PyPI - decodingtrust-agent-sdk - Versions diffs - 0.1.0__py3-none-any.whl - Mend

decodingtrust-agent-sdk 0.1.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (374) hide show

agent/__init__.py +30 -0
agent/claudesdk/__init__.py +8 -0
agent/claudesdk/example.py +221 -0
agent/claudesdk/src/__init__.py +8 -0
agent/claudesdk/src/agent.py +400 -0
agent/claudesdk/src/mcp_proxy.py +409 -0
agent/claudesdk/src/utils.py +420 -0
agent/googleadk/__init__.py +15 -0
agent/googleadk/example.py +237 -0
agent/googleadk/src/__init__.py +12 -0
agent/googleadk/src/agent.py +401 -0
agent/googleadk/src/mcp_wrapper.py +163 -0
agent/googleadk/src/utils.py +602 -0
agent/langchain/__init__.py +8 -0
agent/langchain/example.py +213 -0
agent/langchain/src/__init__.py +8 -0
agent/langchain/src/agent.py +645 -0
agent/langchain/src/utils.py +433 -0
agent/openaisdk/__init__.py +17 -0
agent/openaisdk/example.py +228 -0
agent/openaisdk/src/__init__.py +12 -0
agent/openaisdk/src/agent.py +491 -0
agent/openaisdk/src/agent_wrapper.py +143 -0
agent/openaisdk/src/mcp_wrapper.py +395 -0
agent/openaisdk/src/utils.py +493 -0
agent/openclaw/__init__.py +10 -0
agent/openclaw/example.py +251 -0
agent/openclaw/src/__init__.py +14 -0
agent/openclaw/src/agent.py +930 -0
agent/openclaw/src/helpers/__init__.py +1 -0
agent/openclaw/src/helpers/auth_helpers.py +55 -0
agent/openclaw/src/mcp_proxy.py +564 -0
agent/openclaw/src/plugin_generator.py +231 -0
agent/openclaw/src/utils.py +341 -0
agent/pocketflow/__init__.py +18 -0
agent/pocketflow/example.py +221 -0
agent/pocketflow/prompts/react_agent.py +46 -0
agent/pocketflow/src/__init__.py +6 -0
agent/pocketflow/src/agent.py +507 -0
agent/pocketflow/src/agent_wrapper.py +159 -0
agent/pocketflow/src/async_helper.py +92 -0
agent/pocketflow/src/mcp_react_agent.py +279 -0
agent/pocketflow/src/native_agent.py +74 -0
agent/pocketflow/src/nodes.py +467 -0
benchmark/__init__.py +0 -0
benchmark/browser/benign.jsonl +34 -0
benchmark/browser/direct.jsonl +85 -0
benchmark/browser/indirect.jsonl +82 -0
benchmark/code/benign.jsonl +0 -0
benchmark/code/direct.jsonl +121 -0
benchmark/code/indirect.jsonl +165 -0
benchmark/crm/benign.jsonl +165 -0
benchmark/crm/direct.jsonl +90 -0
benchmark/crm/indirect.jsonl +150 -0
benchmark/customer-service/benign.jsonl +160 -0
benchmark/customer-service/direct.jsonl +100 -0
benchmark/customer-service/indirect.jsonl +101 -0
benchmark/finance/benign.jsonl +0 -0
benchmark/finance/direct.jsonl +200 -0
benchmark/finance/indirect.jsonl +200 -0
benchmark/legal/benign.jsonl +0 -0
benchmark/legal/direct.jsonl +200 -0
benchmark/legal/indirect.jsonl +200 -0
benchmark/macos/benign.jsonl +30 -0
benchmark/macos/direct.jsonl +50 -0
benchmark/macos/indirect.jsonl +50 -0
benchmark/medical/benign.jsonl +642 -0
benchmark/medical/direct.jsonl +229 -0
benchmark/medical/indirect.jsonl +222 -0
benchmark/os-filesystem/benign.jsonl +200 -0
benchmark/os-filesystem/direct.jsonl +200 -0
benchmark/os-filesystem/indirect.jsonl +200 -0
benchmark/research/benign.jsonl +0 -0
benchmark/research/direct.jsonl +119 -0
benchmark/research/indirect.jsonl +125 -0
benchmark/telecom/benign.jsonl +120 -0
benchmark/telecom/direct.jsonl +161 -0
benchmark/telecom/indirect.jsonl +166 -0
benchmark/travel/benign.jsonl +130 -0
benchmark/travel/direct.jsonl +105 -0
benchmark/travel/indirect.jsonl +120 -0
benchmark/windows/benign.jsonl +100 -0
benchmark/windows/direct.jsonl +140 -0
benchmark/windows/indirect.jsonl +107 -0
benchmark/workflow/benign.jsonl +335 -0
benchmark/workflow/direct.jsonl +78 -0
benchmark/workflow/indirect.jsonl +107 -0
cli/__init__.py +5 -0
cli/main.py +182 -0
cli/scaffold.py +334 -0
decodingtrust_agent_sdk-0.1.0.dist-info/METADATA +642 -0
decodingtrust_agent_sdk-0.1.0.dist-info/RECORD +374 -0
decodingtrust_agent_sdk-0.1.0.dist-info/WHEEL +5 -0
decodingtrust_agent_sdk-0.1.0.dist-info/entry_points.txt +2 -0
decodingtrust_agent_sdk-0.1.0.dist-info/licenses/LICENSE +201 -0
decodingtrust_agent_sdk-0.1.0.dist-info/top_level.txt +6 -0
dt_arena/config/env.yaml +515 -0
dt_arena/config/injection_mcp.yaml +430 -0
dt_arena/config/mcp.yaml +642 -0
dt_arena/envs/arxiv/docker-compose-hub.yml +31 -0
dt_arena/envs/arxiv/docker-compose.yml +36 -0
dt_arena/envs/atlassian/docker/docker-compose.dev.yml +65 -0
dt_arena/envs/atlassian/docker/docker-compose.yml +53 -0
dt_arena/envs/atlassian/docker-compose-hub.yml +57 -0
dt_arena/envs/atlassian/docker-compose.yml +72 -0
dt_arena/envs/bigquery/docker-compose.yml +20 -0
dt_arena/envs/booking/docker-compose.yml +59 -0
dt_arena/envs/calendar/docker-compose-hub.yml +30 -0
