PyPI - sondera-harness - Versions diffs - 0.6.2__py3-none-any.whl → 0.7.0__py3-none-any.whl - Mend

sondera-harness 0.6.2py3-none-any.whl → 0.7.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

sondera/__init__.py +35 -15
sondera/adk/plugin.py +7 -6
sondera/harness/cedar/harness.py +90 -19
sondera/langgraph/middleware.py +6 -5
sondera/strands/harness.py +5 -4
sondera/types.py +4 -36
sondera_harness-0.7.0.dist-info/METADATA +169 -0
{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/RECORD +12 -12
{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/WHEEL +1 -1
{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/entry_points.txt +1 -0
sondera_harness-0.6.2.dist-info/METADATA +0 -323
{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/licenses/LICENSE +0 -0
{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/top_level.txt +0 -0

sondera/__init__.py CHANGED Viewed

@@ -1,28 +1,44 @@
-"""Sondera SDK for Python - Agent governance and policy enforcement.
+"""Sondera Harness - Steer agents with rules, not prompts.
-This SDK provides tools for integrating AI agents with the Sondera Platform
-for policy enforcement, guardrails, and governance.
+Wrap your agent, write Cedar policies, ship with confidence. When a policy
+denies an action, the agent gets the reason why and adjusts. Agents self-correct
+instead of failing. This is steering, not just blocking.
-Main Components:
-    - Harness: Abstract base class for harness implementations
-    - RemoteHarness: Production harness connecting to Sondera Platform
-    - CedarPolicyEngine: Local policy-as-code engine using Cedar
+Same input, same verdict. Rules are deterministic, not probabilistic. Stop
+debugging prompts and start writing policies.
+Why Sondera Harness:
+    - Steer, don't just block: Denied actions include explanations
+    - Drop-in integration: Native middleware for LangGraph, ADK, Strands
+    - Full observability: Trajectories capture every action and decision
+    - Deterministic rules: Same input, same verdict, every time
+    - Ship faster: Reliability, safety, security, and compliance built in
+Harness Implementations:
+    - CedarPolicyHarness: Local evaluation, no network calls, no dependencies
+    - SonderaRemoteHarness: Team policies, dashboards, centralized audit logs
 Framework Integrations:
-    - sondera.langgraph: LangGraph/LangChain middleware
+    - sondera.langgraph: LangGraph middleware
     - sondera.adk: Google ADK plugin
-    - sondera.strands: Strands Agent SDK hook
+    - sondera.strands: Strands lifecycle hooks
 Example:
-    >>> from sondera import SonderaRemoteHarness, Agent
-    >>> harness = SonderaRemoteHarness(sondera_api_key="<YOUR_SONDERA_API_KEY>")
+    >>> from sondera import CedarPolicyHarness, Agent, Tool
+    >>> from sondera.harness.cedar.schema import agent_to_cedar_schema
+    >>>
     >>> agent = Agent(
     ...     id="my-agent",
-    ...     provider_id="langchain",
-    ...     name="My Agent",
+    ...     provider_id="local",
+    ...     name="My_Agent",
     ...     description="A helpful assistant",
-    ...     instruction="Be helpful and concise",
-    ...     tools=[],
+    ...     instruction="Help users with tasks",
+    ...     tools=[Tool(name="Bash", description="Run commands", parameters=[])],
+    ... )
+    >>> policy = "permit(principal, action, resource);"
+    >>> harness = CedarPolicyHarness(
+    ...     policy_set=policy,
+    ...     schema=agent_to_cedar_schema(agent),
     ... )
     >>> await harness.initialize(agent=agent)
 """
@@ -47,10 +63,12 @@ from sondera.types import (
     AdjudicatedStep,
     AdjudicatedTrajectory,
     Adjudication,
+    AdjudicationRecord,
     Agent,
     Content,
     Decision,
     Parameter,
+    PolicyAnnotation,
     PolicyEngineMode,
     PromptContent,
     Role,
@@ -93,6 +111,8 @@ __all__ = [
     "Adjudication",
     "AdjudicatedStep",
     "AdjudicatedTrajectory",
+    "AdjudicationRecord",
+    "PolicyAnnotation",
     "Decision",
     # Exceptions
     "SonderaError",

sondera/adk/plugin.py CHANGED Viewed

@@ -23,6 +23,7 @@ from google.genai import types as genai_types
 from sondera.adk.analyze import format
 from sondera.harness import Harness
 from sondera.types import (
+    Decision,
     PromptContent,
     Role,
     Stage,
@@ -64,7 +65,7 @@ class SonderaHarnessPlugin(BasePlugin):
         plugin = SonderaHarnessPlugin(harness=harness)
         # Create agent and runner with the plugin
-        agent = Agent(name="my-agent", model="gemini-2.0-flash", ...)
+        agent = Agent(name="my-agent", model="gemini-2.5-flash", ...)
         runner = Runner(
             agent=agent,
             app_name="my-app",
@@ -135,7 +136,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] User message adjudication for trajectory {self._harness.trajectory_id}"
         )
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return genai_types.Content(
                 parts=[genai_types.Part(text=adjudication.reason)]
             )
@@ -212,7 +213,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] Before model adjudication for trajectory {self._harness.trajectory_id}"
         )
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return LlmResponse(
                 content=genai_types.Content(
                     parts=[genai_types.Part(text=adjudication.reason)]
@@ -254,7 +255,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] After model adjudication for trajectory {self._harness.trajectory_id}"
         )
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return LlmResponse(
                 content=genai_types.Content(
                     parts=[genai_types.Part(text=adjudication.reason)]
@@ -296,7 +297,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] Before tool adjudication for trajectory {self._harness.trajectory_id}"
         )
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return {"error": f"Tool blocked: {adjudication.reason}"}
         return None
@@ -332,7 +333,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] After tool adjudication for trajectory {self._harness.trajectory_id}"
         )
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return {"error": f"Tool result blocked: {adjudication.reason}"}
         return None

