sondera-harness 0.6.2__tar.gz → 0.7.0__tar.gz

sondera_harness-0.7.0/PKG-INFO

@@ -0,0 +1,169 @@
+Metadata-Version: 2.4
+Name: sondera-harness
+Version: 0.7.0
+Summary: Sondera Harness SDK for Python - Agent governance and policy enforcement
+Author-email: Sondera AI <sdk@sondera.ai>
+License-Expression: MIT
+Project-URL: Homepage, https://github.com/sondera-ai/harness-sdk-python
+Project-URL: Documentation, https://docs.sondera.ai
+Project-URL: Repository, https://github.com/sondera-ai/harness-sdk-python
+Project-URL: Issues, https://github.com/sondera-ai/harness-sdk-python/issues
+Project-URL: Changelog, https://github.com/sondera-ai/harness-sdk-python/blob/main/CHANGELOG.md
+Keywords: ai,agents,governance,policy,guardrails,llm,langchain,langgraph
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Security
+Classifier: Typing :: Typed
+Requires-Python: <3.15,>=3.12
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: cedar-python>=0.1.1
+Requires-Dist: click>=8.0.0
+Requires-Dist: click-default-group>=1.2.4
+Requires-Dist: grpcio>=1.76.0
+Requires-Dist: grpcio-tools>=1.76.0
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: pydantic>=2.12.0
+Requires-Dist: pydantic-settings>=2.12.0
+Requires-Dist: textual>=6.11.0
+Provides-Extra: adk
+Requires-Dist: google-adk>=1.22.0; extra == "adk"
+Provides-Extra: langgraph
+Requires-Dist: langchain>=1.2.0; extra == "langgraph"
+Requires-Dist: langgraph>=1.0.5; extra == "langgraph"
+Provides-Extra: strands
+Requires-Dist: strands-agents>=1.21.0; extra == "strands"
+Provides-Extra: all
+Requires-Dist: google-adk>=1.22.0; extra == "all"
+Requires-Dist: langchain>=1.2.0; extra == "all"
+Requires-Dist: langgraph>=1.0.5; extra == "all"
+Requires-Dist: strands-agents>=1.21.0; extra == "all"
+Dynamic: license-file
+
+<div align="center">
+
+  <h1>Sondera Harness</h1>
+
+  <p><strong>Deterministic guardrails for AI agents.</strong></p>
+
+  <p>Open-source. Works with LangGraph, ADK, Strands, or any custom agent.</p>
+
+  <p>
+    <a href="https://docs.sondera.ai/">Docs</a>
+    ·
+    <a href="https://docs.sondera.ai/quickstart/">Quickstart</a>
+    ·
+    <a href="https://github.com/sondera-ai/sondera-harness-python/tree/main/examples">Examples</a>
+    ·
+    <a href="https://join.slack.com/t/sonderacommunity/shared_invite/zt-3onw10qhj-5UNQ7EMuAbPk0nTwh_sNcw">Slack</a>
+  </p>
+
+  <p>
+    <a href="https://pypi.org/project/sondera-harness/"><img src="https://img.shields.io/pypi/v/sondera-harness.svg" alt="PyPI version"></a>
+    <a href="https://www.python.org/downloads/"><img src="https://img.shields.io/badge/python-3.12+-blue.svg" alt="Python 3.12+"></a>
+    <a href="LICENSE"><img src="https://img.shields.io/github/license/sondera-ai/sondera-harness-python.svg" alt="License: MIT"></a>
+  </p>
+
+</div>
+
+---
+
+## What is Sondera Harness?
+
+Sondera Harness evaluates [Cedar](https://www.cedarpolicy.com/) policies before your agent's actions execute. When a policy denies an action, the agent gets a reason why and can try a different approach. Same input, same verdict. Deterministic, not probabilistic.
