PyPI - agentx-security-sdk - Versions diffs - 0.1.0__tar.gz - Mend

agentx-security-sdk 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

agentx_security_sdk-0.1.0/PKG-INFO ADDED Viewed

@@ -0,0 +1,98 @@
+Metadata-Version: 2.4
+Name: agentx-security-sdk
+Version: 0.1.0
+Summary: The self-healing exception handler for autonomous AI agents.
+Home-page: https://github.com/vdalal/semantic-gateway
+Author: AgentX Team
+Author-email: founders@agentx.com
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+Requires-Dist: requests>=2.25.0
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+# Semantic Gateway 🛡️
+Semantic Gateway is a production-grade security layer and semantic firewall designed specifically for autonomous AI agents. It intercepts, evaluates, and conditionally blocks agent-driven actions based on intent, policy violation, and neuro-symbolic evaluation, enabling a safe "human-in-the-loop" environment for AI-driven enterprise systems.
+## 🚀 The Architecture (Split-Plane)
+Semantic Gateway relies on a decoupled, hybrid-cloud architecture to ensure maximum performance and security.
+* **The Control Plane (Dashboard):** A Next.js application (deployed via Vercel) that allows human reviewers to monitor intercepted agent traffic, review chains of thought, and approve or deny parked requests.
+* **The Data Plane (Semantic Firewall):** A Python FastAPI middleware (the "Wedge") that intercepts raw HTTP/SQL payloads *before* they hit the database.
+* **The Shared Brain:** Supabase acts as the central state manager. Both the Control Plane and Data Plane synchronize via Supabase, decoupling the network architecture and allowing asynchronous state polling.
+* **The Evaluator:** Google's Gemini 2.5 Flash is used to translate an agent's Chain of Thought (CoT) into a zero-knowledge taxonomy to evaluate intent against YAML-defined enterprise policies.
+## ✨ Key Features
+* **Fast Pass Heuristic Traps:** Instantly intercepts structurally dangerous queries (e.g., `DROP TABLE`, `DELETE`) with minimal latency.
+* **Asynchronous Polling Loop:** Employs a robust `428 Precondition Required` negotiation. Blocked agents are "parked," receiving a receipt ID, and asynchronously poll the gateway until a human resolves the incident.
+* **Zero-Knowledge Intent Extraction:** Prevents malicious prompt injection by translating raw agent logic into a strict schema before policy evaluation.
+* **Dynamic YAML Policies:** Easily define what specific frontend/backend intents should be blocked or isolated from destructive database writes.
+## 🛠️ Getting Started
+### Prerequisites
+* Python 3.10+
+* Node.js 18+
+* [Supabase](https://supabase.com) Account
+* [Google AI Studio](https://aistudio.google.com/) API Key (Gemini)
+### 1. Environment Variables
+Create a `.env` file in the root directory. **Ensure this file is in your `.gitignore` to protect your IP and keys.**
+```env
+SUPABASE_URL=your_supabase_url
+SUPABASE_KEY=your_supabase_service_role_key
+GEMINI_API_KEY=your_gemini_api_key
+2. Run the Semantic Firewall (Local)
+Start the FastAPI server via Uvicorn. This acts as the Wedge intercepting traffic.
+cd backend
+pip install fastapi uvicorn requests pyyaml supabase pydantic google-genai python-dotenv
+uvicorn main:app --reload
+3. Run the Control Plane Dashboard (Vercel/Local)
+Start your Next.js application to view the intercepted incidents.
+cd ui
+npm install
+npm run dev
+4. Run the Agent Simulation
+Simulate a rogue agent attempting a destructive action (DROP TABLE). Watch the firewall intercept it and route it to your dashboard.
+python backend/main.py
+🔒 Security Posture
+Secret Management: API keys are never checked into version control. Production variables are managed securely via the Vercel Dashboard.
+History Scrubbing: This repository has been scrubbed of legacy keys using git-filter-repo.
+Private IP: Repository is private to protect proprietary evaluation prompts and architecture.
+📈 Roadmap
+Trust Boundary Shift: Move the neuro-symbolic evaluation entirely behind the Data Plane to prevent agent manipulation.
+Dynamic Policy Engine: Shift YAML configurations directly into Supabase for instant Control Plane sync.
+Dockerization: Containerize the Data Plane for deployment to AWS ECS / Render for persistent, low-latency edge interception.
+Multi-Tenancy: Implement Supabase Row Level Security (RLS) for multi-org deployments.