sondera/harness/cedar/harness.py CHANGED Viewed

@@ -23,6 +23,7 @@ from sondera.types import (
     Agent,
     Content,
     Decision,
+    PolicyAnnotation,
     PromptContent,
     Role,
     Stage,
@@ -69,6 +70,7 @@ class CedarPolicyHarness(AbstractHarness):
         *,
         policy_set: PolicySet | str,
         schema: CedarSchema,
+        agent: Agent | None = None,
         logger: logging.Logger | None = None,
     ):
         """Initialize the Cedar policy engine.
@@ -77,12 +79,13 @@ class CedarPolicyHarness(AbstractHarness):
             policy_set: Cedar policies to evaluate. Can be a PolicySet instance
                 or Cedar policy text. Required.
             schema: Cedar schema generated from agent_to_cedar_schema(). Required.
+            agent: The agent to govern. Required for adjudication.
             logger: Logger instance.
         Raises:
             ValueError: If policy_set or schema is not provided.
         """
-        self._agent: Agent | None = None
+        self._agent: Agent | None = agent
         self._trajectory_id: str | None = None
         self._trajectory_step_count: int = 0
         self._logger = logger or _LOGGER
@@ -101,6 +104,16 @@ class CedarPolicyHarness(AbstractHarness):
             self._policy_set = PolicySet(policy_set)
         else:
             self._policy_set = policy_set
+        for policy in self._policy_set.policies():
+            annotations = policy.annotations()
+            if "escalate" in annotations and str(policy.effect()) != "Forbid":
+                policy_id = annotations.get("id", policy.id())
+                raise ValueError(
+                    f"Policy '{policy_id}' has @escalate but is not a forbid policy. "
+                    "@escalate is only valid on forbid policies."
+                )
         # Extract namespace name from schema
         namespaces = list(schema.root.keys())
         if namespaces:
@@ -110,6 +123,8 @@ class CedarPolicyHarness(AbstractHarness):
             raise ValueError("Schema must have at least one namespace")
         # Authorizer will be initialized with entities when agent is set
         self._authorizer: Authorizer | None = None
+        # Cache for pre-parsed tool response schemas (tool_name -> parsed schema dict)
+        self._tool_response_schemas: dict[str, dict[str, object]] = {}
     def _build_authorizer(self) -> Authorizer:
         """Build the Cedar authorizer with current entities."""
@@ -128,8 +143,9 @@ class CedarPolicyHarness(AbstractHarness):
         if self._agent:
             agent_uid = EntityUid(f"{self._namespace}::Agent", self._agent.id)
-            # Add tool entities from agent's tools
+            # Add tool entities from agent's tools and pre-parse response schemas
             tool_entities: list[EntityUid] = []
+            self._tool_response_schemas = {}
             for tool in self._agent.tools:
                 tool_id = tool.id or tool.name
                 tool_uid = EntityUid(f"{self._namespace}::Tool", tool_id)
@@ -142,6 +158,11 @@ class CedarPolicyHarness(AbstractHarness):
                 )
                 tool_entities.append(tool_uid)
                 entities.append(tool_entity)
+                # Pre-parse response JSON schema for use in _tool_response
+                if tool.response_json_schema:
+                    self._tool_response_schemas[tool.name] = json.loads(
+                        tool.response_json_schema
+                    )
             agent_entity = Entity(
                 agent_uid,
@@ -252,11 +273,47 @@ class CedarPolicyHarness(AbstractHarness):
         assert request is not None, "Unexpected none request"
         response = self._authorizer.is_authorized(request, self._policy_set)
         if str(response.decision) == "Allow":
-            reason = f"Allowed by policies: {response.reason}"
-            return Adjudication(decision=Decision.ALLOW, reason=reason)
+            return Adjudication(
+                decision=Decision.ALLOW,
+                reason=f"Allowed by policies: {response.reason}",
+            )
+        annotations: list[PolicyAnnotation] = []
+        hard_deny_ids = []
+        for internal_id in response.reason:
+            policy = self._policy_set.policy(internal_id)
+            if policy is None:
+                raise RuntimeError(f"Policy '{internal_id}' not found in policy set")
+            policy_annotations = policy.annotations()
+            if "escalate" not in policy_annotations:
+                hard_deny_ids.append(internal_id)
+            else:
+                custom = {
+                    k: v
+                    for k, v in policy_annotations.items()
+                    if k not in ("id", "reason", "escalate")
+                }
+                annotations.append(
+                    PolicyAnnotation(
+                        id=policy_annotations.get("id", internal_id),
+                        description=policy_annotations.get("reason", ""),
+                        escalate=True,
+                        escalate_arg=policy_annotations["escalate"],
+                        custom=custom,
+                    )
+                )
+        if not hard_deny_ids and annotations:
+            return Adjudication(
+                decision=Decision.ESCALATE,
+                reason=f"Escalated by policies: {response.reason}",
+                annotations=annotations,
+            )
         else:
-            reason = f"Denied by policies: {response.reason}"
-            return Adjudication(decision=Decision.DENY, reason=reason)
+            return Adjudication(
+                decision=Decision.DENY,
+                reason=f"Denied by policies: {hard_deny_ids}",
+            )
     def _message_request(
         self,
@@ -311,11 +368,17 @@ class CedarPolicyHarness(AbstractHarness):
         action_name = tool_id.replace(" ", "_").replace("-", "_")
         action_uid = EntityUid(f"{self._namespace}::Action", action_name)
-        context = Context(
-            {"parameters_json": json.dumps(content.args), "parameters": content.args},
-            schema=self._schema,
-            action=action_uid,
-        )
+        # Build context - only include typed parameters if schema defines them
+        context_data: dict[str, object] = {
+            "parameters_json": json.dumps(content.args),
+        }
+        # Check if tool has typed parameters schema
+        if self._agent:
+            tool = next((t for t in self._agent.tools if t.name == tool_id), None)
+            if tool and tool.parameters_json_schema:
+                context_data["parameters"] = content.args
+        context = Context(context_data, schema=self._schema, action=action_uid)
         return Request(
             principal=agent_uid,
@@ -345,14 +408,22 @@ class CedarPolicyHarness(AbstractHarness):
         action_name = tool_id.replace(" ", "_").replace("-", "_")
         action_uid = EntityUid(f"{self._namespace}::Action", action_name)
-        context = Context(
-            {
-                "response_json": json.dumps(content.response, default=str),
-                "response": content.response,
-            },
-            schema=self._schema,
-            action=action_uid,
-        )
+        # Build context - only include typed response if schema defines it
+        context_data: dict[str, object] = {
+            "response_json": json.dumps(content.response, default=str),
+        }
+        # Check if tool has typed response schema (pre-parsed in _build_authorizer)
+        if tool_id in self._tool_response_schemas:
+            response_schema = self._tool_response_schemas[tool_id]
+            # Check if the response schema is a simple type (not object/Record)
+            # Simple types get wrapped in {"value": ...} by the schema generator
+            if response_schema.get("type") not in ["object", "OBJECT"]:
+                # Simple type was wrapped in {"value": ...} by schema generator
+                context_data["response"] = {"value": content.response}
+            else:
+                context_data["response"] = content.response
+        context = Context(context_data, schema=self._schema, action=action_uid)
         return Request(
             principal=agent_uid,

