codeastra 1.0.0__tar.gz

codeastra-1.0.0/PKG-INFO

@@ -0,0 +1,30 @@
+Metadata-Version: 2.4
+Name: codeastra
+Version: 1.0.0
+Summary: Blind Agent SDK — drop-in middleware for LangChain, CrewAI, AutoGPT. Two lines makes any agent blind to real data.
+License: MIT
+Project-URL: Homepage, https://codeastra.dev
+Project-URL: Documentation, https://docs.codeastra.dev
+Project-URL: Repository, https://github.com/codeastra/codeastra-python
+Keywords: ai,agents,langchain,crewai,privacy,hipaa,security,tokenization
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+Requires-Dist: httpx>=0.27.0
+Provides-Extra: langchain
+Requires-Dist: langchain>=0.2.0; extra == "langchain"
+Requires-Dist: langchain-core>=0.2.0; extra == "langchain"
+Provides-Extra: crewai
+Requires-Dist: crewai>=0.30.0; extra == "crewai"
+Provides-Extra: all
+Requires-Dist: langchain>=0.2.0; extra == "all"
+Requires-Dist: langchain-core>=0.2.0; extra == "all"
+Requires-Dist: crewai>=0.30.0; extra == "all"

codeastra-1.0.0/codeastra/__init__.py

@@ -0,0 +1,12 @@
+from .middleware import BlindAgentMiddleware
+from .client import CodeAstraClient
+from .wrappers import blind_tool, BlindCrewAIAgent, BlindAutoGPTAgent
+
+__version__ = "1.0.0"
+__all__ = [
+    "BlindAgentMiddleware",
+    "CodeAstraClient",
+    "blind_tool",
+    "BlindCrewAIAgent",
+    "BlindAutoGPTAgent",
+]