agentx_security_sdk-0.1.0/README.txt ADDED Viewed

@@ -0,0 +1,29 @@
+/zero-knowledge-gateway  (The Root Folder)
+│
+├── /backend             (Our Python Data Plane)
+│   ├── main.py          (The FastAPI middleware & Supabase logic)
+│   ├── semantic-firewall.yaml
+│   └── requirements.txt
+│
+├── /dashboard           (Our Next.js Control Plane)
+│   ├── /app             (React pages & Tarpit UI)
+│   ├── /components      (shadcn/ui buttons and tables)
+│   ├── tailwind.config.js
+│   └── package.json
+│
+├── .env                 (Shared environment variables!)
+└── README.md
+QUICK RECAP
+The Wedge (Data Plane): A fast, dumb Python interceptor that catches bad SQL without slowing down normal traffic.
+The Intelligence Layer: An out-of-band Gemini integration that forces autonomous agents to explain themselves and standardizes their stochastic text into rigid JSON.
+The Anchor: A deterministic YAML policy engine that makes the final safety decision without relying on AI.
+The State Manager: A Supabase database that parks the request.
+The Control Plane: A Next.js web dashboard where a human can review the interrogation and pull the plug.
+This is a complete MVP. Solved the "rogue agent" problem in a way that actually scales.

agentx_security_sdk-0.1.0/agentx_sdk/__init__.py ADDED Viewed

@@ -0,0 +1,4 @@
+from .decorators import agentx_protect
+from .client import AgentXClient
+__all__ = ["agentx_protect", "AgentXClient"]

agentx_security_sdk-0.1.0/agentx_sdk/client.py ADDED Viewed

@@ -0,0 +1,24 @@
+import os
+import requests
+class AgentXClient:
+    def __init__(self, api_key: str = None, gateway_url: str = "http://localhost:8000"):
+        # In the future, api_key authenticates them to our cloud.
+        # For now, it connects to their local Sidecar Gateway.
+        self.api_key = api_key or os.environ.get("AGENTX_API_KEY")
+        self.gateway_url = gateway_url
+    def evaluate_intent(self, agent_id: str, query: str, chain_of_thought: str, receipt_id: str = None):
+        payload = {
+            "agent_id": agent_id,
+            "original_query": query,
+            "chain_of_thought": chain_of_thought,
+            "receipt_id": receipt_id
+        }
+        try:
+            response = requests.post(f"{self.gateway_url}/v1/evaluate_intent", json=payload)
+            response.raise_for_status()
+            return response.json()
+        except requests.exceptions.RequestException as e:
+            # If our gateway is down, we Fail Closed to protect the system.
+            return {"status": "ERROR", "message": f"AgentX Gateway unreachable: {str(e)}"}