sondera/langgraph/middleware.py CHANGED Viewed

@@ -28,6 +28,7 @@ except ImportError:
 from sondera.harness import Harness
 from sondera.types import (
+    Decision,
     PromptContent,
     Role,
     Stage,
@@ -173,7 +174,7 @@ class SonderaHarnessMiddleware(AgentMiddleware[State]):
             f"[SonderaHarness] Before Agent Adjudication for trajectory {self._harness.trajectory_id}"
         )
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             self._log.warning(
                 f"[SonderaHarness] Policy violation detected (strategy={self._strategy.value}): "
                 f"{adjudication.reason}"
@@ -226,7 +227,7 @@ class SonderaHarnessMiddleware(AgentMiddleware[State]):
                 PromptContent(text=_message_to_text(request.messages[-1])),
             )
-            if pre_adjudication.is_denied:
+            if pre_adjudication.decision == Decision.DENY:
                 _LOGGER.warning(
                     f"[SonderaHarness] Pre-model policy violation (strategy={self._strategy.value}): "
                     f"{pre_adjudication.reason}"
@@ -259,7 +260,7 @@ class SonderaHarnessMiddleware(AgentMiddleware[State]):
                 self._log.info(
                     f"[SonderaHarness] Post-model Adjudication for trajectory {self._harness.trajectory_id}"
                 )
-                if post_adjudication.is_denied:
+                if post_adjudication.decision == Decision.DENY:
                     self._log.warning(
                         f"[SonderaHarness] Post-model policy violation (strategy={self._strategy.value}): "
                         f"{post_adjudication.reason}"
@@ -324,7 +325,7 @@ class SonderaHarnessMiddleware(AgentMiddleware[State]):
             f"[SonderaHarness] Before Tool Adjudication for trajectory {self._harness.trajectory_id}"
         )
-        if pre_adjudication.is_denied:
+        if pre_adjudication.decision == Decision.DENY:
             self._log.warning(
                 f"[SonderaHarness] Pre-tool policy violation for {tool_name} "
                 f"(strategy={self._strategy.value}): {pre_adjudication.reason}"
@@ -367,7 +368,7 @@ class SonderaHarnessMiddleware(AgentMiddleware[State]):
                 f"[SonderaHarness] After Tool Adjudication for trajectory {self._harness.trajectory_id}"
             )
-            if post_adjudication.is_denied:
+            if post_adjudication.decision == Decision.DENY:
                 self._log.warning(
                     f"[SonderaHarness] Post-tool policy violation for {tool_name} "
                     f"(strategy={self._strategy.value}): {post_adjudication.reason}"

sondera/strands/harness.py CHANGED Viewed

@@ -16,6 +16,7 @@ from strands.hooks.events import (
 from sondera.harness import Harness
 from sondera.strands.analyze import format_strands_agent
 from sondera.types import (
+    Decision,
     PromptContent,
     Role,
     Stage,
@@ -163,7 +164,7 @@ class SonderaHarnessHook(HookProvider):
                 f"[SonderaHarness] Before model adjudication for trajectory {self._harness.trajectory_id}"
             )
-            if adjudication.is_denied:
+            if adjudication.decision == Decision.DENY:
                 self._log.warning(
                     f"[SonderaHarness] Model call blocked: {adjudication.reason}"
                 )
@@ -192,7 +193,7 @@ class SonderaHarnessHook(HookProvider):
                 f"[SonderaHarness] After model adjudication for trajectory {self._harness.trajectory_id}"
             )
-            if adjudication.is_denied:
+            if adjudication.decision == Decision.DENY:
                 self._log.warning(
                     f"[SonderaHarness] Model response blocked: {adjudication.reason}"
                 )
@@ -231,7 +232,7 @@ class SonderaHarnessHook(HookProvider):
                 f"[SonderaHarness] Before tool adjudication for trajectory {self._harness.trajectory_id}"
             )
-            if adjudication.is_denied:
+            if adjudication.decision == Decision.DENY:
                 # Cancel the tool call using Strands' cancel_tool mechanism
                 event.cancel_tool = f"Tool blocked by policy: {adjudication.reason}"
                 self._log.warning(
@@ -262,7 +263,7 @@ class SonderaHarnessHook(HookProvider):
                 f"[SonderaHarness] After tool adjudication for trajectory {self._harness.trajectory_id}"
             )
-            if adjudication.is_denied:
+            if adjudication.decision == Decision.DENY:
                 # Modify the result to indicate policy violation
                 event.result = {
                     "content": [