dt_arena/envs/calendar/docker-compose.yml +42 -0
dt_arena/envs/custom-website/docker-compose.yml +6 -0
dt_arena/envs/customer_service/docker-compose.yml +59 -0
dt_arena/envs/databricks/docker-compose-hub.yml +47 -0
dt_arena/envs/databricks/docker-compose.yml +51 -0
dt_arena/envs/ecommerce/docker-compose.yml +6 -0
dt_arena/envs/ers/docker-compose.yml +36 -0
dt_arena/envs/ers/hrms/docker/docker-compose.yml +31 -0
dt_arena/envs/finance/docker-compose.yml +23 -0
dt_arena/envs/github/docker/docker-compose-hub.yml +50 -0
dt_arena/envs/github/docker/docker-compose.yml +50 -0
dt_arena/envs/gmail/docker-compose-hub.yml +51 -0
dt_arena/envs/gmail/docker-compose.yml +65 -0
dt_arena/envs/google-form/docker-compose-hub.yml +33 -0
dt_arena/envs/google-form/docker-compose.yml +41 -0
dt_arena/envs/googledocs/docker-compose-hub.yml +61 -0
dt_arena/envs/googledocs/docker-compose.yml +78 -0
dt_arena/envs/hospital/docker-compose-hub.yml +25 -0
dt_arena/envs/hospital/docker-compose.yml +27 -0
dt_arena/envs/legal/docker-compose.yml +22 -0
dt_arena/envs/linkedin/docker-compose.yml +63 -0
dt_arena/envs/macos/docker-compose.yml +79 -0
dt_arena/envs/os-filesystem/docker-compose-hub.yml +16 -0
dt_arena/envs/os-filesystem/docker-compose.yml +20 -0
dt_arena/envs/paypal/docker-compose-hub.yml +48 -0
dt_arena/envs/paypal/docker-compose.yml +63 -0
dt_arena/envs/research/docker-compose-hub.yml +13 -0
dt_arena/envs/research/docker-compose.yml +24 -0
dt_arena/envs/salesforce_crm/docker-compose-hub.yaml +45 -0
dt_arena/envs/salesforce_crm/docker-compose.yaml +49 -0
dt_arena/envs/slack/docker-compose-hub.yml +28 -0
dt_arena/envs/slack/docker-compose.yml +41 -0
dt_arena/envs/snowflake/docker-compose-hub.yml +41 -0
dt_arena/envs/snowflake/docker-compose.yml +44 -0
dt_arena/envs/telecom/docker-compose-hub.yml +16 -0
dt_arena/envs/telecom/docker-compose.yml +17 -0
dt_arena/envs/telegram/docker-compose-hub.yml +57 -0
dt_arena/envs/telegram/docker-compose.yml +62 -0
dt_arena/envs/terminal/docker-compose-hub.yml +12 -0
dt_arena/envs/terminal/docker-compose.yml +26 -0
dt_arena/envs/travel/docker-compose-hub.yml +19 -0
dt_arena/envs/travel/docker-compose.yml +19 -0
dt_arena/envs/whatsapp/docker-compose-hub.yml +61 -0
dt_arena/envs/whatsapp/docker-compose.yml +78 -0
dt_arena/envs/windows/docker-compose.yml +71 -0
dt_arena/envs/zoom/docker-compose-hub.yml +27 -0
dt_arena/envs/zoom/docker-compose.yml +40 -0
dt_arena/injection_mcp_server/atlassian/env_injection.py +134 -0
dt_arena/injection_mcp_server/calendar/env_injection.py +217 -0
dt_arena/injection_mcp_server/custom_website/env_injection.py +97 -0
dt_arena/injection_mcp_server/customer_service/env_injection.py +659 -0
dt_arena/injection_mcp_server/databricks/env_injection.py +255 -0
dt_arena/injection_mcp_server/ecommerce/env_injection.py +110 -0
dt_arena/injection_mcp_server/finance/env_injection.py +85 -0
dt_arena/injection_mcp_server/github/env_injection.py +206 -0
dt_arena/injection_mcp_server/gmail/env_injection.py +211 -0
dt_arena/injection_mcp_server/google_form/env_injection.py +186 -0
dt_arena/injection_mcp_server/googledocs/env_injection.py +44 -0
dt_arena/injection_mcp_server/hospital/env_injection.py +43 -0
dt_arena/injection_mcp_server/legal/env_injection.py +229 -0
dt_arena/injection_mcp_server/macos/env_injection.py +272 -0
dt_arena/injection_mcp_server/os-filesystem/env_injection.py +341 -0
dt_arena/injection_mcp_server/paypal/env_injection.py +268 -0
dt_arena/injection_mcp_server/research/env_injection.py +616 -0
dt_arena/injection_mcp_server/salesforce/env_injection.py +514 -0
dt_arena/injection_mcp_server/slack/env_injection.py +265 -0
dt_arena/injection_mcp_server/snowflake/env_injection.py +230 -0
dt_arena/injection_mcp_server/telecom/env_injection.py +503 -0
dt_arena/injection_mcp_server/telegram/env_injection.py +171 -0
dt_arena/injection_mcp_server/terminal/env_injection.py +523 -0
dt_arena/injection_mcp_server/travel/env_injection.py +173 -0
dt_arena/injection_mcp_server/whatsapp/env_injection.py +185 -0
dt_arena/injection_mcp_server/windows/env_injection.py +943 -0
dt_arena/injection_mcp_server/zoom/env_injection.py +216 -0
dt_arena/mcp_server/atlassian/main.py +1554 -0
dt_arena/mcp_server/atlassian/test_server.py +66 -0
dt_arena/mcp_server/bigquery/main.py +333 -0
dt_arena/mcp_server/booking/main.py +310 -0
dt_arena/mcp_server/browser/main.py +1741 -0
dt_arena/mcp_server/calendar/example_multi_user.py +162 -0
dt_arena/mcp_server/calendar/main.py +792 -0
dt_arena/mcp_server/calendar/test_mcp.py +135 -0
dt_arena/mcp_server/customer_service/main.py +1063 -0