codeastra-1.0.0/codeastra/client.py

@@ -0,0 +1,239 @@
+"""
+CodeAstraClient — low-level async/sync HTTP client for the Codeastra API.
+All SDK components use this. Customers can also use it directly.
+"""
+from __future__ import annotations
+
+import re
+import json
+import asyncio
+import threading
+from typing import Any, Optional
+
+import httpx
+
+TOKEN_RE = re.compile(r'\[CVT:[A-Z]+:[A-F0-9]+\]')
+
+_DEFAULT_BASE = "https://app.codeastra.dev"
+
+
+class CodeAstraClient:
+    """
+    Thin wrapper around the Codeastra REST API.
+
+    Usage:
+        client = CodeAstraClient(api_key="sk-guard-xxx")
+        tokens = client.tokenize({"name": "John Smith", "ssn": "123-45-6789"})
+        # → {"name": "[CVT:NAME:A1B2]", "ssn": "[CVT:SSN:C3D4]"}
+    """
+
+    def __init__(
+        self,
+        api_key:   str,
+        base_url:  str = _DEFAULT_BASE,
+        agent_id:  str = "sdk-agent",
+        timeout:   float = 10.0,
+        executor_url: str = None,   # optional: bring your own executor
+    ):
+        self.api_key  = api_key
+        self.base_url = base_url.rstrip("/")
+        self.agent_id = agent_id
+        self._headers = {
+            "X-API-Key":    api_key,
+            "Content-Type": "application/json",
+        }
+        self._timeout = timeout
+        self._executor_url = executor_url
+        # Sync client (lazy)
+        self._sync_client: Optional[httpx.Client] = None
+        # Async client (lazy)
+        self._async_client: Optional[httpx.AsyncClient] = None
+        # Auto-register executor if provided
+        if executor_url:
+            try:
+                self._post("/agent/executor", {
+                    "execution_url": executor_url,
+                    "action_type": "*",
+                    "agent_id": agent_id,
+                    "description": f"Auto-registered by SDK agent {agent_id}",
+                })
+            except Exception:
+                pass  # non-fatal — zero-config mode still works
+
+    # ── sync helpers ──────────────────────────────────────────────────────────
+
+    def _get_sync(self) -> httpx.Client:
+        if self._sync_client is None or self._sync_client.is_closed:
+            self._sync_client = httpx.Client(
+                headers=self._headers, timeout=self._timeout)
+        return self._sync_client
+
+    def _post(self, path: str, body: dict) -> dict:
+        r = self._get_sync().post(f"{self.base_url}{path}", json=body)
+        r.raise_for_status()
+        return r.json()
+
+    def _get(self, path: str, params: dict = None) -> dict:
+        r = self._get_sync().get(f"{self.base_url}{path}", params=params or {})
+        r.raise_for_status()
+        return r.json()
+
+    # ── async helpers ─────────────────────────────────────────────────────────
+
+    def _get_async(self) -> httpx.AsyncClient:
+        if self._async_client is None or self._async_client.is_closed:
+            self._async_client = httpx.AsyncClient(
+                headers=self._headers, timeout=self._timeout)
+        return self._async_client
+
+    async def _apost(self, path: str, body: dict) -> dict:
+        r = await self._get_async().post(f"{self.base_url}{path}", json=body)
+        r.raise_for_status()
+        return r.json()
+
+    async def _aget(self, path: str, params: dict = None) -> dict:
+        r = await self._get_async().get(
+            f"{self.base_url}{path}", params=params or {})
+        r.raise_for_status()
+        return r.json()
+
+    # ── public sync API ───────────────────────────────────────────────────────
+
+    def tokenize(
+        self,
+        data:           dict,
+        classification: str = "pii",
+        ttl_hours:      int = 24,
+    ) -> dict:
+        """
+        Store real data in vault. Returns token map.
+        {"name": "John"} → {"name": "[CVT:NAME:A1B2]"}
+        """
+        resp = self._post("/vault/store", {
+            "data":           data,
+            "agent_id":       self.agent_id,
+            "classification": classification,
+            "ttl_hours":      ttl_hours,
+        })
+        return resp.get("tokens", {})