+
+**Example policy:**
+
+```cedar
+forbid(principal, action, resource)
+when { context has parameters_json && context.parameters_json like "*rm -rf*" };
+```
+
+This policy stops your agent from running `rm -rf`, every time.
+
+## Quickstart
+
+> **Try it now:** [![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/sondera-ai/sondera-harness-python/blob/main/docs/src/notebooks/quickstart.ipynb) - no install required.
+
+### 1. Install
+
+```bash
+uv add "sondera-harness[langgraph]"   # or: pip install "sondera-harness[langgraph]"
+```
+
+Works with [LangChain/LangGraph](https://docs.sondera.ai/integrations/langgraph/), [Google ADK](https://docs.sondera.ai/integrations/adk/), [Strands](https://docs.sondera.ai/integrations/strands/), and [custom agents](https://docs.sondera.ai/integrations/custom/).
+
+### 2. Add to Your Agent (LangGraph)
+
+```python
+from langchain.agents import create_agent
+from sondera.harness import SonderaRemoteHarness
+from sondera.langgraph import SonderaHarnessMiddleware, Strategy, create_agent_from_langchain_tools
+
+# Analyze your tools and create agent metadata
+sondera_agent = create_agent_from_langchain_tools(
+    tools=my_tools,
+    agent_id="langchain-agent",
+    agent_name="My LangChain Agent",
+    agent_description="An agent that helps with tasks",
+)
+
+# Create harness with agent
+harness = SonderaRemoteHarness(agent=sondera_agent)
+
+# Create middleware
+middleware = SonderaHarnessMiddleware(
+    harness=harness,
+    strategy=Strategy.BLOCK,  # or Strategy.STEER
+)
+
+# Create agent with middleware
+agent = create_agent(
+    model=my_model,
+    tools=my_tools,
+    middleware=[middleware],
+)
+```
+
+> [!NOTE]
+> This example uses Sondera Platform ([free account](https://sondera.ai)), which also enables the TUI below. For local-only development, see [CedarPolicyHarness](https://docs.sondera.ai/integrations/custom/).
+
+### 3. See It in Action
+
+<div align="center">
+  <img src="docs/src/assets/sondera-tui.gif" alt="Sondera TUI" width="700" />
+</div>
+
+```bash
+uv run sondera   # or: sondera (if installed via pip)
+```
+
+## Why Sondera Harness?
+
+- **Steer, don't block:** Denied actions include a reason. Return it to the model, and it tries something else.
+- **Deterministic:** Stop debugging prompts. Rules are predictable.
+- **Drop-in integration:** Native middleware for LangGraph, Google ADK, and Strands.
+- **Full observability:** Every action, every decision, every reason. Audit-ready.
+
+## Documentation
+
+- [Quickstart](https://docs.sondera.ai/quickstart/)
+- [Writing Policies](https://docs.sondera.ai/writing-policies/)
+- [Integrations](https://docs.sondera.ai/integrations/)
+- [Reference](https://docs.sondera.ai/reference/)
+
+## Community
+
+- [Slack](https://join.slack.com/t/sonderacommunity/shared_invite/zt-3onw10qhj-5UNQ7EMuAbPk0nTwh_sNcw) for questions and feedback
+- [GitHub Issues](https://github.com/sondera-ai/sondera-harness-python/issues) for bugs
+- [Contributing](CONTRIBUTING.md) for development setup
+
+## License
+
+[MIT](LICENSE)

