cortexhub 0.1.7__tar.gz → 0.1.9__tar.gz

{cortexhub-0.1.7 → cortexhub-0.1.9}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cortexhub
-Version: 0.1.7
+Version: 0.1.9
 Summary: CortexHub Python SDK - Policy-as-Code for AI Agents
 Project-URL: Homepage, https://cortexhub.ai
 Project-URL: Documentation, https://docs.cortexhub.ai
@@ -22,6 +22,7 @@ Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Requires-Python: <3.14,>=3.10
 Requires-Dist: cedarpy>=4.0.0
 Requires-Dist: detect-secrets>=1.5.0
+Requires-Dist: en-core-web-sm>=3.8.0
 Requires-Dist: httpx>=0.28.0
 Requires-Dist: opentelemetry-api>=1.20.0
 Requires-Dist: opentelemetry-exporter-otlp-proto-http>=1.20.0
@@ -81,6 +82,9 @@ pip install cortexhub[claude-agents]  # Claude Agent SDK
 pip install cortexhub[all]
 ```
 
+Note: The SDK ships with the spaCy `en-core-web-sm` model for Presidio PII detection,
+so it should not download the model at runtime.
+
 ## Quick Start
 
 ```python

{cortexhub-0.1.7 → cortexhub-0.1.9}/README.md

@@ -18,6 +18,9 @@ pip install cortexhub[claude-agents]  # Claude Agent SDK
 pip install cortexhub[all]
 ```
 
+Note: The SDK ships with the spaCy `en-core-web-sm` model for Presidio PII detection,
+so it should not download the model at runtime.
+
 ## Quick Start
 
 ```python

{cortexhub-0.1.7 → cortexhub-0.1.9}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "cortexhub"
-version = "0.1.7"
+version = "0.1.9"
 description = "CortexHub Python SDK - Policy-as-Code for AI Agents"
 readme = "README.md"
 requires-python = ">=3.10,<3.14"
@@ -37,6 +37,7 @@ dependencies = [
     "presidio-analyzer>=2.2.360",
     "presidio-anonymizer>=2.2.360",
     "detect-secrets>=1.5.0",
+    "en-core-web-sm>=3.8.0",
     # Utils
     "python-dotenv>=1.0.0",
     # Required by detect-secrets at runtime

{cortexhub-0.1.7 → cortexhub-0.1.9}/src/cortexhub/adapters/claude_agents.py

@@ -116,6 +116,14 @@ class ClaudeAgentsAdapter(ToolAdapter):
                     original_handler = original_decorated.handler
                     tool_name = original_decorated.name
                     tool_description = original_decorated.description
+                    parameters_schema = None
+                    if isinstance(input_schema, dict):
+                        parameters_schema = input_schema
+                    elif hasattr(input_schema, "model_json_schema"):
+                        try:
+                            parameters_schema = input_schema.model_json_schema()
+                        except Exception:
+                            parameters_schema = None
                     
                     @wraps(original_handler)
                     async def governed_handler(args: dict[str, Any]) -> dict[str, Any]:
@@ -124,6 +132,7 @@ class ClaudeAgentsAdapter(ToolAdapter):
                             "name": tool_name,
                             "description": tool_description,
                             "framework": "claude_agents",
+                            "parameters_schema": parameters_schema,
                         }
                         
                         governed_fn = govern_execution(

{cortexhub-0.1.7 → cortexhub-0.1.9}/src/cortexhub/adapters/langgraph.py

@@ -93,6 +93,7 @@ class LangGraphAdapter(ToolAdapter):
                 """Governed tool invocation."""
                 tool_name = getattr(self, "name", "unknown_tool")
                 tool_description = getattr(self, "description", None)
+                parameters_schema = adapter._extract_parameters_schema(self)
 
                 # Extract args - preserve structure without rewriting
                 if isinstance(input, dict):
@@ -109,6 +110,7 @@ class LangGraphAdapter(ToolAdapter):
                     "name": tool_name,
                     "description": tool_description,
                     "framework": "langgraph",
+                    "parameters_schema": parameters_schema,
                 }
                 governed_fn = govern_execution(
                     tool_fn=lambda *a, **kw: tool_original_invoke(