+
+    def execute(
+        self,
+        action_type: str,
+        params:      dict,
+        pipeline_id: str = None,
+    ) -> dict:
+        """
+        Submit an action with token params.
+        Codeastra resolves tokens → real values → POSTs to your executor.
+        Agent never sees real values.
+        """
+        body = {
+            "agent_id":    self.agent_id,
+            "action_type": action_type,
+            "params":      params,
+        }
+        if pipeline_id:
+            body["pipeline_id"] = pipeline_id
+            return self._post("/pipeline/action", body)
+        return self._post("/agent/action", body)
+
+    def grant(
+        self,
+        receiving_agent: str,
+        tokens:          list[str],
+        allowed_actions: list[str] = [],
+        pipeline_id:     str = None,
+        purpose:         str = None,
+    ) -> dict:
+        """Grant tokens to another agent in a pipeline."""
+        return self._post("/vault/grant", {
+            "granting_agent":  self.agent_id,
+            "receiving_agent": receiving_agent,
+            "tokens":          tokens,
+            "allowed_actions": allowed_actions,
+            "pipeline_id":     pipeline_id,
+            "purpose":         purpose,
+        })
+
+    def audit(self, pipeline_id: str = None, token: str = None) -> list:
+        """Get chain of custody for a pipeline or token."""
+        params = {}
+        if pipeline_id: params["pipeline_id"] = pipeline_id
+        if token:       params["token"]       = token
+        return self._get("/pipeline/audit", params).get("audit", [])
+
+    # ── public async API ──────────────────────────────────────────────────────
+
+    async def atokenize(
+        self,
+        data:           dict,
+        classification: str = "pii",
+        ttl_hours:      int = 24,
+    ) -> dict:
+        resp = await self._apost("/vault/store", {
+            "data":           data,
+            "agent_id":       self.agent_id,
+            "classification": classification,
+            "ttl_hours":      ttl_hours,
+        })
+        return resp.get("tokens", {})
+
+    async def aexecute(
+        self,
+        action_type: str,
+        params:      dict,
+        pipeline_id: str = None,
+    ) -> dict:
+        body = {
+            "agent_id":    self.agent_id,
+            "action_type": action_type,
+            "params":      params,
+        }
+        if pipeline_id:
+            body["pipeline_id"] = pipeline_id
+            return await self._apost("/pipeline/action", body)
+        return await self._apost("/agent/action", body)
+
+    async def agrant(
+        self,
+        receiving_agent: str,
+        tokens:          list[str],
+        allowed_actions: list[str] = [],
+        pipeline_id:     str = None,
+    ) -> dict:
+        return await self._apost("/vault/grant", {
+            "granting_agent":  self.agent_id,
+            "receiving_agent": receiving_agent,
+            "tokens":          tokens,
+            "allowed_actions": allowed_actions,
+            "pipeline_id":     pipeline_id,
+        })
+
+    # ── utility ───────────────────────────────────────────────────────────────
+
+    @staticmethod
+    def extract_tokens(obj: Any) -> list[str]:
+        """Extract all vault tokens from any string/dict/list."""
+        text = json.dumps(obj) if not isinstance(obj, str) else obj
+        return TOKEN_RE.findall(text)
+
+    @staticmethod
+    def contains_token(val: Any) -> bool:
+        text = json.dumps(val) if not isinstance(val, str) else str(val)
+        return bool(TOKEN_RE.search(text))
+
+    @staticmethod
+    def is_token(val: str) -> bool:
+        return bool(TOKEN_RE.fullmatch(val.strip()))
+
+    def close(self):
+        if self._sync_client:  self._sync_client.close()
+
+    async def aclose(self):
+        if self._async_client: await self._async_client.aclose()
+
+    def __enter__(self):  return self
+    def __exit__(self, *_): self.close()
+    async def __aenter__(self): return self
+    async def __aexit__(self, *_): await self.aclose()