sondera/types.py CHANGED Viewed

@@ -238,6 +238,10 @@ class PolicyAnnotation(Model):
     """Unique identifier of the policy that produced this annotation."""
     description: str
     """Human-readable description of why this annotation was added."""
+    escalate: bool = False
+    """Whether this policy requires escalation to a human or other oracle to decide the final verdict."""
+    escalate_arg: str = ""
+    """The argument passed to @escalate, if any."""
     custom: dict[str, str] = Field(default_factory=dict)
     """Custom key-value metadata from the policy."""
@@ -254,21 +258,6 @@ class Adjudication(Model):
     annotations: list[PolicyAnnotation] = Field(default_factory=list)
     """Annotations from policy evaluations."""
-    @property
-    def is_denied(self) -> bool:
-        """Check if is denied."""
-        return self.decision == Decision.DENY
-    @property
-    def is_allowed(self) -> bool:
-        """Check if allowed."""
-        return self.decision == Decision.ALLOW
-    @property
-    def is_escalated(self) -> bool:
-        """Check if result requires escalation."""
-        return self.decision == Decision.ESCALATE
 class AdjudicatedStep(Model):
     """Result of the adjudicated input."""
@@ -282,27 +271,6 @@ class AdjudicatedStep(Model):
     guardrails: GuardrailContext | None = None
     """Guardrail check results for this step."""
-    @property
-    def is_denied(self) -> bool:
-        """Check if result is denied."""
-        return (
-            self.adjudication.decision == Decision.DENY
-            and self.mode == PolicyEngineMode.GOVERN
-        )
-    @property
-    def is_allowed(self) -> bool:
-        """Check if result is allowed."""
-        return self.adjudication.decision == Decision.ALLOW
-    @property
-    def is_escalated(self) -> bool:
-        """Check if result requires escalation."""
-        return (
-            self.adjudication.decision == Decision.ESCALATE
-            and self.mode == PolicyEngineMode.GOVERN
-        )
     @property
     def message(self) -> str:
         """Get the adjudication reason in a friendly format."""