dt_arena/mcp_server/databricks/main.py +566 -0
dt_arena/mcp_server/databricks/probe.py +102 -0
dt_arena/mcp_server/ers/main.py +845 -0
dt_arena/mcp_server/finance/__init__.py +87 -0
dt_arena/mcp_server/finance/core/__init__.py +12 -0
dt_arena/mcp_server/finance/core/data_loader.py +558 -0
dt_arena/mcp_server/finance/core/portfolio.py +565 -0
dt_arena/mcp_server/finance/evaluation/__init__.py +20 -0
dt_arena/mcp_server/finance/evaluation/evaluator.py +217 -0
dt_arena/mcp_server/finance/evaluation/logger.py +137 -0
dt_arena/mcp_server/finance/injection/__init__.py +66 -0
dt_arena/mcp_server/finance/injection/config.py +176 -0
dt_arena/mcp_server/finance/injection/content.py +755 -0
dt_arena/mcp_server/finance/injection/html.py +409 -0
dt_arena/mcp_server/finance/injection/locations.py +167 -0
dt_arena/mcp_server/finance/injection/methods.py +193 -0
dt_arena/mcp_server/finance/injection/presets.py +1023 -0
dt_arena/mcp_server/finance/main.py +361 -0
dt_arena/mcp_server/finance/run_mcp.py +21 -0
dt_arena/mcp_server/finance/run_web.py +26 -0
dt_arena/mcp_server/finance/server/__init__.py +41 -0
dt_arena/mcp_server/finance/server/extractor.py +1453 -0
dt_arena/mcp_server/finance/server/extractor_minimal.py +292 -0
dt_arena/mcp_server/finance/server/extractor_simple.py +1164 -0
dt_arena/mcp_server/finance/server/injection_mcp.py +865 -0
dt_arena/mcp_server/finance/server/mcp.py +451 -0
dt_arena/mcp_server/finance/server/tools/__init__.py +23 -0
dt_arena/mcp_server/finance/server/tools/account.py +88 -0
dt_arena/mcp_server/finance/server/tools/browsing.py +328 -0
dt_arena/mcp_server/finance/server/tools/social.py +73 -0
dt_arena/mcp_server/finance/server/tools/trading.py +242 -0
dt_arena/mcp_server/finance/server/tools/utility.py +49 -0
dt_arena/mcp_server/finance/server/web.py +2139 -0
dt_arena/mcp_server/finance/tasks/benchmark/__init__.py +28 -0
dt_arena/mcp_server/finance/tasks/benchmark/attack_pool.py +3026 -0
dt_arena/mcp_server/finance/tasks/benchmark/attack_runner.py +1315 -0
dt_arena/mcp_server/finance/tasks/benchmark/finra_requirements.py +1335 -0
dt_arena/mcp_server/finance/tasks/benchmark/finra_tasks.py +3665 -0
dt_arena/mcp_server/finance/tasks/benchmark/malicious_tasks.py +2673 -0
dt_arena/mcp_server/finance/tasks/redteam_suite/run_redteam_suite.py +1713 -0
dt_arena/mcp_server/finance/test_mcp_tools.py +476 -0
dt_arena/mcp_server/github/main.py +441 -0
dt_arena/mcp_server/gmail/main.py +1004 -0
dt_arena/mcp_server/google_form/main.py +141 -0
dt_arena/mcp_server/googledocs/main.py +458 -0
dt_arena/mcp_server/hospital/mcp_server.py +458 -0
dt_arena/mcp_server/legal/__init__.py +9 -0
dt_arena/mcp_server/legal/core/__init__.py +14 -0
dt_arena/mcp_server/legal/core/courtlistener_store.py +762 -0
dt_arena/mcp_server/legal/core/data_loader.py +266 -0
dt_arena/mcp_server/legal/core/document_store.py +197 -0
dt_arena/mcp_server/legal/core/matter_manager.py +466 -0
dt_arena/mcp_server/legal/main.py +89 -0
dt_arena/mcp_server/legal/scripts/collect_data.py +988 -0
dt_arena/mcp_server/legal/server/__init__.py +14 -0
dt_arena/mcp_server/legal/server/mcp.py +2330 -0
dt_arena/mcp_server/macos/client_test.py +270 -0
dt_arena/mcp_server/macos/mcp_server.py +285 -0
dt_arena/mcp_server/os-filesystem/main.py +1380 -0
dt_arena/mcp_server/paypal/main.py +501 -0
dt_arena/mcp_server/research/main.py +777 -0
dt_arena/mcp_server/salesforce/main.py +2006 -0
dt_arena/mcp_server/slack/main.py +318 -0
dt_arena/mcp_server/snowflake/main.py +612 -0
dt_arena/mcp_server/snowflake/probe.py +183 -0
dt_arena/mcp_server/telecom/mcp_client.py +423 -0
dt_arena/mcp_server/telecom/mcp_server.py +1059 -0
dt_arena/mcp_server/telegram/main.py +338 -0
dt_arena/mcp_server/terminal/main.py +163 -0
dt_arena/mcp_server/travel/client_test.py +16 -0
dt_arena/mcp_server/travel/mcp_server.py +404 -0
dt_arena/mcp_server/whatsapp/main.py +318 -0
dt_arena/mcp_server/windows/client_test.py +270 -0
dt_arena/mcp_server/windows/mcp_server.py +218 -0
dt_arena/mcp_server/zoom/main.py +466 -0
dt_arena/src/__init__.py +0 -0
dt_arena/src/hooks/__init__.py +0 -0
dt_arena/src/hooks/audit_log.py +30 -0
dt_arena/src/hooks/hooks.json +3 -0
dt_arena/src/run_benign.py +142 -0
dt_arena/src/types/__init__.py +0 -0
dt_arena/src/types/agent.py +441 -0
dt_arena/src/types/attacks.py +2 -0
dt_arena/src/types/environment.py +2 -0
dt_arena/src/types/hooks.py +174 -0
dt_arena/src/types/judge.py +52 -0
dt_arena/src/types/red_teaming_trajectory.py +385 -0
dt_arena/src/types/task.py +260 -0
dt_arena/src/types/trajectory.py +315 -0
dt_arena/utils/__init__.py +1 -0
dt_arena/utils/atlassian/__init__.py +27 -0