codeastra-1.0.0/codeastra/middleware.py

@@ -0,0 +1,412 @@
+"""
+BlindAgentMiddleware — drop-in middleware for LangChain, CrewAI, AutoGPT.
+
+Two lines. Any agent becomes blind.
+
+    from codeastra import BlindAgentMiddleware
+    agent = BlindAgentMiddleware(your_langchain_agent, api_key="sk-guard-xxx")
+
+How it works:
+  1. Intercepts every tool call before the agent sees the result
+  2. Scans the result for PII/PHI/PCI fields
+  3. Tokenizes detected fields → stores real values in Codeastra vault
+  4. Returns tokens to the agent — agent reasons on tokens, never real data
+  5. When agent submits a final action, intercepts it, resolves tokens → executes
+
+Supports: LangChain AgentExecutor, CrewAI Agent, AutoGPT-style run() agents,
+          any object with .run() / .invoke() / .chat() / .step()
+"""
+from __future__ import annotations
+
+import re
+import json
+import inspect
+import functools
+from typing import Any, Callable, Optional
+
+from .client import CodeAstraClient, TOKEN_RE
+
+# Fields that trigger automatic tokenization when found in tool output
+_PII_FIELDS = {
+    "name", "first_name", "last_name", "full_name",
+    "email", "email_address",
+    "phone", "phone_number", "mobile",
+    "ssn", "social_security", "social_security_number",
+    "dob", "date_of_birth", "birthday",
+    "address", "street", "zip", "postal_code",
+    "credit_card", "card_number", "cvv", "expiry",
+    "mrn", "patient_id", "npi",
+    "account_number", "routing_number", "iban",
+    "passport", "license", "drivers_license",
+    "ip", "ip_address", "mac_address",
+    "username", "user_id", "employee_id",
+}
+
+_PHI_FIELDS = {
+    "diagnosis", "icd_code", "medication", "prescription",
+    "allergy", "lab_result", "test_result", "condition",
+    "treatment", "procedure", "insurance_id", "member_id",
+}
+
+_PCI_FIELDS = {
+    "card_number", "credit_card", "cvv", "expiry",
+    "account_number", "routing_number",
+}
+
+
+def _classify(fields: set) -> str:
+    if fields & _PCI_FIELDS: return "pci"
+    if fields & _PHI_FIELDS: return "phi"
+    return "pii"
+
+
+def _extract_sensitive(obj: Any) -> dict:
+    """
+    Walk a dict/str/list and extract fields that look sensitive.
+    Returns flat dict of {field: value} pairs to tokenize.
+    """
+    found = {}
+
+    def _walk(o, prefix=""):
+        if isinstance(o, dict):
+            for k, v in o.items():
+                key = k.lower().replace(" ", "_").replace("-", "_")
+                if key in (_PII_FIELDS | _PHI_FIELDS | _PCI_FIELDS):
+                    if isinstance(v, str) and v and not TOKEN_RE.fullmatch(v.strip()):
+                        found[k] = v
+                else:
+                    _walk(v, prefix=k)
+        elif isinstance(o, list):
+            for item in o:
+                _walk(item, prefix)
+
+    if isinstance(obj, dict):
+        _walk(obj)
+    elif isinstance(obj, str):
+        # Try JSON parse
+        try:
+            _walk(json.loads(obj))
+        except Exception:
+            pass
+    return found
+
+
+def _tokenize_in_place(obj: Any, token_map: dict) -> Any:
+    """
+    Replace real values with tokens throughout a nested object.
+    token_map: {real_value: token}
+    """
+    if isinstance(obj, str):
+        for real, token in token_map.items():
+            obj = obj.replace(str(real), token)
+        return obj
+    elif isinstance(obj, dict):
+        return {k: _tokenize_in_place(v, token_map) for k, v in obj.items()}
+    elif isinstance(obj, list):
+        return [_tokenize_in_place(i, token_map) for i in obj]
+    return obj
+
+
+class BlindAgentMiddleware:
+    """
+    Drop-in middleware that makes any agent framework blind to real data.
+
+    Works with:
+      - LangChain:  AgentExecutor, RunnableAgent, Chain
+      - CrewAI:     Agent, Crew
+      - AutoGPT:    any object with .run() / .step()
+      - Generic:    anything with .run() / .invoke() / .chat()
+
+    Usage:
+        # LangChain
+        from codeastra import BlindAgentMiddleware
+        agent = BlindAgentMiddleware(langchain_executor, api_key="sk-guard-xxx")
+        result = agent.invoke({"input": "Schedule appointment for patient"})
+
+        # CrewAI
+        crew   = BlindAgentMiddleware(my_crew, api_key="sk-guard-xxx")
+        result = crew.run()
+
+        # With pipeline (multi-agent)
+        agent_a = BlindAgentMiddleware(intake_agent,      api_key="sk-guard-xxx", agent_id="intake")
+        agent_b = BlindAgentMiddleware(scheduling_agent,  api_key="sk-guard-xxx", agent_id="scheduling")
+
+    Args:
+        agent:          The underlying agent object to wrap
+        api_key:        Your Codeastra API key (sk-guard-xxx)
+        agent_id:       Unique ID for this agent in the pipeline (default: "sdk-agent")
+        base_url:       Codeastra API base URL (default: https://app.codeastra.dev)
+        classification: Default data classification: "pii", "phi", or "pci"
+        pipeline_id:    Optional pipeline ID for multi-agent tracking
+        on_tokenize:    Optional callback(field, token) called when data is tokenized