sondera_harness-0.7.0.dist-info/METADATA ADDED Viewed

@@ -0,0 +1,169 @@
+Metadata-Version: 2.4
+Name: sondera-harness
+Version: 0.7.0
+Summary: Sondera Harness SDK for Python - Agent governance and policy enforcement
+Author-email: Sondera AI <sdk@sondera.ai>
+License-Expression: MIT
+Project-URL: Homepage, https://github.com/sondera-ai/harness-sdk-python
+Project-URL: Documentation, https://docs.sondera.ai
+Project-URL: Repository, https://github.com/sondera-ai/harness-sdk-python
+Project-URL: Issues, https://github.com/sondera-ai/harness-sdk-python/issues
+Project-URL: Changelog, https://github.com/sondera-ai/harness-sdk-python/blob/main/CHANGELOG.md
+Keywords: ai,agents,governance,policy,guardrails,llm,langchain,langgraph
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Security
+Classifier: Typing :: Typed
+Requires-Python: <3.15,>=3.12
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: cedar-python>=0.1.1
+Requires-Dist: click>=8.0.0
+Requires-Dist: click-default-group>=1.2.4
+Requires-Dist: grpcio>=1.76.0
+Requires-Dist: grpcio-tools>=1.76.0
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: pydantic>=2.12.0
+Requires-Dist: pydantic-settings>=2.12.0
+Requires-Dist: textual>=6.11.0
+Provides-Extra: adk
+Requires-Dist: google-adk>=1.22.0; extra == "adk"
+Provides-Extra: langgraph
+Requires-Dist: langchain>=1.2.0; extra == "langgraph"
+Requires-Dist: langgraph>=1.0.5; extra == "langgraph"
+Provides-Extra: strands
+Requires-Dist: strands-agents>=1.21.0; extra == "strands"
+Provides-Extra: all
+Requires-Dist: google-adk>=1.22.0; extra == "all"
+Requires-Dist: langchain>=1.2.0; extra == "all"
+Requires-Dist: langgraph>=1.0.5; extra == "all"
+Requires-Dist: strands-agents>=1.21.0; extra == "all"
+Dynamic: license-file
+<div align="center">
+  <h1>Sondera Harness</h1>
+  <p><strong>Deterministic guardrails for AI agents.</strong></p>
+  <p>Open-source. Works with LangGraph, ADK, Strands, or any custom agent.</p>
+  <p>
+    <a href="https://docs.sondera.ai/">Docs</a>
+    ·
+    <a href="https://docs.sondera.ai/quickstart/">Quickstart</a>
+    ·
+    <a href="https://github.com/sondera-ai/sondera-harness-python/tree/main/examples">Examples</a>
+    ·
+    <a href="https://join.slack.com/t/sonderacommunity/shared_invite/zt-3onw10qhj-5UNQ7EMuAbPk0nTwh_sNcw">Slack</a>
+  </p>
+  <p>
+    <a href="https://pypi.org/project/sondera-harness/"><img src="https://img.shields.io/pypi/v/sondera-harness.svg" alt="PyPI version"></a>
+    <a href="https://www.python.org/downloads/"><img src="https://img.shields.io/badge/python-3.12+-blue.svg" alt="Python 3.12+"></a>
+    <a href="LICENSE"><img src="https://img.shields.io/github/license/sondera-ai/sondera-harness-python.svg" alt="License: MIT"></a>
+  </p>
+</div>
+---
+## What is Sondera Harness?
+Sondera Harness evaluates [Cedar](https://www.cedarpolicy.com/) policies before your agent's actions execute. When a policy denies an action, the agent gets a reason why and can try a different approach. Same input, same verdict. Deterministic, not probabilistic.
+**Example policy:**
+```cedar
+forbid(principal, action, resource)
+when { context has parameters_json && context.parameters_json like "*rm -rf*" };
+```
+This policy stops your agent from running `rm -rf`, every time.
+## Quickstart
+> **Try it now:** [![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/sondera-ai/sondera-harness-python/blob/main/docs/src/notebooks/quickstart.ipynb) - no install required.
+### 1. Install
+```bash
+uv add "sondera-harness[langgraph]"   # or: pip install "sondera-harness[langgraph]"
+```
+Works with [LangChain/LangGraph](https://docs.sondera.ai/integrations/langgraph/), [Google ADK](https://docs.sondera.ai/integrations/adk/), [Strands](https://docs.sondera.ai/integrations/strands/), and [custom agents](https://docs.sondera.ai/integrations/custom/).
+### 2. Add to Your Agent (LangGraph)
+```python
+from langchain.agents import create_agent
+from sondera.harness import SonderaRemoteHarness
+from sondera.langgraph import SonderaHarnessMiddleware, Strategy, create_agent_from_langchain_tools
+# Analyze your tools and create agent metadata
+sondera_agent = create_agent_from_langchain_tools(
+    tools=my_tools,
+    agent_id="langchain-agent",
+    agent_name="My LangChain Agent",
+    agent_description="An agent that helps with tasks",
+)
+# Create harness with agent
+harness = SonderaRemoteHarness(agent=sondera_agent)
+# Create middleware
+middleware = SonderaHarnessMiddleware(
+    harness=harness,
+    strategy=Strategy.BLOCK,  # or Strategy.STEER
+)
+# Create agent with middleware
+agent = create_agent(
+    model=my_model,
+    tools=my_tools,
+    middleware=[middleware],
+)
+```
+> [!NOTE]
+> This example uses Sondera Platform ([free account](https://sondera.ai)), which also enables the TUI below. For local-only development, see [CedarPolicyHarness](https://docs.sondera.ai/integrations/custom/).
+### 3. See It in Action
+<div align="center">
+  <img src="docs/src/assets/sondera-tui.gif" alt="Sondera TUI" width="700" />
+</div>
+```bash
+uv run sondera   # or: sondera (if installed via pip)
+```
+## Why Sondera Harness?
+- **Steer, don't block:** Denied actions include a reason. Return it to the model, and it tries something else.
+- **Deterministic:** Stop debugging prompts. Rules are predictable.
+- **Drop-in integration:** Native middleware for LangGraph, Google ADK, and Strands.
+- **Full observability:** Every action, every decision, every reason. Audit-ready.
+## Documentation
+- [Quickstart](https://docs.sondera.ai/quickstart/)
+- [Writing Policies](https://docs.sondera.ai/writing-policies/)
+- [Integrations](https://docs.sondera.ai/integrations/)
+- [Reference](https://docs.sondera.ai/reference/)
+## Community
+- [Slack](https://join.slack.com/t/sonderacommunity/shared_invite/zt-3onw10qhj-5UNQ7EMuAbPk0nTwh_sNcw) for questions and feedback
+- [GitHub Issues](https://github.com/sondera-ai/sondera-harness-python/issues) for bugs
+- [Contributing](CONTRIBUTING.md) for development setup
+## License
+[MIT](LICENSE)