{cortexhub-0.1.7 → cortexhub-0.1.9}/src/cortexhub/adapters/openai_agents.py

@@ -102,6 +102,7 @@ class OpenAIAgentsAdapter(ToolAdapter):
                     original_invoke = tool.on_invoke_tool
                     tool_name = tool.name
                     tool_description = tool.description
+                    parameters_schema = tool.params_json_schema or tool.strict_json_schema
                     
                     async def governed_invoke(ctx, input_json: str) -> Any:
                         """Governed tool invocation."""
@@ -114,6 +115,7 @@ class OpenAIAgentsAdapter(ToolAdapter):
                             "name": tool_name,
                             "description": tool_description,
                             "framework": "openai_agents",
+                            "parameters_schema": parameters_schema,
                         }
                         
                         # Create governed function

{cortexhub-0.1.7 → cortexhub-0.1.9}/src/cortexhub/client.py

@@ -439,6 +439,7 @@ class CortexHub:
         framework: str,
         call_original: Callable[[], Any],
         tool_description: str | None = None,
+        parameters_schema: dict[str, Any] | None = None,
         principal: Principal | dict[str, str] | None = None,
         resource_type: str = "Tool",
     ) -> Any:
@@ -475,6 +476,10 @@ class CortexHub:
             PolicyViolationError: If policy denies
             ApprovalDeniedError: If approval denied
         """
+        expected_types = self._extract_expected_arg_types(parameters_schema)
+
+        expected_types = self._extract_expected_arg_types(parameters_schema)
+
         # Step 1: Build request (structured, NOT flattened)
         policy_args = self._sanitize_policy_args(args)
         request = self.build_request(
@@ -515,6 +520,21 @@ class CortexHub:
                 span.set_attribute("cortexhub.raw.args", json.dumps(args, default=str))
 
             try:
+                if expected_types and self.enforce and self.evaluator:
+                    mismatches = self._validate_arg_types(args, expected_types)
+                    if mismatches:
+                        message = f"Tool argument type mismatch: {'; '.join(mismatches)}"
+                        span.add_event(
+                            "policy.decision",
+                            attributes={
+                                "decision.effect": "deny",
+                                "decision.policy_id": "",
+                                "decision.reasoning": message,
+                                "decision.policy_name": "type_mismatch",
+                            },
+                        )
+                        span.set_status(Status(StatusCode.ERROR, message))
+                        raise PolicyViolationError(message, reasoning=message)
                 # Step 4: Policy evaluation (enforcement mode only)
                 if self.enforce and self.evaluator:
                     if os.getenv("CORTEXHUB_DEBUG_POLICY", "").lower() in ("1", "true", "yes"):
@@ -636,6 +656,7 @@ class CortexHub:
         framework: str,
         call_original: Callable[[], Any],
         tool_description: str | None = None,
+        parameters_schema: dict[str, Any] | None = None,
         principal: Principal | dict[str, str] | None = None,
         resource_type: str = "Tool",
     ) -> Any:
@@ -684,6 +705,21 @@ class CortexHub:
                 span.set_attribute("cortexhub.raw.args", json.dumps(args, default=str))
 
             try:
+                if expected_types and self.enforce and self.evaluator:
+                    mismatches = self._validate_arg_types(args, expected_types)
+                    if mismatches:
+                        message = f"Tool argument type mismatch: {'; '.join(mismatches)}"
+                        span.add_event(
+                            "policy.decision",
+                            attributes={
+                                "decision.effect": "deny",
+                                "decision.policy_id": "",
+                                "decision.reasoning": message,
+                                "decision.policy_name": "type_mismatch",
+                            },
+                        )
+                        span.set_status(Status(StatusCode.ERROR, message))
+                        raise PolicyViolationError(message, reasoning=message)
                 # Step 4: Policy evaluation (enforcement mode only)
                 if self.enforce and self.evaluator:
                     decision = self.evaluator.evaluate(request)
@@ -1316,6 +1352,49 @@ class CortexHub:
             return "string"
         return "unknown"
 