dt_arena/utils/atlassian/helpers.py +520 -0
dt_arena/utils/bigquery/__init__.py +1 -0
dt_arena/utils/bigquery/helpers.py +246 -0
dt_arena/utils/calendar/__init__.py +1 -0
dt_arena/utils/calendar/helpers.py +87 -0
dt_arena/utils/customer_service/__init__.py +17 -0
dt_arena/utils/customer_service/cs_env_client.py +940 -0
dt_arena/utils/customer_service/helpers.py +339 -0
dt_arena/utils/customer_service/judges/__init__.py +20 -0
dt_arena/utils/customer_service/judges/abusive_comms.py +149 -0
dt_arena/utils/customer_service/judges/bulk_destructive.py +202 -0
dt_arena/utils/customer_service/judges/cross_customer.py +481 -0
dt_arena/utils/customer_service/judges/email_exfiltration.py +320 -0
dt_arena/utils/customer_service/judges/financial_fraud.py +221 -0
dt_arena/utils/customer_service/judges/llm_utils.py +264 -0
dt_arena/utils/customer_service/judges/pii_disclosure.py +837 -0
dt_arena/utils/customer_service/judges/policy_misrep.py +44 -0
dt_arena/utils/customer_service/judges/text_utils.py +21 -0
dt_arena/utils/databricks/__init__.py +2 -0
dt_arena/utils/databricks/helpers.py +210 -0
dt_arena/utils/finance/__init__.py +0 -0
dt_arena/utils/finance/helpers.py +263 -0
dt_arena/utils/github/__init__.py +1 -0
dt_arena/utils/github/helpers.py +249 -0
dt_arena/utils/gmail/__init__.py +1 -0
dt_arena/utils/gmail/helpers.py +344 -0
dt_arena/utils/google_form/__init__.py +2 -0
dt_arena/utils/google_form/helpers.py +133 -0
dt_arena/utils/legal/__init__.py +0 -0
dt_arena/utils/legal/helpers.py +228 -0
dt_arena/utils/macos/__init__.py +0 -0
dt_arena/utils/macos/env_setup.py +215 -0
dt_arena/utils/macos/helpers.py +61 -0
dt_arena/utils/os_filesystem/__init__.py +1 -0
dt_arena/utils/os_filesystem/helpers.py +366 -0
dt_arena/utils/paypal/__init__.py +1 -0
dt_arena/utils/paypal/helpers.py +178 -0
dt_arena/utils/port_allocator.py +266 -0
dt_arena/utils/research/__init__.py +0 -0
dt_arena/utils/research/helpers.py +251 -0
dt_arena/utils/salesforce/__init__.py +1 -0
dt_arena/utils/salesforce/helpers.py +719 -0
dt_arena/utils/slack/__init__.py +1 -0
dt_arena/utils/slack/helpers.py +176 -0
dt_arena/utils/snowflake/__init__.py +1 -0
dt_arena/utils/snowflake/helpers.py +166 -0
dt_arena/utils/telecom/__init__.py +1 -0
dt_arena/utils/telecom/helpers.py +760 -0
dt_arena/utils/telegram/__init__.py +0 -0
dt_arena/utils/telegram/helpers.py +174 -0
dt_arena/utils/terminal/__init__.py +0 -0
dt_arena/utils/terminal/helpers.py +20 -0
dt_arena/utils/travel/__init__.py +0 -0
dt_arena/utils/travel/env_client.py +537 -0
dt_arena/utils/travel/llm_judge.py +137 -0
dt_arena/utils/travel/prompts.py +64 -0
dt_arena/utils/utils/__init__.py +122 -0
dt_arena/utils/whatsapp/__init__.py +0 -0
dt_arena/utils/whatsapp/helpers.py +226 -0
dt_arena/utils/windows/__init__.py +0 -0
dt_arena/utils/windows/env_reset.py +224 -0
dt_arena/utils/windows/env_setup.py +280 -0
dt_arena/utils/windows/exfil_helpers.py +170 -0
dt_arena/utils/windows/helpers.py +74 -0
dt_arena/utils/zoom/__init__.py +1 -0
dt_arena/utils/zoom/helpers.py +70 -0
eval/__init__.py +1 -0
eval/evaluation.py +426 -0
eval/task_runner.py +449 -0
utils/__init__.py +148 -0
utils/agent_helpers.py +308 -0
utils/agent_wrapper.py +189 -0
utils/compose_utils.py +135 -0
utils/config.py +77 -0
utils/env_helpers.py +104 -0
utils/eval_stats.py +88 -0
utils/injection_helpers.py +429 -0
utils/injection_mcp_helpers.py +152 -0
utils/judge_helpers.py +181 -0
utils/judge_utils.py +472 -0
utils/llm.py +196 -0
utils/logging.py +45 -0
utils/mcp_helpers.py +232 -0
utils/mcp_manager.py +235 -0
utils/memory_guard.py +18 -0
utils/red_teaming_sandbox.py +476 -0
utils/reset_helpers.py +318 -0
utils/resource_manager.py +370 -0
utils/skill_helpers.py +447 -0
utils/task_executor.py +904 -0
utils/task_helpers.py +270 -0
utils/template_helpers.py +179 -0

utils/agent_helpers.py ADDED Viewed

@@ -0,0 +1,308 @@
+from typing import Any, Dict, List, Optional, Type
+OS_FILESYSTEM_CLAUDE_SDK_DISALLOWED_TOOLS = [
+    "Bash",
+    "Read",
+    "Write",
+    "Edit",
+    "MultiEdit",
+    "Glob",
+    "Grep",
+    "NotebookEdit",
+    "AskUserQuestion",
+]
+OS_FILESYSTEM_OPENCLAW_DISALLOWED_TOOLS = [
+    "group:fs",
+    "group:runtime",
+    "group:web",
+    "group:memory",
+    "group:ui",
+    "group:sessions",
+    "group:automation",
+    "group:messaging",
+    "agents_list",
+    "image",
+    "nodes",
+    "tts",
+]
+def get_default_disallowed_tools(agent_type: Optional[str], domain: Optional[str]) -> Optional[List[str]]:
+    """Return domain-specific native tools to disable when none are provided explicitly."""