{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/RECORD RENAMED Viewed

@@ -1,17 +1,17 @@
-sondera/__init__.py,sha256=g6Ewr03q_2JZGIJ9APVs-6MLvZsAEtQJ2dcYEp4a6oc,2695
+sondera/__init__.py,sha256=0Z1R6ZkA5VSE_3ZCCgfeecm5nU6mFBdl4-18b8Nwt3Y,3558
 sondera/__main__.py,sha256=MNgWvrV4g4Ot653Ngi2D4cAOyRIG19qHAWLzQecsMdg,66
 sondera/cli.py,sha256=owchF-eA6kttYGTSsLl0B7XJMmn9O2n2LFjpfYQvznQ,494
 sondera/exceptions.py,sha256=vtuToFc5tSlzAyVYvayyOatKBcoenisDA1RN2yk9aSI,3584
 sondera/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 sondera/settings.py,sha256=bLB98vT75aXKh5ihYnCd0dTk1AdfUUaGuPkyzhcldE0,459
-sondera/types.py,sha256=3rG4aeVM_Pfrv83aGSwnpKPwQmh72O6eqYijZnhown8,10216
+sondera/types.py,sha256=4dnAqwUCYPsS6Tm6QchRsIQmuAyTcGnDnV2txewtg2I,9402
 sondera/adk/__init__.py,sha256=weoilnJyr8JNBv2HK6s3hhW-6rOBGBcNwwkKk1oHVFE,77
 sondera/adk/analyze.py,sha256=IurwCWPZlNbMkIwi3TGWUu4k-w_VmKCkAnVFbfipbxY,7974
-sondera/adk/plugin.py,sha256=HfVdbzp0bHc4YIs0MjNO-pwrMMex1AsKbQWoQNp7dmI,13047
+sondera/adk/plugin.py,sha256=U6bhPCawBOJBE802ECFEyVVUNn5qouMHnM-awDrfkLQ,13141
 sondera/harness/__init__.py,sha256=gK0rFEyixD9X67pFyWKQpcq_oZ6pep6up8K0Y-zvXUc,221
 sondera/harness/abc.py,sha256=hL77Rlzy1B-DjFexhskGm_9j5Sue-TaWdlSnjr-Al70,3548
 sondera/harness/cedar/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-sondera/harness/cedar/harness.py,sha256=mkskBjz4REVhV79r_zgrRBQjwGqbKom7NlpJr8aM0P8,12128
+sondera/harness/cedar/harness.py,sha256=ZTUa1TuzNBLESkLMZZu_jAVOnqMOYLGgD1RbylqbhMk,15597
 sondera/harness/cedar/schema.py,sha256=jDAGdLciK3fQ-7yKrqeFkU4YHQg-KwWvTi1leEuYVxo,7766
 sondera/harness/sondera/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 sondera/harness/sondera/_grpc.py,sha256=vLVJwJBtDwX-p8qZPfShpChKxdP3lSFoTV6QiL4dh7s,14708
@@ -20,7 +20,7 @@ sondera/langgraph/__init__.py,sha256=F2eNoPp944tvGbf9a4etNh3-o49WOPrcs9EFVT0OYYw
 sondera/langgraph/analyze.py,sha256=1n-1yKr7-kfdFNSBe9JozZ08oJeYvPqKkFttcQ4MXHI,20514
 sondera/langgraph/exceptions.py,sha256=BRdh1gpELb3_WZ9Bh_UUwZsIOcIPrpQCD-7LnnAGeV4,501
 sondera/langgraph/graph.py,sha256=hIF5q_Fbq4E16CDqDksLrCETTEORgKiqPlpqIB5F-Rc,6898
-sondera/langgraph/middleware.py,sha256=q29nATkKlBiPs0bWuDpABkWccgYIBB6voLUnbQi1x0c,16816
+sondera/langgraph/middleware.py,sha256=J3bUmW1Aor6q2DImqPSmrmX2yxDKfcFs9v35XEi66Cs,16910
 sondera/proto/google/protobuf/any_pb2.py,sha256=W6duyvBgx7RvePFCrJSxWagU7ddj1W9l8CsjarJJPOs,1703
 sondera/proto/google/protobuf/any_pb2.pyi,sha256=SSPWnvAxd1bX9FYZmLrZVmQ-29GsAE5bmgBcJlMaVfw,587
 sondera/proto/google/protobuf/any_pb2_grpc.py,sha256=OVxvViTmAZH370lIhyTfRI29xiCur_xZyAI4VJY1qJg,899
@@ -52,7 +52,7 @@ sondera/proto/sondera/harness/v1/harness_pb2.pyi,sha256=NiQNpGD9ICD41I9w11yJJwec
 sondera/proto/sondera/harness/v1/harness_pb2_grpc.py,sha256=h5y_HwqqzzpjaqQuaUt5ICy-2B2UJ-jea0gYfXsB6Ig,21845
 sondera/strands/__init__.py,sha256=Tg0l3ERb_uusENXZv9mtZz5tJ-TLK7K8zG2KsKHmUn4,124
 sondera/strands/analyze.py,sha256=yT9_DGieoMIxy5DGma9EdeAl2FVnkFQkdqK8waTphB8,8007
-sondera/strands/harness.py,sha256=CazoBF-grM2D2Ipj68QdYW4BmWw9fdLVy3_ntcylXvs,13100
+sondera/strands/harness.py,sha256=helyy9AaaO7dVas2UcC0SfTWiylsaNXl_j7PZx0LVmY,13178
 sondera/tui/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 sondera/tui/app.py,sha256=I6Pcyatr5pPqjYwmBZrdTSFY11oR9sWmG90gVbN9pqo,11521
 sondera/tui/app.tcss,sha256=AE239R11BCuhKj8ZxvMYXduZw_-H11I7UkTDh72qdME,6562
@@ -70,9 +70,9 @@ sondera/tui/widgets/tool_card.py,sha256=3yNQcc_umcan4V1S5GiEKd7l4YA_atibwn3HF0n6
 sondera/tui/widgets/violation_panel.py,sha256=fowe4KWb13NXLX0_RAxEPdRqYeyGzlImpRs4_L9y1zI,2933
 sondera/tui/widgets/violations_list.py,sha256=86qICAsQOC6kjQLs64WxK7u59vEJ8kvfiToLVlzFyHM,2866
 sondera/tui/widgets/violations_summary.py,sha256=e2LwqlB1aS8sZ2gEC5clk7siA16NSgePU1mpv8T1iTc,4473
-sondera_harness-0.6.2.dist-info/licenses/LICENSE,sha256=DmSfauhgrslTxZOcDAmcYqsqsKBkMqVh3PYdjPghNbU,1070
-sondera_harness-0.6.2.dist-info/METADATA,sha256=rLrBiEELg0dIbXRdpJP_CFid6KBKIO79H-lrQXeY2K8,8899
-sondera_harness-0.6.2.dist-info/WHEEL,sha256=qELbo2s1Yzl39ZmrAibXA2jjPLUYfnVhUNTlyF1rq0Y,92
-sondera_harness-0.6.2.dist-info/entry_points.txt,sha256=e9aHpIPUUlP5MPKORk7k6ekUfZLN3RyO1MEJa-nCzK4,44
-sondera_harness-0.6.2.dist-info/top_level.txt,sha256=BR0X8Gq9CCpwbQg5evpQfy5zwp9fTuGnlJhXSNqQ_hA,8
-sondera_harness-0.6.2.dist-info/RECORD,,
+sondera_harness-0.7.0.dist-info/licenses/LICENSE,sha256=DmSfauhgrslTxZOcDAmcYqsqsKBkMqVh3PYdjPghNbU,1070
+sondera_harness-0.7.0.dist-info/METADATA,sha256=mHC8kmhaMjapN72zLii3afE304_Bd-_LLHvwZEl77K0,6361
+sondera_harness-0.7.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+sondera_harness-0.7.0.dist-info/entry_points.txt,sha256=5cLgW0-GzEwNnQjXIhGT21iFprQb1lftBaFJjC4IrgE,78
+sondera_harness-0.7.0.dist-info/top_level.txt,sha256=BR0X8Gq9CCpwbQg5evpQfy5zwp9fTuGnlJhXSNqQ_hA,8
+sondera_harness-0.7.0.dist-info/RECORD,,