sondera_harness-0.7.0/README.md

@@ -0,0 +1,121 @@
+<div align="center">
+
+  <h1>Sondera Harness</h1>
+
+  <p><strong>Deterministic guardrails for AI agents.</strong></p>
+
+  <p>Open-source. Works with LangGraph, ADK, Strands, or any custom agent.</p>
+
+  <p>
+    <a href="https://docs.sondera.ai/">Docs</a>
+    ·
+    <a href="https://docs.sondera.ai/quickstart/">Quickstart</a>
+    ·
+    <a href="https://github.com/sondera-ai/sondera-harness-python/tree/main/examples">Examples</a>
+    ·
+    <a href="https://join.slack.com/t/sonderacommunity/shared_invite/zt-3onw10qhj-5UNQ7EMuAbPk0nTwh_sNcw">Slack</a>
+  </p>
+
+  <p>
+    <a href="https://pypi.org/project/sondera-harness/"><img src="https://img.shields.io/pypi/v/sondera-harness.svg" alt="PyPI version"></a>
+    <a href="https://www.python.org/downloads/"><img src="https://img.shields.io/badge/python-3.12+-blue.svg" alt="Python 3.12+"></a>
+    <a href="LICENSE"><img src="https://img.shields.io/github/license/sondera-ai/sondera-harness-python.svg" alt="License: MIT"></a>
+  </p>
+
+</div>
+
+---
+
+## What is Sondera Harness?
+
+Sondera Harness evaluates [Cedar](https://www.cedarpolicy.com/) policies before your agent's actions execute. When a policy denies an action, the agent gets a reason why and can try a different approach. Same input, same verdict. Deterministic, not probabilistic.
+
+**Example policy:**
+
+```cedar
+forbid(principal, action, resource)
+when { context has parameters_json && context.parameters_json like "*rm -rf*" };
+```
+
+This policy stops your agent from running `rm -rf`, every time.
+
+## Quickstart
+
+> **Try it now:** [![Open In Colab](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/sondera-ai/sondera-harness-python/blob/main/docs/src/notebooks/quickstart.ipynb) - no install required.
+
+### 1. Install
+
+```bash
+uv add "sondera-harness[langgraph]"   # or: pip install "sondera-harness[langgraph]"
+```
+
+Works with [LangChain/LangGraph](https://docs.sondera.ai/integrations/langgraph/), [Google ADK](https://docs.sondera.ai/integrations/adk/), [Strands](https://docs.sondera.ai/integrations/strands/), and [custom agents](https://docs.sondera.ai/integrations/custom/).
+
+### 2. Add to Your Agent (LangGraph)
+
+```python
+from langchain.agents import create_agent
+from sondera.harness import SonderaRemoteHarness
+from sondera.langgraph import SonderaHarnessMiddleware, Strategy, create_agent_from_langchain_tools
+
+# Analyze your tools and create agent metadata
+sondera_agent = create_agent_from_langchain_tools(
+    tools=my_tools,
+    agent_id="langchain-agent",
+    agent_name="My LangChain Agent",
+    agent_description="An agent that helps with tasks",
+)
+
+# Create harness with agent
+harness = SonderaRemoteHarness(agent=sondera_agent)
+
+# Create middleware
+middleware = SonderaHarnessMiddleware(
+    harness=harness,
+    strategy=Strategy.BLOCK,  # or Strategy.STEER
+)
+
+# Create agent with middleware
+agent = create_agent(
+    model=my_model,
+    tools=my_tools,
+    middleware=[middleware],
+)
+```
+
+> [!NOTE]
+> This example uses Sondera Platform ([free account](https://sondera.ai)), which also enables the TUI below. For local-only development, see [CedarPolicyHarness](https://docs.sondera.ai/integrations/custom/).
+
+### 3. See It in Action
+
+<div align="center">
+  <img src="docs/src/assets/sondera-tui.gif" alt="Sondera TUI" width="700" />
+</div>
+
+```bash
+uv run sondera   # or: sondera (if installed via pip)
+```
+
+## Why Sondera Harness?
+
+- **Steer, don't block:** Denied actions include a reason. Return it to the model, and it tries something else.
+- **Deterministic:** Stop debugging prompts. Rules are predictable.
+- **Drop-in integration:** Native middleware for LangGraph, Google ADK, and Strands.
+- **Full observability:** Every action, every decision, every reason. Audit-ready.
+
+## Documentation
+
+- [Quickstart](https://docs.sondera.ai/quickstart/)
+- [Writing Policies](https://docs.sondera.ai/writing-policies/)
+- [Integrations](https://docs.sondera.ai/integrations/)
+- [Reference](https://docs.sondera.ai/reference/)
+
+## Community
+
+- [Slack](https://join.slack.com/t/sonderacommunity/shared_invite/zt-3onw10qhj-5UNQ7EMuAbPk0nTwh_sNcw) for questions and feedback
+- [GitHub Issues](https://github.com/sondera-ai/sondera-harness-python/issues) for bugs
+- [Contributing](CONTRIBUTING.md) for development setup
+
+## License
+
+[MIT](LICENSE)

{sondera_harness-0.6.2 → sondera_harness-0.7.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "sondera-harness"
-version = "0.6.2"
+version = "0.7.0"
 description = "Sondera Harness SDK for Python - Agent governance and policy enforcement"
 readme = "README.md"
 requires-python = ">=3.12,<3.15"
@@ -46,6 +46,8 @@ Changelog = "https://github.com/sondera-ai/harness-sdk-python/blob/main/CHANGELO
 
 [project.scripts]
 sondera = "sondera.cli:cli"
+sondera-harness = "sondera.cli:cli"
+
 
 [tool.setuptools.package-data]
 sondera = ["py.typed", "tui/*.tcss"]
@@ -150,7 +152,14 @@ testpaths = ["tests"]
 addopts = "-v"
 
 [tool.uv.workspace]
-members = ["examples/adk", "examples/langgraph", "examples/strands", "examples/archetypes", "examples/cedar"]
+members = [
+    "examples/adk",
+ "examples/langgraph",
+ "examples/strands",
+ "examples/archetypes",
+ "examples/cedar",
+ "docs",
+]
 
 [tool.uv.sources]
 sondera-archetypes = { workspace = true }

{sondera_harness-0.6.2 → sondera_harness-0.7.0}/src/sondera/__init__.py

@@ -1,28 +1,44 @@
-"""Sondera SDK for Python - Agent governance and policy enforcement.
+"""Sondera Harness - Steer agents with rules, not prompts.
 
