Redis pipelines
+  - Graceful fallback to in-memory if Redis is unavailable
+
+Usage:
+  from agentmesh.cache.redis_backend import RedisCache
+
+  cache = RedisCache(url="redis://localhost:6379/0", ttl_seconds=3600)
+  cache.put("my-key", {"content": "Hello"}, model="claude-haiku-4-5", tokens=100)
+  hit = cache.get("my-key")
+"""
+
+from __future__ import annotations
+
+import hashlib
+import json
+import logging
+import time
+from typing import Any, Dict, Optional, Tuple
+
+logger = logging.getLogger(__name__)
+
+_REDIS_AVAILABLE = False
+try:
+    import redis as _redis
+    _REDIS_AVAILABLE = True
+except ImportError:
+    pass
+
+
+class RedisCache:
+    """
+    Redis-backed distributed cache for AgentMesh.
+
+    Falls back to a local dict if Redis is unavailable so the proxy
+    keeps running without a Redis dependency.
+
+    Args:
+        url:              Redis URL  e.g. "redis://localhost:6379/0"
+                          or "rediss://user:pass@host:6380/0" for TLS
+        ttl_seconds:      Default TTL for cache entries (default 3600)
+        key_prefix:       Namespace prefix for all keys (default "agentmesh:")
+        max_local_fallback: In-memory fallback entries when Redis is down
+    """
+
+    def __init__(
+        self,
+        url:                  str = "redis://localhost:6379/0",
+        ttl_seconds:          int = 3600,
+        key_prefix:           str = "agentmesh:",
+        max_local_fallback:   int = 1000,
+    ):
+        self.ttl    = ttl_seconds
+        self.prefix = key_prefix
+        self._local: Dict[str, Any]     = {}   # fallback
+        self._local_ts: Dict[str, float] = {}
+        self._max_local = max_local_fallback
+        self._client = None
+
+        if _REDIS_AVAILABLE:
+            try:
+                self._client = _redis.from_url(
+                    url, decode_responses=True,
+                    socket_connect_timeout=2,
+                    socket_timeout=1,
+                )
+                self._client.ping()
+                logger.info("RedisCache connected to %s", url)
+            except Exception as e:
+                logger.warning("RedisCache: Redis unavailable (%s) — using local fallback", e)
+                self._client = None
+        else:
+            logger.warning("RedisCache: redis-py not installed. Run: pip install redis")
+
+    # ── Public API (mirrors CostOptimizer cache interface) ────────────────────
+
+    def get(self, key: str) -> Optional[dict]:
+        """Return cached response dict or None."""
+        rkey = self._rkey(key)
+        if self._client:
+            try:
+                raw = self._client.get(rkey)
+                if raw:
+                    return json.loads(raw)
+            except Exception as e:
+                logger.debug("Redis get error: %s", e)
+        # Fallback
+        if key in self._local:
+            if time.monotonic() - self._local_ts[key] < self.ttl:
+                return self._local[key]
+            del self._local[key]
+        return None
+
+    def put(self, key: str, value: dict, model: str = "", tokens: int = 0) -> None:
+        """Store a response dict with TTL."""
+        rkey = self._rkey(key)
+        blob = json.dumps(value)
+        if self._client:
+            try:
+                self._client.setex(rkey, self.ttl, blob)
+                return
+            except Exception as e:
+                logger.debug("Redis put error: %s", e)
+        # Fallback — evict oldest if full
+        if len(self._local) >= self._max_local:
+            oldest = min(self._local_ts, key=self._local_ts.get)
+            self._local.pop(oldest, None)
+            self._local_ts.pop(oldest, None)
+        self._local[key]    = value
+        self._local_ts[key] = time.monotonic()
+
+    def get_semantic(self, key: str) -> Optional[Tuple[dict, list]]:
+        """Return (response, embedding_vector) or None."""
+        rkey = self._rkey(f"sem:{key}")
+        if self._client:
+            try:
+                raw = self._client.get(rkey)
+                if raw:
+                    data = json.loads(raw)
+                    return data.get("response"), data.get("embedding", [])
+            except Exception as e:
+                logger.debug("Redis get_semantic error: %s", e)
+        return None
+
+    def put_semantic(self, key: str, response: dict, embedding: list) -> None:
+        """Store a response + its embedding vector."""
+        rkey = self._rkey(f"sem:{key}")
+        blob = json.dumps({"response": response, "embedding": embedding})
+        if self._client:
+            try:
+                self._client.setex(rkey, self.ttl, blob)
+                return
+            except Exception as e:
+                logger.debug("Redis put_semantic error: %s", e)
+
+    def invalidate(self, key: str) -> None:
+        rkey = self._rkey(key)
+        if self._client:
+            try:
+                self._client.delete(rkey, self._rkey(f"sem:{key}"))
+            except Exception:
+                pass
+        self._local.pop(key, None)
+
+    def flush(self) -> int:
+        """Clear all AgentMesh keys. Returns count deleted."""
+        if self._client:
+            try:
+                keys = self._client.keys(f"{self.prefix}*")
+                if keys:
+                    return self._client.delete(*keys)
+            except Exception:
+                pass
+        n = len(self._local)
+        self._local.clear()
+        self._local_ts.clear()
+        return n
+
+    def stats(self) -> dict:
+        info = {"backend": "redis" if self._client else "local_fallback",
+                "local_entries": len(self._local)}
+        if self._client:
+            try:
+                i = self._client.info("memory")
+                info["redis_used_memory"] = i.get("used_memory_human", "unknown")
+                info["redis_keys"] = self._client.dbsize()
+            except Exception:
+                pass
+        return info
+
+    # ── Internal ──────────────────────────────────────────────────────────────
+
+    def _rkey(self, key: str) -> str:
+        h = hashlib.sha256(key.encode()).hexdigest()[:32]
+        return f"{self.prefix}{h}"

{agentmesh_proxy-0.2.1 → agentmesh_proxy-0.3.0}/agentmesh/cache/semantic.py

@@ -75,13 +75,13 @@ class SemanticCache:
     ``embedder`` callable to use OpenAI / Cohere / local embeddings.
 
     Args:
-        similarity_threshold: Cosine similarity above which a hit is declared (0.85–0.95 typical)
+        similarity_threshold: Cosine similarity above which a hit is declared (0.70 for sentence-transformers MiniLM; raise for the char-bigram fallback)
         ttl_seconds: Cache entries expire after this duration
         max_entries: Maximum number of entries to retain (LRU eviction)
         embedder: Optional callable (text) -> List[float] for production embeddings
 
     Example:
-        cache = SemanticCache(similarity_threshold=0.90)
+        cache = SemanticCache(similarity_threshold=0.70)
         cached = cache.get("What is the capital of France?")
         if cached:
             return cached  # free!
@@ -91,7 +91,7 @@ class SemanticCache:
 
     def __init__(
         self,
-        similarity_threshold: float = 0.88,
+        similarity_threshold: float = 0.70,
         ttl_seconds: int = 3600,
         max_entries: int = 10_000,
         embedder: Optional[Callable[[str], List[float]]] = None,