{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/WHEEL RENAMED Viewed

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (80.10.1)
+Generator: setuptools (80.10.2)
 Root-Is-Purelib: true
 Tag: py3-none-any

{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/entry_points.txt RENAMED Viewed

@@ -1,2 +1,3 @@
 [console_scripts]
 sondera = sondera.cli:cli
+sondera-harness = sondera.cli:cli

sondera_harness-0.6.2.dist-info/METADATA DELETED Viewed

@@ -1,323 +0,0 @@
-Metadata-Version: 2.4
-Name: sondera-harness
-Version: 0.6.2
-Summary: Sondera Harness SDK for Python - Agent governance and policy enforcement
-Author-email: Sondera AI <sdk@sondera.ai>
-License-Expression: MIT
-Project-URL: Homepage, https://github.com/sondera-ai/harness-sdk-python
-Project-URL: Documentation, https://docs.sondera.ai
-Project-URL: Repository, https://github.com/sondera-ai/harness-sdk-python
-Project-URL: Issues, https://github.com/sondera-ai/harness-sdk-python/issues
-Project-URL: Changelog, https://github.com/sondera-ai/harness-sdk-python/blob/main/CHANGELOG.md
-Keywords: ai,agents,governance,policy,guardrails,llm,langchain,langgraph
-Classifier: Development Status :: 4 - Beta
-Classifier: Intended Audience :: Developers
-Classifier: Operating System :: OS Independent
-Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.12
-Classifier: Programming Language :: Python :: 3.13
-Classifier: Programming Language :: Python :: 3.14
-Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
-Classifier: Topic :: Security
-Classifier: Typing :: Typed
-Requires-Python: <3.15,>=3.12
-Description-Content-Type: text/markdown
-License-File: LICENSE
-Requires-Dist: cedar-python>=0.1.1
-Requires-Dist: click>=8.0.0
-Requires-Dist: click-default-group>=1.2.4
-Requires-Dist: grpcio>=1.76.0
-Requires-Dist: grpcio-tools>=1.76.0
-Requires-Dist: httpx>=0.27.0
-Requires-Dist: pydantic>=2.12.0
-Requires-Dist: pydantic-settings>=2.12.0
-Requires-Dist: textual>=6.11.0
-Provides-Extra: adk
-Requires-Dist: google-adk>=1.22.0; extra == "adk"
-Provides-Extra: langgraph
-Requires-Dist: langchain>=1.2.0; extra == "langgraph"
-Requires-Dist: langgraph>=1.0.5; extra == "langgraph"
-Provides-Extra: strands
-Requires-Dist: strands-agents>=1.21.0; extra == "strands"
-Provides-Extra: all
-Requires-Dist: google-adk>=1.22.0; extra == "all"
-Requires-Dist: langchain>=1.2.0; extra == "all"
-Requires-Dist: langgraph>=1.0.5; extra == "all"
-Requires-Dist: strands-agents>=1.21.0; extra == "all"
-Dynamic: license-file
-# Sondera Harness SDK for Python
-[![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.python.org/downloads/)
-[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
->
-> One step at a time. One action at a time. One trajectory at a time.
->
-AI agents systems operate beyond traditional security boundaries, making autonomous decisions, calling tools, and accessing resources based on context that changes with every execution. Sondera SDK provides runtime governance for these agentic systems, answering not just "can this agent do X?" but "should it do X here, now, with this data?" Built for developers deploying agents through LangGraph, Google ADK, and Strands, Sondera enables real-time trajectory tracking, policy-as-code enforcement via Cedar, and behavioral adjudication so you can ship agents with confidence.
-## Features
-- **Managed harness-as-a-service** with the Sondera Harness for enterprise policy governance and guardrails
-- **Local policy-as-code** using Cedar policy language in the Cedar Policy Harness
-- **Real-time trajectory** observability, adjudication, and steering
-- **Scaffold integrations** for LangGraph, Google ADK, and Strands
-- **CLI and TUI** for monitoring agent behavior
-## Installation
-```bash
-uv add sondera-harness
-```
-### Optional Dependencies
-Install extras for specific framework integrations:
-```bash
-# Google ADK support
-uv add sondera-harness --extra adk
-# LangGraph support
-uv add sondera-harness --extra langgraph
-# Strands support
-uv add sondera-harness --extra strands
-# All integrations
-uv add sondera-harness --all-extras
-```
-## Quick Start
-### Configuration
-Set your API credentials via environment variables:
-```bash
-export SONDERA_HARNESS_ENDPOINT="your-harness.sondera.ai:443"
-export SONDERA_API_TOKEN="<YOUR_SONDERA_API_KEY>"
-```
-Or create a `.env` file or `~/.sondera/env`:
-```env
-SONDERA_HARNESS_ENDPOINT=your-harness.sondera.ai:443
-SONDERA_API_TOKEN=<YOUR_SONDERA_API_KEY>
-```
-## Scaffold Integrations
-### LangGraph / LangChain
-```python
-from langchain.agents import create_agent
-from sondera.harness import SonderaRemoteHarness
-from sondera.langgraph import SonderaHarnessMiddleware, Strategy, create_agent_from_langchain_tools
-# Analyze your tools and create agent metadata
-sondera_agent = create_agent_from_langchain_tools(
-    tools=my_tools,