-This SDK provides tools for integrating AI agents with the Sondera Platform
-for policy enforcement, guardrails, and governance.
+Wrap your agent, write Cedar policies, ship with confidence. When a policy
+denies an action, the agent gets the reason why and adjusts. Agents self-correct
+instead of failing. This is steering, not just blocking.
 
-Main Components:
-    - Harness: Abstract base class for harness implementations
-    - RemoteHarness: Production harness connecting to Sondera Platform
-    - CedarPolicyEngine: Local policy-as-code engine using Cedar
+Same input, same verdict. Rules are deterministic, not probabilistic. Stop
+debugging prompts and start writing policies.
+
+Why Sondera Harness:
+    - Steer, don't just block: Denied actions include explanations
+    - Drop-in integration: Native middleware for LangGraph, ADK, Strands
+    - Full observability: Trajectories capture every action and decision
+    - Deterministic rules: Same input, same verdict, every time
+    - Ship faster: Reliability, safety, security, and compliance built in
+
+Harness Implementations:
+    - CedarPolicyHarness: Local evaluation, no network calls, no dependencies
+    - SonderaRemoteHarness: Team policies, dashboards, centralized audit logs
 
 Framework Integrations:
-    - sondera.langgraph: LangGraph/LangChain middleware
+    - sondera.langgraph: LangGraph middleware
     - sondera.adk: Google ADK plugin
-    - sondera.strands: Strands Agent SDK hook
+    - sondera.strands: Strands lifecycle hooks
 
 Example:
-    >>> from sondera import SonderaRemoteHarness, Agent
-    >>> harness = SonderaRemoteHarness(sondera_api_key="<YOUR_SONDERA_API_KEY>")
+    >>> from sondera import CedarPolicyHarness, Agent, Tool
+    >>> from sondera.harness.cedar.schema import agent_to_cedar_schema
+    >>>
     >>> agent = Agent(
     ...     id="my-agent",
-    ...     provider_id="langchain",
-    ...     name="My Agent",
+    ...     provider_id="local",
+    ...     name="My_Agent",
     ...     description="A helpful assistant",
-    ...     instruction="Be helpful and concise",
-    ...     tools=[],
+    ...     instruction="Help users with tasks",
+    ...     tools=[Tool(name="Bash", description="Run commands", parameters=[])],
+    ... )
+    >>> policy = "permit(principal, action, resource);"
+    >>> harness = CedarPolicyHarness(
+    ...     policy_set=policy,
+    ...     schema=agent_to_cedar_schema(agent),
     ... )
     >>> await harness.initialize(agent=agent)
 """
@@ -47,10 +63,12 @@ from sondera.types import (
     AdjudicatedStep,
     AdjudicatedTrajectory,
     Adjudication,
+    AdjudicationRecord,
     Agent,
     Content,
     Decision,
     Parameter,
+    PolicyAnnotation,
     PolicyEngineMode,
     PromptContent,
     Role,
@@ -93,6 +111,8 @@ __all__ = [
     "Adjudication",
     "AdjudicatedStep",
     "AdjudicatedTrajectory",
+    "AdjudicationRecord",
+    "PolicyAnnotation",
     "Decision",
     # Exceptions
     "SonderaError",

{sondera_harness-0.6.2 → sondera_harness-0.7.0}/src/sondera/adk/plugin.py

@@ -23,6 +23,7 @@ from google.genai import types as genai_types
 from sondera.adk.analyze import format
 from sondera.harness import Harness
 from sondera.types import (
+    Decision,
     PromptContent,
     Role,
     Stage,
@@ -64,7 +65,7 @@ class SonderaHarnessPlugin(BasePlugin):
         plugin = SonderaHarnessPlugin(harness=harness)
 
         # Create agent and runner with the plugin
-        agent = Agent(name="my-agent", model="gemini-2.0-flash", ...)
+        agent = Agent(name="my-agent", model="gemini-2.5-flash", ...)
         runner = Runner(
             agent=agent,
             app_name="my-app",
@@ -135,7 +136,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] User message adjudication for trajectory {self._harness.trajectory_id}"
         )
 