+    if (domain or "").lower() != "os-filesystem":
+        return None
+    agent = (agent_type or "").lower()
+    if agent == "claudesdk":
+        return list(OS_FILESYSTEM_CLAUDE_SDK_DISALLOWED_TOOLS)
+    if agent == "openclaw":
+        return list(OS_FILESYSTEM_OPENCLAW_DISALLOWED_TOOLS)
+    return None
+_AgentConfig = None
+_RuntimeConfig = None
+_TaskConfig = None
+_AttackConfig = None
+_OpenAISDKAgent = None
+_LangChainAgent = None
+_ClaudeSDKAgent = None
+_GoogleADKAgent = None
+_MCPReactAgent = None
+_OpenClawAgent = None
+# Native agent wrappers (lazy imports)
+_OpenAISDKNativeWrapper = None
+_MCPReactAgentNativeWrapper = None
+def _ensure_imports():
+    """Lazy import of agent-related types."""
+    global _AgentConfig, _RuntimeConfig, _TaskConfig, _AttackConfig
+    global _OpenAISDKAgent, _LangChainAgent, _ClaudeSDKAgent, _GoogleADKAgent, _MCPReactAgent, _OpenClawAgent
+    global _OpenAISDKNativeWrapper, _MCPReactAgentNativeWrapper
+    if _AgentConfig is None:
+        from dt_arena.src.types.agent import AgentConfig, RuntimeConfig
+        from dt_arena.src.types.task import AttackConfig, TaskConfig
+        _AgentConfig = AgentConfig
+        _RuntimeConfig = RuntimeConfig
+        _TaskConfig = TaskConfig
+        _AttackConfig = AttackConfig
+    # Import OpenAI SDK agent
+    if _OpenAISDKAgent is None:
+        try:
+            from agent.openaisdk import OpenAISDKAgent
+            _OpenAISDKAgent = OpenAISDKAgent
+        except ImportError as e:
+            print(f"[WARNING] OpenAI SDK agent not available: {e}")
+    # Import LangChain agent
+    if _LangChainAgent is None:
+        try:
+            from agent.langchain import LangChainAgent
+            _LangChainAgent = LangChainAgent
+        except ImportError as e:
+            print(f"[WARNING] LangChain agent not available: {e}")
+    # Import Claude SDK agent
+    if _ClaudeSDKAgent is None:
+        try:
+            from agent.claudesdk import ClaudeSDKAgent
+            _ClaudeSDKAgent = ClaudeSDKAgent
+        except ImportError as e:
+            print(f"[WARNING] Claude SDK agent not available: {e}")
+    # Import Google ADK agent
+    if _GoogleADKAgent is None:
+        try:
+            from agent.googleadk import GoogleADKAgent
+            _GoogleADKAgent = GoogleADKAgent
+        except ImportError as e:
+            print(f"[WARNING] Google ADK agent not available: {e}")
+    # Import PocketFlow agent
+    if _MCPReactAgent is None:
+        try:
+            from agent.pocketflow import MCPReactAgent
+            _MCPReactAgent = MCPReactAgent
+        except ImportError as e:
+            print(f"[WARNING] PocketFlow agent not available: {e}")
+    # Import OpenClaw agent
+    if _OpenClawAgent is None:
+        try:
+            from agent.openclaw import OpenClawAgent
+            _OpenClawAgent = OpenClawAgent
+        except ImportError as e:
+            print(f"[WARNING] OpenClaw agent not available: {e}")
+    # Import native agent wrappers
+    if _OpenAISDKNativeWrapper is None:
+        try:
+            from agent.openaisdk.src.agent_wrapper import OpenAISDKNativeWrapper
+            _OpenAISDKNativeWrapper = OpenAISDKNativeWrapper
+        except ImportError as e:
+            print(f"[WARNING] OpenAI SDK native wrapper not available: {e}")
+    if _MCPReactAgentNativeWrapper is None:
+        try:
+            from agent.pocketflow.src.agent_wrapper import MCPReactAgentNativeWrapper
+            _MCPReactAgentNativeWrapper = MCPReactAgentNativeWrapper
+        except ImportError as e:
+            print(f"[WARNING] PocketFlow native wrapper not available: {e}")
+def _get_agent_registry() -> Dict[str, Type]:
+    """Get the agent registry with lazy imports."""
+    _ensure_imports()
+    registry = {}
+    if _OpenAISDKAgent is not None:
+        registry["openaisdk"] = _OpenAISDKAgent
+    if _LangChainAgent is not None:
+        registry["langchain"] = _LangChainAgent
+    if _ClaudeSDKAgent is not None:
+        registry["claudesdk"] = _ClaudeSDKAgent
+    if _GoogleADKAgent is not None:
+        registry["googleadk"] = _GoogleADKAgent
+    if _MCPReactAgent is not None:
+        registry["pocketflow"] = _MCPReactAgent
+    if _OpenClawAgent is not None:
+        registry["openclaw"] = _OpenClawAgent
+    return registry
+# Agent registry - lazily populated
+AGENT_REGISTRY: Dict[str, Type] = {}
+def build_agent(
+    agent_type: Optional[str] = None,
+    agent_cfg: Optional[Any] = None,  # AgentConfig
+    runtime_cfg: Optional[Any] = None,  # RuntimeConfig
+    *,
+    native_agent: Optional[Any] = None,  # Pre-built native SDK agent
+) -> Any:
+    """Instantiate the requested agent implementation.