+        verbose:        Print tokenization events to stdout (default: False)
+    """
+
+    def __init__(
+        self,
+        agent:          Any,
+        api_key:        str,
+        agent_id:       str = "sdk-agent",
+        base_url:       str = "https://app.codeastra.dev",
+        classification: str = "pii",
+        pipeline_id:    Optional[str] = None,
+        on_tokenize:    Optional[Callable] = None,
+        verbose:        bool = False,
+    ):
+        self._agent          = agent
+        self._client         = CodeAstraClient(api_key, base_url, agent_id)
+        self._classification = classification
+        self._pipeline_id    = pipeline_id
+        self._on_tokenize    = on_tokenize
+        self._verbose        = verbose
+
+        # Track tokens minted this session: {field_key: token}
+        self._session_tokens: dict = {}
+        # Reverse map: {real_value: token}
+        self._value_to_token: dict = {}
+
+        # Patch agent's tool call mechanism
+        self._patch_tools()
+
+    # ── tool patching ─────────────────────────────────────────────────────────
+
+    def _patch_tools(self):
+        """
+        Intercept tool calls on the underlying agent.
+        Supports LangChain tools, CrewAI tools, generic callables.
+        """
+        agent = self._agent
+
+        # LangChain: AgentExecutor has .tools list
+        if hasattr(agent, "tools") and isinstance(agent.tools, list):
+            for i, tool in enumerate(agent.tools):
+                agent.tools[i] = self._wrap_tool(tool)
+            if self._verbose:
+                print(f"[CodeAstra] Patched {len(agent.tools)} LangChain tools")
+
+        # LangChain: RunnableAgent / chain with .steps
+        if hasattr(agent, "steps"):
+            for step in agent.steps:
+                if hasattr(step, "tool"):
+                    step.tool = self._wrap_tool(step.tool)
+
+        # CrewAI: Agent has .tools
+        if hasattr(agent, "agent") and hasattr(agent.agent, "tools"):
+            tools = agent.agent.tools
+            for i, tool in enumerate(tools):
+                tools[i] = self._wrap_tool(tool)
+
+    def _wrap_tool(self, tool: Any) -> Any:
+        """
+        Wrap a single tool so its output is tokenized before the agent sees it.
+        Works with LangChain BaseTool, CrewAI tools, and plain callables.
+        """
+        # LangChain BaseTool — has ._run and .run
+        if hasattr(tool, "_run"):
+            original_run  = tool._run
+            original_arun = getattr(tool, "_arun", None)
+
+            @functools.wraps(original_run)
+            def patched_run(*args, **kwargs):
+                result = original_run(*args, **kwargs)
+                return self._blind_output(result)
+
+            tool._run = patched_run
+
+            if original_arun:
+                @functools.wraps(original_arun)
+                async def patched_arun(*args, **kwargs):
+                    result = await original_arun(*args, **kwargs)
+                    return self._blind_output(result)
+                tool._arun = patched_arun
+
+            return tool
+
+        # Plain callable
+        if callable(tool):
+            @functools.wraps(tool)
+            def wrapped(*args, **kwargs):
+                result = tool(*args, **kwargs)
+                return self._blind_output(result)
+            return wrapped
+
+        return tool
+
+    # ── core blindness logic ──────────────────────────────────────────────────
+
+    def _blind_output(self, output: Any) -> Any:
+        """
+        Given any tool output, tokenize all sensitive fields.
+        Returns the same structure with real values replaced by tokens.
+        """
+        sensitive = _extract_sensitive(output)
+        if not sensitive:
+            return output
+
+        classification = _classify(set(k.lower() for k in sensitive))
+        try:
+            tokens = self._client.tokenize(sensitive, classification=classification)
+        except Exception as e:
+            if self._verbose:
+                print(f"[CodeAstra] Warning: tokenization failed: {e}")
+            return output
+
+        # Build reverse map for replacement
+        for field, token in tokens.items():
+            real_val = sensitive.get(field)
+            if real_val:
+                self._value_to_token[str(real_val)] = token
+            self._session_tokens[field] = token
+
+        if self._on_tokenize:
+            for field, token in tokens.items():
+                try: self._on_tokenize(field, token)
+                except Exception: pass
+
+        if self._verbose:
+            print(f"[CodeAstra] Tokenized {len(tokens)} field(s): {list(tokens.keys())}")
+
+        return _tokenize_in_place(output, self._value_to_token)
+
+    async def _ablind_output(self, output: Any) -> Any:
+        """Async version of _blind_output."""
+        sensitive = _extract_sensitive(output)
+        if not sensitive:
+            return output
+
+        classification = _classify(set(k.lower() for k in sensitive))
+        try:
+            tokens = await self._client.atokenize(sensitive, classification=classification)