-    agent_id="langchain-agent",
-    agent_name="My LangChain Agent",
-    agent_description="An agent that helps with tasks",
-)
-# Create harness with agent
-harness = SonderaRemoteHarness(agent=sondera_agent)
-# Create middleware
-middleware = SonderaHarnessMiddleware(
-    harness=harness,
-    strategy=Strategy.BLOCK,  # or Strategy.STEER
-)
-# Create agent with middleware
-agent = create_agent(
-    model=my_model,
-    tools=my_tools,
-    middleware=[middleware],
-)
-```
-### Google ADK
-```python
-from google.adk.agents import Agent
-from google.adk.runners import Runner
-from sondera.harness import SonderaRemoteHarness
-from sondera.adk import SonderaHarnessPlugin
-# Create harness
-harness = SonderaRemoteHarness(
-    sondera_api_key="<YOUR_SONDERA_API_KEY>",
-)
-# Create plugin
-plugin = SonderaHarnessPlugin(harness=harness)
-# Create agent
-agent = Agent(
-    name="my-adk-agent",
-    model="gemini-2.0-flash",
-    instruction="Be helpful and safe",
-    tools=[...],
-)
-# Create runner with plugin
-runner = Runner(
-    agent=agent,
-    app_name="my-app",
-    plugins=[plugin],
-)
-```
-### Strands Agents
-```python
-from strands import Agent
-from sondera.harness import SonderaRemoteHarness
-from sondera.strands import SonderaHarnessHook
-# Create harness
-harness = SonderaRemoteHarness(
-    sondera_api_key="<YOUR_SONDERA_API_KEY>",
-)
-# Create hook
-hook = SonderaHarnessHook(harness=harness)
-# Create agent with hook
-agent = Agent(
-    system_prompt="You are a helpful assistant",
-    model="anthropic.claude-3-5-sonnet-20241022-v2:0",
-    hooks=[hook],
-)
-# Run agent (hooks fire automatically)
-response = agent("What is 5 + 3?")
-```
-### Custom Scaffold
-```python
-from sondera import SonderaRemoteHarness, Agent, PromptContent, Role, Stage
-# Create a harness instance
-harness = SonderaRemoteHarness(
-    sondera_harness_endpoint="localhost:50051",
-    sondera_api_key="<YOUR_SONDERA_API_KEY>",
-    sondera_harness_client_secure=True,  # Enable TLS for production
-)
-# Define your agent
-agent = Agent(
-    id="my-agent",
-    provider_id="custom",
-    name="My Assistant",
-    description="A helpful AI assistant",
-    instruction="Be helpful, accurate, and safe",
-    tools=[],
-)
-# Initialize a trajectory
-await harness.initialize(agent=agent)
-# Adjudicate user input
-adjudication = await harness.adjudicate(
-    Stage.PRE_MODEL,
-    Role.USER,
-    PromptContent(text="Hello, can you help me?"),
-)
-if adjudication.is_allowed:
-    # Proceed with agent logic
-    pass
-elif adjudication.is_denied:
-    print(f"Request blocked: {adjudication.reason}")
-# Finalize the trajectory
-await harness.finalize()
-```
-## Remote and Local Harnesses
-### Cedar Policy Harness (Local Only)
-For a local harness deployment, you can use the `CedarPolicyHarness` to evaluate Cedar policies:
-```python
-from sondera.harness import CedarPolicyHarness
-from sondera import Agent
-# Define Cedar policies
-policies = '''
-@id("forbid-dangerous-bash")
-forbid(
-  principal,
-  action == Coding_Agent::Action::"Bash",
-  resource
-)
-when {
-  context has parameters &&
-  (context.parameters.command like "*rm -rf /*" ||
-   context.parameters.command like "*mkfs*" ||
-   context.parameters.command like "*dd if=/dev/zero*" ||
-   context.parameters.command like "*> /dev/sda*")
-};
-'''
-# Create local policy engine
-harness = CedarPolicyHarness(
-    policy_set=policies,
-    agent=my_agent,
-)
-await harness.initialize()
-# Use same adjudication API as RemoteHarness
-```
-## CLI & TUI
-Launch the Sondera TUI for monitoring (note, requires a Sondera account and API key):
-```bash
-sondera
-```
-The TUI provides:
-- Real-time agent and trajectory overview
-- Adjudication history and policy violations
-- Agent details and tool inspection
-## Examples
-See the [examples/](examples/) directory for complete demos:
-- **LangGraph**: Investment chatbot with policy enforcement
-- **ADK**: Payment and healthcare agents
-- **Strands**: Various agent implementations
-## Environment Variables
-| Variable | Description | Default |
-|----------|-------------|---------|
-| `SONDERA_HARNESS_ENDPOINT` | Harness service endpoint | `localhost:50051` |
-| `SONDERA_API_TOKEN` | JWT authentication token | Required for remote |
-## Requirements
-- Python 3.12 or higher (up to 3.14)
-## Security
-See [SECURITY.md](SECURITY.md) for security best practices and vulnerability reporting.
-## Contributing
-See [CONTRIBUTING.md](CONTRIBUTING.md) for contribution guidelines.
-## License
-MIT - see [LICENSE](LICENSE) for details.

{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

{sondera_harness-0.6.2.dist-info → sondera_harness-0.7.0.dist-info}/top_level.txt RENAMED Viewed

File without changes

sondera-harness 0.6.2__py3-none-any.whl → 0.7.0__py3-none-any.whl

sondera-harness 0.6.2py3-none-any.whl → 0.7.0py3-none-any.whl