+    Args:
+        agent_type: Type of agent to build (e.g., "openaisdk", "langchain").
+            Required if native_agent is not provided.
+        agent_cfg: AgentConfig instance. For native agents, this provides
+            additional benchmark MCP servers to add.
+        runtime_cfg: RuntimeConfig instance with model, temperature, max_turns,
+            output_dir, and mcp_injection settings.
+        native_agent: Pre-built native SDK agent to wrap. When provided,
+            the framework is auto-detected and the agent is wrapped for
+            evaluation.
+    Returns:
+        Initialized agent instance
+    Raises:
+        ValueError: If neither agent_type nor native_agent is provided,
+            or if the native agent framework cannot be detected.
+    """
+    _ensure_imports()
+    # Use provided runtime_cfg or create default
+    if runtime_cfg is None:
+        runtime_cfg = _RuntimeConfig()
+    # Mode 2: Wrap a pre-built native agent
+    if native_agent is not None:
+        return _wrap_native_agent(
+            native_agent=native_agent,
+            agent_cfg=agent_cfg,
+            runtime_cfg=runtime_cfg,
+        )
+    # Mode 1: Build from scratch (existing behavior)
+    if agent_type is None:
+        raise ValueError(
+            "Either 'agent_type' or 'native_agent' must be provided. "
+            "Use agent_type to build from scratch, or native_agent to wrap "
+            "a pre-built agent."
+        )
+    registry = _get_agent_registry()
+    agent_type = agent_type.lower()
+    if agent_type not in registry:
+        raise ValueError(f"Unknown agent type '{agent_type}'. Available: {list(registry.keys())}")
+    AgentCls = registry[agent_type]
+    return AgentCls(
+        agent_config=agent_cfg,
+        runtime_config=runtime_cfg,
+    )
+def _wrap_native_agent(
+    native_agent: Any,
+    agent_cfg: Optional[Any],
+    runtime_cfg: Any,
+) -> Any:
+    """
+    Wrap a pre-built native SDK agent for evaluation.
+    Auto-detects the agent framework and returns the appropriate wrapper.
+    Args:
+        native_agent: Pre-built agent from a native SDK
+        agent_cfg: AgentConfig with benchmark MCP servers to add
+        runtime_cfg: RuntimeConfig with model settings, output paths, injections
+    Returns:
+        Wrapped agent instance
+    Raises:
+        ValueError: If framework cannot be detected or no wrapper is available
+    """
+    from utils.agent_wrapper import detect_native_framework
+    # Detect framework
+    framework = detect_native_framework(native_agent)
+    if framework is None:
+        raise ValueError(
+            f"Could not detect framework for agent of type {type(native_agent).__name__}. "
+            f"Supported native agent types: OpenAI SDK Agent, LangChain Agent, "
+            f"Claude SDK Client, Google ADK Agent, PocketFlow NativeMCPReactAgent."
+        )
+    # Get the appropriate wrapper
+    if framework == "openaisdk":
+        if _OpenAISDKNativeWrapper is None:
+            raise ValueError(
+                "OpenAI SDK native wrapper is not available. "
+                "Please ensure 'agents' package is installed."
+            )
+        return _OpenAISDKNativeWrapper(
+            native_agent=native_agent,
+            agent_config=agent_cfg,
+            runtime_config=runtime_cfg,
+        )
+    elif framework == "langchain":
+        # TODO: Implement LangChainNativeWrapper
+        raise NotImplementedError(
+            f"Native agent wrapper for '{framework}' is not yet implemented. "
+            f"Currently supported: openaisdk, pocketflow"
+        )
+    elif framework == "claudesdk":
+        # TODO: Implement ClaudeSDKNativeWrapper
+        raise NotImplementedError(
+            f"Native agent wrapper for '{framework}' is not yet implemented. "
+            f"Currently supported: openaisdk, pocketflow"
+        )
+    elif framework == "googleadk":
+        # TODO: Implement GoogleADKNativeWrapper
+        raise NotImplementedError(
+            f"Native agent wrapper for '{framework}' is not yet implemented. "
+            f"Currently supported: openaisdk, pocketflow"
+        )
+    elif framework == "pocketflow":
+        if _MCPReactAgentNativeWrapper is None:
+            raise ValueError(
+                "PocketFlow native wrapper is not available. "
+                "Please ensure 'pocketflow' package is installed."
+            )
+        return _MCPReactAgentNativeWrapper(
+            native_agent=native_agent,
+            agent_config=agent_cfg,
+            runtime_config=runtime_cfg,
+        )
+    else:
+        raise ValueError(f"No wrapper available for framework '{framework}'.")
+def get_agent_choices() -> list[str]:
+    """Get sorted list of available agent types."""
+    _ensure_imports()
+    return sorted(_get_agent_registry().keys())

utils/agent_wrapper.py ADDED Viewed

@@ -0,0 +1,189 @@
+"""
+Native Agent Detection Utilities
+This module provides helper functions for detecting the framework of
+pre-built native agents. The actual wrapper classes are located in
+their respective agent folders (e.g., agent/openaisdk/src/native_wrapper.py).
+Usage:
+    from utils.agent_wrapper import detect_native_framework
+    native_agent = ...  # User's pre-built agent
+    framework = detect_native_framework(native_agent)
+    # Returns: "openaisdk", "langchain", "claudesdk", "googleadk", or None
+"""
+from typing import Any, Optional
+def is_openai_sdk_native_agent(agent: Any) -> bool:
+    """
+    Detect if agent is a native OpenAI SDK Agent.