+        except Exception as e:
+            if self._verbose:
+                print(f"[CodeAstra] Warning: async tokenization failed: {e}")
+            return output
+
+        for field, token in tokens.items():
+            real_val = sensitive.get(field)
+            if real_val:
+                self._value_to_token[str(real_val)] = token
+            self._session_tokens[field] = token
+
+        if self._verbose:
+            print(f"[CodeAstra] Tokenized {len(tokens)} field(s): {list(tokens.keys())}")
+
+        return _tokenize_in_place(output, self._value_to_token)
+
+    # ── pipeline: grant tokens to next agent ─────────────────────────────────
+
+    def grant_to(
+        self,
+        next_agent_id:   str,
+        allowed_actions: list[str] = [],
+        purpose:         str = None,
+    ) -> dict:
+        """
+        Grant all tokens minted this session to the next agent in the pipeline.
+
+        agent_a.run(input)
+        grant = agent_a.grant_to("scheduling-agent", ["schedule_appointment"])
+        # Now scheduling-agent can use agent_a's tokens
+        """
+        tokens = list(self._session_tokens.values())
+        if not tokens:
+            return {"granted": False, "error": "No tokens minted this session"}
+        return self._client.grant(
+            receiving_agent = next_agent_id,
+            tokens          = tokens,
+            allowed_actions = allowed_actions,
+            pipeline_id     = self._pipeline_id,
+            purpose         = purpose,
+        )
+
+    async def agrant_to(
+        self,
+        next_agent_id:   str,
+        allowed_actions: list[str] = [],
+    ) -> dict:
+        tokens = list(self._session_tokens.values())
+        if not tokens:
+            return {"granted": False, "error": "No tokens minted this session"}
+        return await self._client.agrant(
+            receiving_agent = next_agent_id,
+            tokens          = tokens,
+            allowed_actions = allowed_actions,
+            pipeline_id     = self._pipeline_id,
+        )
+
+    # ── execute action with tokens ────────────────────────────────────────────
+
+    def execute(self, action_type: str, params: dict) -> dict:
+        """Submit a final action. Tokens in params are resolved by Codeastra."""
+        return self._client.execute(action_type, params, self._pipeline_id)
+
+    async def aexecute(self, action_type: str, params: dict) -> dict:
+        return await self._client.aexecute(action_type, params, self._pipeline_id)
+
+    # ── proxy all agent methods ───────────────────────────────────────────────
+
+    def run(self, *args, **kwargs):
+        """Proxy .run() — used by CrewAI, AutoGPT, generic agents."""
+        result = self._agent.run(*args, **kwargs)
+        return self._blind_output(result)
+
+    def invoke(self, *args, **kwargs):
+        """Proxy .invoke() — used by LangChain LCEL chains."""
+        result = self._agent.invoke(*args, **kwargs)
+        if isinstance(result, dict) and "output" in result:
+            result["output"] = self._blind_output(result["output"])
+            return result
+        return self._blind_output(result)
+
+    def chat(self, *args, **kwargs):
+        """Proxy .chat() — used by various chat-style agents."""
+        result = self._agent.chat(*args, **kwargs)
+        return self._blind_output(result)
+
+    async def arun(self, *args, **kwargs):
+        result = await self._agent.arun(*args, **kwargs)
+        return await self._ablind_output(result)
+
+    async def ainvoke(self, *args, **kwargs):
+        result = await self._agent.ainvoke(*args, **kwargs)
+        if isinstance(result, dict) and "output" in result:
+            result["output"] = await self._ablind_output(result["output"])
+            return result
+        return await self._ablind_output(result)
+
+    # ── session info ──────────────────────────────────────────────────────────
+
+    @property
+    def tokens(self) -> dict:
+        """All tokens minted this session. {field: token}"""
+        return dict(self._session_tokens)
+
+    @property
+    def token_count(self) -> int:
+        return len(self._session_tokens)
+
+    def audit(self) -> list:
+        """Get chain of custody for this session's pipeline."""
+        return self._client.audit(pipeline_id=self._pipeline_id)
+
+    # ── pass-through attribute access to underlying agent ────────────────────
+
+    def __getattr__(self, name: str):
+        """Fall through to the underlying agent for any unpatched attribute."""
+        return getattr(self._agent, name)
+
+    def __repr__(self):
+        return (f"BlindAgentMiddleware(agent={type(self._agent).__name__}, "
+                f"agent_id={self._client.agent_id!r}, "
+                f"tokens_minted={self.token_count})")
+
+    def close(self):
+        self._client.close()
+
+    async def aclose(self):
+        await self._client.aclose()
+
+    def __enter__(self):  return self
+    def __exit__(self, *_): self.close()
+    async def __aenter__(self): return self
+    async def __aexit__(self, *_): await self.aclose()