agentx_security_sdk-0.1.0/agentx_sdk/decorators.py ADDED Viewed

@@ -0,0 +1,96 @@
+import functools
+import json
+import atexit
+import time
+from .client import AgentXClient
+_client = AgentXClient()
+# --- 1. THE ROI TRACKER ---
+_session_stats = {
+    "start_time": time.time(),
+    "total_calls": 0,
+    "intercepts": 0,
+    "critical_blocks": 0
+}
+def _print_roi_summary():
+    """Fires automatically when the developer's script ends or crashes."""
+    duration = round(time.time() - _session_stats["start_time"], 2)
+    # Heuristic: Every intercept prevents the agent from burning ~1,500 tokens
+    # going down a rabbit hole, plus saves the developer ~5 mins of debugging.
+    tokens_saved = _session_stats["intercepts"] * 1500
+    dollars_saved = (tokens_saved / 1000) * 0.015  # Approx GPT-4o cost
+    print("\n" + "═"*50)
+    print(" 🛡️  AgentX Session Summary")
+    print("═"*50)
+    print(f" ⏱️  Uptime:                {duration} seconds")
+    print(f" 🛠️  Tools Monitored:       {_session_stats['total_calls']}")
+    print(f" 🛑 Socratic Intercepts:   {_session_stats['intercepts']}")
+    print(f" 💥 Catastrophic Blocks:   {_session_stats['critical_blocks']}")
+    print("─"*50)
+    print(f" 💰 Est. Tokens Saved:     ~{tokens_saved} (${dollars_saved:.4f})")
+    print(f" ⏳ Developer Time Saved:  ~{_session_stats['intercepts'] * 5} minutes")
+    print("═"*50 + "\n")
+# Register the hook to run on exit
+atexit.register(_print_roi_summary)
+# --------------------------
+def agentx_protect(agent_id: str, extract_query_func=None, extract_cot_func=None):
+    def decorator(func):
+        @functools.wraps(func)
+        def wrapper(*args, **kwargs):
+            # Track the call
+            _session_stats["total_calls"] += 1
+            query = extract_query_func(*args, **kwargs) if extract_query_func else str(args)
+            chain_of_thought = extract_cot_func(*args, **kwargs) if extract_cot_func else "Implicit tool call"
+            receipt_id = kwargs.get("receipt_id", None)
+            print(f"\n🛡️ [AgentX SDK] Intercepting tool call to '{func.__name__}'...")
+            eval_res = _client.evaluate_intent(
+                agent_id=agent_id,
+                query=query,
+                chain_of_thought=chain_of_thought,
+                receipt_id=receipt_id
+            )
+            status = eval_res.get("status")
+            if status in ["APPROVED", "COMPLIED"]:
+                print(f"✅ [AgentX SDK] Intent safe. Executing '{func.__name__}'.")
+                return func(*args, **kwargs)
+            elif status == "CHALLENGED":
+                # Track the intercept
+                _session_stats["intercepts"] += 1
+                challenge = eval_res.get('socratic_prompt', '')
+                policy_triggered = eval_res.get('policy_triggered', 'Unknown Policy')
+                # --- THE NEW DETERMINISTIC CHECK ---
+                # We specifically track our highest-severity policy for the ROI dashboard
+                # Your engine is returning "Database Isolation", so we check for that!
+                if policy_triggered in ["Mass Destructive Intent", "Database Isolation"]:
+                    _session_stats["critical_blocks"] += 1
+                # -----------------------------------
+                new_receipt = eval_res.get('receipt_id')
+                print(f"🛑 [AgentX SDK] Policy '{policy_triggered}' violated. Returning challenge to Agent.")
+                return json.dumps({
+                    "error": "AgentX Policy Violation",
+                    "challenge": challenge,
+                    "receipt_id": new_receipt,
+                    "instruction": "Revise your action to comply with the challenge and try again. Pass the receipt_id."
+                })
+            else:
+                return f"AgentX System Error: {eval_res.get('message')}"
+        return wrapper
+    return decorator