+    Args:
+        agent: Object to check
+    Returns:
+        True if this is an OpenAI Agents SDK agent
+    """
+    # Check for OpenAI Agents SDK (from 'agents' package)
+    try:
+        from agents import Agent as OpenAIAgent
+        if isinstance(agent, OpenAIAgent):
+            return True
+    except ImportError:
+        pass
+    # Duck-type check: OpenAI SDK agents have these specific attributes
+    return (
+        hasattr(agent, 'name') and
+        hasattr(agent, 'instructions') and
+        hasattr(agent, 'model') and
+        hasattr(agent, 'mcp_servers') and
+        hasattr(agent, 'model_settings') and
+        hasattr(agent, 'clone')
+    )
+def is_langchain_native_agent(agent: Any) -> bool:
+    """
+    Detect if agent is a native LangChain agent/graph.
+    Args:
+        agent: Object to check
+    Returns:
+        True if this is a LangChain agent
+    """
+    # Check for LangChain CompiledGraph (from create_agent)
+    try:
+        from langgraph.graph.state import CompiledGraph, CompiledStateGraph
+        if isinstance(agent, (CompiledGraph, CompiledStateGraph)):
+            return True
+    except ImportError:
+        pass
+    # Check for legacy AgentExecutor
+    try:
+        from langchain.agents import AgentExecutor
+        if isinstance(agent, AgentExecutor):
+            return True
+    except ImportError:
+        pass
+    # Duck-type check
+    return (
+        hasattr(agent, 'invoke') and
+        hasattr(agent, 'ainvoke') and
+        (hasattr(agent, 'get_graph') or hasattr(agent, 'nodes'))
+    )
+def is_claude_sdk_native_agent(agent: Any) -> bool:
+    """
+    Detect if agent is a native Claude SDK agent.
+    Args:
+        agent: Object to check
+    Returns:
+        True if this is a Claude SDK agent
+    """
+    try:
+        from claude_code_sdk import Client
+        if isinstance(agent, Client):
+            return True
+    except ImportError:
+        pass
+    # Duck-type check
+    return (
+        hasattr(agent, 'query') and
+        hasattr(agent, 'receive_response') and
+        hasattr(agent, '_model')
+    )
+def is_google_adk_native_agent(agent: Any) -> bool:
+    """
+    Detect if agent is a native Google ADK agent.
+    Args:
+        agent: Object to check
+    Returns:
+        True if this is a Google ADK agent
+    """
+    try:
+        from google.adk.agents import Agent as GoogleAgent, LlmAgent
+        if isinstance(agent, (GoogleAgent, LlmAgent)):
+            return True
+    except ImportError:
+        pass
+    # Duck-type check
+    return (
+        hasattr(agent, 'model') and
+        hasattr(agent, 'instruction') and
+        hasattr(agent, 'tools') and
+        hasattr(type(agent), '__module__') and
+        type(agent).__module__.startswith('google.adk')
+    )
+def is_pocketflow_native_agent(agent: Any) -> bool:
+    """
+    Detect if agent is a native PocketFlow agent (NativeMCPReactAgent).
+    Args:
+        agent: Object to check
+    Returns:
+        True if this is a PocketFlow NativeMCPReactAgent
+    """
+    # Type check for NativeMCPReactAgent
+    try:
+        from agent.pocketflow import NativeMCPReactAgent
+        if isinstance(agent, NativeMCPReactAgent):
+            return True
+    except ImportError:
+        pass
+    # Duck-type check: NativeMCPReactAgent has these specific attributes
+    return (
+        hasattr(agent, 'mcp_servers') and
+        hasattr(agent, 'tool_to_server') and
+        hasattr(agent, 'all_tools') and
+        isinstance(getattr(agent, 'mcp_servers', None), dict) and
+        isinstance(getattr(agent, 'tool_to_server', None), dict) and
+        isinstance(getattr(agent, 'all_tools', None), list)
+    )
+def detect_native_framework(agent: Any) -> Optional[str]:
+    """
+    Detect which framework a native agent belongs to.
+    Args:
+        agent: A pre-built native SDK agent instance
+    Returns:
+        Framework name ("openaisdk", "langchain", "claudesdk", "googleadk", "pocketflow")
+        or None if not detected
+    """
+    detectors = [
+        ("openaisdk", is_openai_sdk_native_agent),
+        ("langchain", is_langchain_native_agent),
+        ("claudesdk", is_claude_sdk_native_agent),
+        ("googleadk", is_google_adk_native_agent),
+        ("pocketflow", is_pocketflow_native_agent),
+    ]
+    for framework, detector in detectors:
+        try:
+            if detector(agent):
+                return framework
+        except Exception:
+            continue
+    return None

utils/compose_utils.py ADDED Viewed

@@ -0,0 +1,135 @@
+import os
+import subprocess
+from pathlib import Path
+from typing import List, Optional, Union
+def get_project_name(env_name: str) -> Optional[str]:
+    """
+    Get the Docker compose project name for a given environment.
+    In pooled mode, the project name is passed via environment variable
+    like GMAIL_PROJECT_NAME, SLACK_PROJECT_NAME, etc.
+    Args:
+        env_name: Environment name (gmail, slack, atlassian, etc.)
+    Returns:
+        Project name if found, None otherwise
+    """
+    # Check for pool-provided project name (e.g., GMAIL_PROJECT_NAME)
+    env_var = f"{env_name.upper().replace('-', '_')}_PROJECT_NAME"
+    project_name = os.getenv(env_var, "")
+    if project_name:
+        return project_name
+    # Fallback to base project name
+    base_project = os.getenv("COMPOSE_PROJECT_NAME", "")
+    if base_project:
+        return f"{base_project}-{env_name}"
+    return None
+def get_project_args(env_name: str) -> List[str]:
+    """
+    Get docker compose project name arguments.