codeastra-1.0.0/codeastra/wrappers.py

@@ -0,0 +1,154 @@
+"""
+Framework-specific wrappers and decorators.
+
+blind_tool      — decorator for individual LangChain/CrewAI tools
+BlindCrewAIAgent — CrewAI-specific wrapper with crew-level pipeline support
+BlindAutoGPTAgent — AutoGPT-style wrapper
+"""
+from __future__ import annotations
+
+import functools
+from typing import Any, Callable, Optional
+
+from .client import CodeAstraClient
+from .middleware import BlindAgentMiddleware, _extract_sensitive, _tokenize_in_place
+
+
+# ── @blind_tool decorator ─────────────────────────────────────────────────────
+
+def blind_tool(api_key: str, agent_id: str = "sdk-agent",
+               base_url: str = "https://app.codeastra.dev",
+               classification: str = "pii"):
+    """
+    Decorator that makes a single tool function blind.
+    Any sensitive data in the return value is tokenized before the agent sees it.
+
+    Usage:
+        client = CodeAstraClient(api_key="sk-guard-xxx")
+
+        @blind_tool(api_key="sk-guard-xxx")
+        def get_patient_record(patient_id: str) -> dict:
+            return db.get_patient(patient_id)
+            # Agent receives tokens, not real patient data
+
+        # As a LangChain tool:
+        from langchain.tools import tool
+
+        @tool
+        @blind_tool(api_key="sk-guard-xxx", classification="phi")
+        def lookup_patient(patient_id: str) -> str:
+            return fetch_from_ehr(patient_id)
+    """
+    _client = CodeAstraClient(api_key, base_url, agent_id)
+
+    def decorator(fn: Callable) -> Callable:
+        @functools.wraps(fn)
+        def sync_wrapper(*args, **kwargs):
+            result = fn(*args, **kwargs)
+            sensitive = _extract_sensitive(result)
+            if not sensitive:
+                return result
+            tokens     = _client.tokenize(sensitive, classification=classification)
+            val_to_tok = {str(sensitive[k]): v for k, v in tokens.items()}
+            return _tokenize_in_place(result, val_to_tok)
+
+        @functools.wraps(fn)
+        async def async_wrapper(*args, **kwargs):
+            result = await fn(*args, **kwargs)
+            sensitive = _extract_sensitive(result)
+            if not sensitive:
+                return result
+            tokens     = await _client.atokenize(sensitive, classification=classification)
+            val_to_tok = {str(sensitive[k]): v for k, v in tokens.items()}
+            return _tokenize_in_place(result, val_to_tok)
+
+        import asyncio
+        if asyncio.iscoroutinefunction(fn):
+            return async_wrapper
+        return sync_wrapper
+
+    return decorator
+
+
+# ── BlindCrewAIAgent ──────────────────────────────────────────────────────────
+
+class BlindCrewAIAgent(BlindAgentMiddleware):
+    """
+    CrewAI-specific blind wrapper.
+
+    Usage:
+        from crewai import Agent, Task, Crew
+        from codeastra import BlindCrewAIAgent
+
+        intake_agent = Agent(role="intake", tools=[ehr_tool, ...])
+        blind_intake = BlindCrewAIAgent(
+            intake_agent,
+            api_key="sk-guard-xxx",
+            agent_id="intake-agent",
+            pipeline_id="patient_intake_001",
+        )
+
+        # In your Crew, use blind_intake instead of intake_agent
+        # All tool outputs are tokenized. Agent reasons on tokens only.
+
+        # Pass tokens to next agent:
+        blind_intake.grant_to("scheduling-agent", ["schedule_appointment"])
+    """
+
+    def kickoff(self, *args, **kwargs):
+        """Proxy CrewAI Crew.kickoff()"""
+        if hasattr(self._agent, "kickoff"):
+            result = self._agent.kickoff(*args, **kwargs)
+            return self._blind_output(result)
+        return self.run(*args, **kwargs)
+
+    async def akickoff(self, *args, **kwargs):
+        if hasattr(self._agent, "akickoff"):
+            result = await self._agent.akickoff(*args, **kwargs)
+            return await self._ablind_output(result)
+        return await self.arun(*args, **kwargs)
+
+    def execute_task(self, task: Any, *args, **kwargs):
+        """Intercept CrewAI task execution."""
+        if hasattr(self._agent, "execute_task"):
+            result = self._agent.execute_task(task, *args, **kwargs)
+            return self._blind_output(result)
+        return self.run(*args, **kwargs)
+
+
+# ── BlindAutoGPTAgent ─────────────────────────────────────────────────────────
+
+class BlindAutoGPTAgent(BlindAgentMiddleware):
+    """
+    AutoGPT-style blind wrapper.
+    Intercepts .step() and .run() calls.
+
+    Usage:
+        from codeastra import BlindAutoGPTAgent
+
+        agent = BlindAutoGPTAgent(
+            your_autogpt_agent,
+            api_key="sk-guard-xxx",
+            agent_id="autogpt-agent",
+        )
+        while not agent.is_done():
+            agent.step()
+    """
+
+    def step(self, *args, **kwargs):
+        """Intercept single step execution."""
+        if hasattr(self._agent, "step"):
+            result = self._agent.step(*args, **kwargs)
+            return self._blind_output(result)
+        raise AttributeError("Underlying agent has no .step() method")
+
+    async def astep(self, *args, **kwargs):
+        if hasattr(self._agent, "astep"):
+            result = await self._agent.astep(*args, **kwargs)
+            return await self._ablind_output(result)
+        raise AttributeError("Underlying agent has no .astep() method")
+
+    def is_done(self) -> bool:
+        if hasattr(self._agent, "is_done"):
+            return self._agent.is_done()
+        return False