agentx_security_sdk-0.1.0/agentx_security_sdk.egg-info/PKG-INFO ADDED Viewed

@@ -0,0 +1,98 @@
+Metadata-Version: 2.4
+Name: agentx-security-sdk
+Version: 0.1.0
+Summary: The self-healing exception handler for autonomous AI agents.
+Home-page: https://github.com/vdalal/semantic-gateway
+Author: AgentX Team
+Author-email: founders@agentx.com
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+Requires-Dist: requests>=2.25.0
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+# Semantic Gateway 🛡️
+Semantic Gateway is a production-grade security layer and semantic firewall designed specifically for autonomous AI agents. It intercepts, evaluates, and conditionally blocks agent-driven actions based on intent, policy violation, and neuro-symbolic evaluation, enabling a safe "human-in-the-loop" environment for AI-driven enterprise systems.
+## 🚀 The Architecture (Split-Plane)
+Semantic Gateway relies on a decoupled, hybrid-cloud architecture to ensure maximum performance and security.
+* **The Control Plane (Dashboard):** A Next.js application (deployed via Vercel) that allows human reviewers to monitor intercepted agent traffic, review chains of thought, and approve or deny parked requests.
+* **The Data Plane (Semantic Firewall):** A Python FastAPI middleware (the "Wedge") that intercepts raw HTTP/SQL payloads *before* they hit the database.
+* **The Shared Brain:** Supabase acts as the central state manager. Both the Control Plane and Data Plane synchronize via Supabase, decoupling the network architecture and allowing asynchronous state polling.
+* **The Evaluator:** Google's Gemini 2.5 Flash is used to translate an agent's Chain of Thought (CoT) into a zero-knowledge taxonomy to evaluate intent against YAML-defined enterprise policies.
+## ✨ Key Features
+* **Fast Pass Heuristic Traps:** Instantly intercepts structurally dangerous queries (e.g., `DROP TABLE`, `DELETE`) with minimal latency.
+* **Asynchronous Polling Loop:** Employs a robust `428 Precondition Required` negotiation. Blocked agents are "parked," receiving a receipt ID, and asynchronously poll the gateway until a human resolves the incident.
+* **Zero-Knowledge Intent Extraction:** Prevents malicious prompt injection by translating raw agent logic into a strict schema before policy evaluation.
+* **Dynamic YAML Policies:** Easily define what specific frontend/backend intents should be blocked or isolated from destructive database writes.
+## 🛠️ Getting Started
+### Prerequisites
+* Python 3.10+
+* Node.js 18+
+* [Supabase](https://supabase.com) Account
+* [Google AI Studio](https://aistudio.google.com/) API Key (Gemini)
+### 1. Environment Variables
+Create a `.env` file in the root directory. **Ensure this file is in your `.gitignore` to protect your IP and keys.**
+```env
+SUPABASE_URL=your_supabase_url
+SUPABASE_KEY=your_supabase_service_role_key
+GEMINI_API_KEY=your_gemini_api_key
+2. Run the Semantic Firewall (Local)
+Start the FastAPI server via Uvicorn. This acts as the Wedge intercepting traffic.
+cd backend
+pip install fastapi uvicorn requests pyyaml supabase pydantic google-genai python-dotenv
+uvicorn main:app --reload
+3. Run the Control Plane Dashboard (Vercel/Local)
+Start your Next.js application to view the intercepted incidents.
+cd ui
+npm install
+npm run dev
+4. Run the Agent Simulation
+Simulate a rogue agent attempting a destructive action (DROP TABLE). Watch the firewall intercept it and route it to your dashboard.
+python backend/main.py
+🔒 Security Posture
+Secret Management: API keys are never checked into version control. Production variables are managed securely via the Vercel Dashboard.
+History Scrubbing: This repository has been scrubbed of legacy keys using git-filter-repo.
+Private IP: Repository is private to protect proprietary evaluation prompts and architecture.
+📈 Roadmap
+Trust Boundary Shift: Move the neuro-symbolic evaluation entirely behind the Data Plane to prevent agent manipulation.
+Dynamic Policy Engine: Shift YAML configurations directly into Supabase for instant Control Plane sync.
+Dockerization: Containerize the Data Plane for deployment to AWS ECS / Render for persistent, low-latency edge interception.
+Multi-Tenancy: Implement Supabase Row Level Security (RLS) for multi-org deployments.

agentx_security_sdk-0.1.0/agentx_security_sdk.egg-info/SOURCES.txt ADDED Viewed

@@ -0,0 +1,10 @@
+README.txt
+setup.py
+agentx_sdk/__init__.py
+agentx_sdk/client.py
+agentx_sdk/decorators.py
+agentx_security_sdk.egg-info/PKG-INFO
+agentx_security_sdk.egg-info/SOURCES.txt
+agentx_security_sdk.egg-info/dependency_links.txt
+agentx_security_sdk.egg-info/requires.txt
+agentx_security_sdk.egg-info/top_level.txt

agentx_security_sdk-0.1.0/agentx_security_sdk.egg-info/dependency_links.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+

agentx_security_sdk-0.1.0/agentx_security_sdk.egg-info/requires.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ requests>=2.25.0

agentx_security_sdk-0.1.0/agentx_security_sdk.egg-info/top_level.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ agentx_sdk

agentx_security_sdk-0.1.0/setup.cfg ADDED Viewed

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build =
+tag_date = 0

agentx_security_sdk-0.1.0/setup.py ADDED Viewed

@@ -0,0 +1,31 @@
+import os
+from setuptools import setup, find_packages
+# Safely read README.md if it exists, otherwise use a default string
+long_description = "The self-healing exception handler for autonomous AI agents."
+if os.path.exists("README.md"):
+    with open("README.md", "r", encoding="utf-8") as fh:
+        long_description = fh.read()
+setup(
+    name="agentx-security-sdk",
+    version="0.1.0",
+    author="AgentX Team",
+    author_email="founders@agentx.com",
+    description="The self-healing exception handler for autonomous AI agents.",
+    long_description=long_description,
+    long_description_content_type="text/markdown",
+    url="https://github.com/vdalal/semantic-gateway",
+    packages=find_packages(include=["agentx_sdk", "agentx_sdk.*"]),
+    install_requires=[
+        "requests>=2.25.0",
+    ],
+    classifiers=[
+        "Development Status :: 3 - Alpha",
+        "Intended Audience :: Developers",
+        "Programming Language :: Python :: 3",
+        "License :: OSI Approved :: MIT License",
+        "Operating System :: OS Independent",
+    ],
+    python_requires=">=3.8",
+)