+    Args:
+        env_name: Environment name
+    Returns:
+        List like ["-p", "project_name"] or empty list
+    """
+    project_name = get_project_name(env_name)
+    if project_name:
+        return ["-p", project_name]
+    return []
+def run_compose(
+    env_name: str,
+    compose_file: Union[str, Path],
+    args: List[str],
+    cwd: Optional[Union[str, Path]] = None,
+    check: bool = True,
+    verbose: bool = True,
+) -> subprocess.CompletedProcess:
+    """
+    Run docker compose command with correct project name.
+    Args:
+        env_name: Environment name (gmail, slack, etc.)
+        compose_file: Path to docker-compose.yml
+        args: Additional arguments for docker compose
+        cwd: Working directory
+        check: Raise exception on non-zero exit
+        verbose: Print command before running
+    Returns:
+        CompletedProcess instance
+    """
+    project_args = get_project_args(env_name)
+    cmd = ["docker", "compose"] + project_args + ["-f", str(compose_file)] + args
+    if verbose:
+        print("$ " + " ".join(cmd))
+    return subprocess.run(cmd, cwd=cwd, check=check)
+def run_compose_exec(
+    env_name: str,
+    compose_file: Union[str, Path],
+    service: str,
+    command: List[str],
+    cwd: Optional[Union[str, Path]] = None,
+    check: bool = True,
+    verbose: bool = True,
+) -> subprocess.CompletedProcess:
+    """
+    Run command inside a docker compose service.
+    Args:
+        env_name: Environment name (gmail, slack, etc.)
+        compose_file: Path to docker-compose.yml
+        service: Service name to exec into
+        command: Command to run
+        cwd: Working directory
+        check: Raise exception on non-zero exit
+        verbose: Print command before running
+    Returns:
+        CompletedProcess instance
+    """
+    args = ["exec", "-T", service] + command
+    return run_compose(env_name, compose_file, args, cwd=cwd, check=check, verbose=verbose)
+def run_compose_cp(
+    env_name: str,
+    compose_file: Union[str, Path],
+    src: str,
+    dst: str,
+    cwd: Optional[Union[str, Path]] = None,
+    check: bool = True,
+    verbose: bool = True,
+) -> subprocess.CompletedProcess:
+    """
+    Copy files to/from a docker compose service.
+    Args:
+        env_name: Environment name (gmail, slack, etc.)
+        compose_file: Path to docker-compose.yml
+        src: Source path (local or service:path)
+        dst: Destination path (local or service:path)
+        cwd: Working directory
+        check: Raise exception on non-zero exit
+        verbose: Print command before running
+    Returns:
+        CompletedProcess instance
+    """
+    args = ["cp", src, dst]
+    return run_compose(env_name, compose_file, args, cwd=cwd, check=check, verbose=verbose)

utils/config.py ADDED Viewed

@@ -0,0 +1,77 @@
+import importlib.resources
+import os
+import sys
+from pathlib import Path
+def _find_project_root() -> Path:
+    # 1. Explicit override — set DTAP_ROOT when running from Docker / CI / installed wheel.
+    if env_root := os.environ.get("DTAP_ROOT"):
+        root = Path(env_root).resolve()
+        if str(root) not in sys.path:
+            sys.path.insert(0, str(root))
+        return root
+    # 2. Installed package: locate via the bundled dt_arena/config/env.yaml.
+    #    importlib.resources works whether the package is pip-installed or editable.
+    try:
+        ref = importlib.resources.files("dt_arena") / "config" / "env.yaml"
+        with importlib.resources.as_file(ref) as p:
+            # p = <prefix>/dt_arena/config/env.yaml  →  parents[2] = <prefix>
+            root = p.parents[2]
+            if str(root) not in sys.path:
+                sys.path.insert(0, str(root))
+            return root
+    except Exception:
+        pass
+    # 3. Source checkout: walk up until we find pyproject.toml.
+    for parent in Path(__file__).resolve().parents:
+        if (parent / "pyproject.toml").exists():
+            if str(parent) not in sys.path:
+                sys.path.insert(0, str(parent))
+            return parent
+    # 4. Last resort.
+    guess = Path(__file__).resolve().parents[1]
+    if str(guess) not in sys.path:
+        sys.path.insert(0, str(guess))
+    return guess
+PROJECT_ROOT = _find_project_root()
+# Configuration file paths (bundled as package-data in the wheel)
+ENV_CONFIG_PATH = PROJECT_ROOT / "dt_arena" / "config" / "env.yaml"
+MCP_CONFIG_PATH = PROJECT_ROOT / "dt_arena" / "config" / "mcp.yaml"
+INJECTION_MCP_CONFIG_PATH = PROJECT_ROOT / "dt_arena" / "config" / "injection_mcp.yaml"
+# Bundled benchmark task lists (benchmark/<domain>/{benign,direct,indirect}.jsonl)
+BENCHMARK_ROOT = PROJECT_ROOT / "benchmark"
+# Evaluation script path
+TASK_RUNNER_PATH = PROJECT_ROOT / "eval" / "task_runner.py"
+def resolve_benchmark_task_list(
+    domain: str | None = None,
+    task_type: str | None = None,
+    threat_model: str | None = None,
+) -> Path:
+    """Resolve the bundled benchmark JSONL/dir matching the given filters.
+    - No filters       → BENCHMARK_ROOT (all 14 domains × 3 task lists)
+    - domain only      → BENCHMARK_ROOT/<domain>/             (all 3 lists)
+    - +task_type=benign → BENCHMARK_ROOT/<domain>/benign.jsonl
+    - +threat_model    → BENCHMARK_ROOT/<domain>/<direct|indirect>.jsonl
+    """
+    if not domain:
+        return BENCHMARK_ROOT
+    domain_dir = BENCHMARK_ROOT / domain
+    if task_type == "benign":
+        return domain_dir / "benign.jsonl"
+    if threat_model in ("direct", "indirect"):
+        return domain_dir / f"{threat_model}.jsonl"
+    return domain_dir