codeastra-1.0.0/codeastra.egg-info/PKG-INFO

@@ -0,0 +1,30 @@
+Metadata-Version: 2.4
+Name: codeastra
+Version: 1.0.0
+Summary: Blind Agent SDK — drop-in middleware for LangChain, CrewAI, AutoGPT. Two lines makes any agent blind to real data.
+License: MIT
+Project-URL: Homepage, https://codeastra.dev
+Project-URL: Documentation, https://docs.codeastra.dev
+Project-URL: Repository, https://github.com/codeastra/codeastra-python
+Keywords: ai,agents,langchain,crewai,privacy,hipaa,security,tokenization
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+Requires-Dist: httpx>=0.27.0
+Provides-Extra: langchain
+Requires-Dist: langchain>=0.2.0; extra == "langchain"
+Requires-Dist: langchain-core>=0.2.0; extra == "langchain"
+Provides-Extra: crewai
+Requires-Dist: crewai>=0.30.0; extra == "crewai"
+Provides-Extra: all
+Requires-Dist: langchain>=0.2.0; extra == "all"
+Requires-Dist: langchain-core>=0.2.0; extra == "all"
+Requires-Dist: crewai>=0.30.0; extra == "all"

codeastra-1.0.0/codeastra.egg-info/SOURCES.txt

@@ -0,0 +1,10 @@
+pyproject.toml
+codeastra/__init__.py
+codeastra/client.py
+codeastra/middleware.py
+codeastra/wrappers.py
+codeastra.egg-info/PKG-INFO
+codeastra.egg-info/SOURCES.txt
+codeastra.egg-info/dependency_links.txt
+codeastra.egg-info/requires.txt
+codeastra.egg-info/top_level.txt

codeastra-1.0.0/codeastra.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

codeastra-1.0.0/codeastra.egg-info/requires.txt

@@ -0,0 +1,13 @@
+httpx>=0.27.0
+
+[all]
+langchain>=0.2.0
+langchain-core>=0.2.0
+crewai>=0.30.0
+
+[crewai]
+crewai>=0.30.0
+
+[langchain]
+langchain>=0.2.0
+langchain-core>=0.2.0

codeastra-1.0.0/codeastra.egg-info/top_level.txt

@@ -0,0 +1 @@
+codeastra

codeastra-1.0.0/pyproject.toml

@@ -0,0 +1,41 @@
+[build-system]
+requires = ["setuptools>=68", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "codeastra"
+version = "1.0.0"
+description = "Blind Agent SDK — drop-in middleware for LangChain, CrewAI, AutoGPT. Two lines makes any agent blind to real data."
+readme = "README.md"
+license = {text = "MIT"}
+requires-python = ">=3.10"
+keywords = ["ai", "agents", "langchain", "crewai", "privacy", "hipaa", "security", "tokenization"]
+classifiers = [
+    "Development Status :: 5 - Production/Stable",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: Security",
+    "Topic :: Software Development :: Libraries :: Python Modules",
+]
+
+dependencies = [
+    "httpx>=0.27.0",
+]
+
+[project.optional-dependencies]
+langchain = ["langchain>=0.2.0", "langchain-core>=0.2.0"]
+crewai    = ["crewai>=0.30.0"]
+all       = ["langchain>=0.2.0", "langchain-core>=0.2.0", "crewai>=0.30.0"]
+
+[project.urls]
+Homepage      = "https://codeastra.dev"
+Documentation = "https://docs.codeastra.dev"
+Repository    = "https://github.com/codeastra/codeastra-python"
+
+[tool.setuptools.packages.find]
+where = ["."]
+include = ["codeastra*"]

codeastra-1.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+