+    def _extract_expected_arg_types(self, parameters_schema: dict[str, Any] | None) -> dict[str, str]:
+        if not parameters_schema or not isinstance(parameters_schema, dict):
+            return {}
+        properties = parameters_schema.get("properties")
+        if not isinstance(properties, dict):
+            return {}
+        expected: dict[str, str] = {}
+        for name, schema in properties.items():
+            if not isinstance(schema, dict):
+                continue
+            raw_type = schema.get("type")
+            if isinstance(raw_type, list):
+                raw_type = next((t for t in raw_type if t != "null"), None)
+            if not isinstance(raw_type, str):
+                continue
+            normalized = raw_type.lower()
+            if normalized == "integer":
+                normalized = "number"
+            if normalized in ("number", "string", "boolean"):
+                expected[str(name)] = normalized
+        return expected
+
+    def _validate_arg_types(self, args: dict[str, Any], expected_types: dict[str, str]) -> list[str]:
+        if not isinstance(args, dict):
+            return []
+        mismatches: list[str] = []
+        for name, expected in expected_types.items():
+            if name not in args:
+                continue
+            value = args.get(name)
+            if value is None:
+                continue
+            if expected == "number":
+                if not isinstance(value, int) or isinstance(value, bool):
+                    mismatches.append(f"{name} expected number but got {type(value).__name__}")
+            elif expected == "string":
+                if not isinstance(value, str):
+                    mismatches.append(f"{name} expected string but got {type(value).__name__}")
+            elif expected == "boolean":
+                if not isinstance(value, bool):
+                    mismatches.append(f"{name} expected boolean but got {type(value).__name__}")
+        return mismatches
+
     def trace_llm_call(
         self,
         model: str,
@@ -1785,25 +1864,6 @@ class CortexHub:
         if not isinstance(cleaned_args, dict):
             return {}
 
-        if "amount" in cleaned_args:
-            from decimal import Decimal, InvalidOperation
-
-            amount = cleaned_args.get("amount")
-            dec_amount: Decimal | None = None
-            if isinstance(amount, int):
-                dec_amount = Decimal(amount)
-            elif isinstance(amount, str):
-                try:
-                    dec_amount = Decimal(amount)
-                except InvalidOperation:
-                    dec_amount = None
-            if dec_amount is not None:
-                quantized = dec_amount.quantize(Decimal("0.01"))
-                if quantized == dec_amount:
-                    cleaned_args["amount_cents"] = int(
-                        (quantized * 100).to_integral_value()
-                    )
-
         return cleaned_args
 
     def _summarize_policy_args(self, args: dict[str, Any]) -> dict[str, Any]:

{cortexhub-0.1.7 → cortexhub-0.1.9}/src/cortexhub/pipeline.py

@@ -46,6 +46,12 @@ def govern_execution(
     framework = tool_metadata.get("framework", "unknown")
     model = tool_metadata.get("model", "unknown")
     prompt = tool_metadata.get("prompt")
+    parameters_schema = (
+        tool_metadata.get("parameters_schema")
+        or tool_metadata.get("params_json_schema")
+        or tool_metadata.get("input_schema")
+        or tool_metadata.get("strict_json_schema")
+    )
     call_original = tool_metadata.get("call_original")
     if call_original is None:
         call_original = tool_fn
@@ -78,6 +84,7 @@ def govern_execution(
                 args=kwargs,  # Use kwargs for structured arguments
                 framework=framework,
                 call_original=lambda: tool_fn(*args, **kwargs),
+                parameters_schema=parameters_schema,
             )
         return async_wrapper
     else:
@@ -88,5 +95,6 @@ def govern_execution(
                 args=kwargs,  # Use kwargs for structured arguments
                 framework=framework,
                 call_original=lambda: tool_fn(*args, **kwargs),
+                parameters_schema=parameters_schema,
             )
         return sync_wrapper

{cortexhub-0.1.7 → cortexhub-0.1.9}/src/cortexhub/version.py

@@ -1,3 +1,3 @@
 """Version information for CortexHub SDK."""
 
-__version__ = "0.1.5"
+__version__ = "0.1.9"