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return genai_types.Content(
                 parts=[genai_types.Part(text=adjudication.reason)]
             )
@@ -212,7 +213,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] Before model adjudication for trajectory {self._harness.trajectory_id}"
         )
 
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return LlmResponse(
                 content=genai_types.Content(
                     parts=[genai_types.Part(text=adjudication.reason)]
@@ -254,7 +255,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] After model adjudication for trajectory {self._harness.trajectory_id}"
         )
 
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return LlmResponse(
                 content=genai_types.Content(
                     parts=[genai_types.Part(text=adjudication.reason)]
@@ -296,7 +297,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] Before tool adjudication for trajectory {self._harness.trajectory_id}"
         )
 
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return {"error": f"Tool blocked: {adjudication.reason}"}
         return None
 
@@ -332,7 +333,7 @@ class SonderaHarnessPlugin(BasePlugin):
             f"[SonderaHarness] After tool adjudication for trajectory {self._harness.trajectory_id}"
         )
 
-        if adjudication.is_denied:
+        if adjudication.decision == Decision.DENY:
             return {"error": f"Tool result blocked: {adjudication.reason}"}
         return None
 

{sondera_harness-0.6.2 → sondera_harness-0.7.0}/src/sondera/harness/cedar/harness.py

@@ -23,6 +23,7 @@ from sondera.types import (
     Agent,
     Content,
     Decision,
+    PolicyAnnotation,
     PromptContent,
     Role,
     Stage,
@@ -69,6 +70,7 @@ class CedarPolicyHarness(AbstractHarness):
         *,
         policy_set: PolicySet | str,
         schema: CedarSchema,
+        agent: Agent | None = None,
         logger: logging.Logger | None = None,
     ):
         """Initialize the Cedar policy engine.
@@ -77,12 +79,13 @@ class CedarPolicyHarness(AbstractHarness):
             policy_set: Cedar policies to evaluate. Can be a PolicySet instance
                 or Cedar policy text. Required.
             schema: Cedar schema generated from agent_to_cedar_schema(). Required.
+            agent: The agent to govern. Required for adjudication.
             logger: Logger instance.
 
         Raises:
             ValueError: If policy_set or schema is not provided.
         """
-        self._agent: Agent | None = None
+        self._agent: Agent | None = agent
         self._trajectory_id: str | None = None
         self._trajectory_step_count: int = 0
         self._logger = logger or _LOGGER
@@ -101,6 +104,16 @@ class CedarPolicyHarness(AbstractHarness):
             self._policy_set = PolicySet(policy_set)
         else:
             self._policy_set = policy_set
+
+        for policy in self._policy_set.policies():
+            annotations = policy.annotations()
+            if "escalate" in annotations and str(policy.effect()) != "Forbid":
+                policy_id = annotations.get("id", policy.id())
+                raise ValueError(
+                    f"Policy '{policy_id}' has @escalate but is not a forbid policy. "
+                    "@escalate is only valid on forbid policies."
+                )
+
         # Extract namespace name from schema
         namespaces = list(schema.root.keys())
         if namespaces:
@@ -110,6 +123,8 @@ class CedarPolicyHarness(AbstractHarness):
             raise ValueError("Schema must have at least one namespace")
         # Authorizer will be initialized with entities when agent is set
         self._authorizer: Authorizer | None = None
+        # Cache for pre-parsed tool response schemas (tool_name -> parsed schema dict)
+        self._tool_response_schemas: dict[str, dict[str, object]] = {}
 
     def _build_authorizer(self) -> Authorizer:
         """Build the Cedar authorizer with current entities."""
@@ -128,8 +143,9 @@ class CedarPolicyHarness(AbstractHarness):
         if self._agent:
             agent_uid = EntityUid(f"{self._namespace}::Agent", self._agent.id)
 
-            # Add tool entities from agent's tools
+            # Add tool entities from agent's tools and pre-parse response schemas
             tool_entities: list[EntityUid] = []
+            self._tool_response_schemas = {}
             for tool in self._agent.tools:
                 tool_id = tool.id or tool.name
                 tool_uid = EntityUid(f"{self._namespace}::Tool", tool_id)
@@ -142,6 +158,11 @@ class CedarPolicyHarness(AbstractHarness):
                 )
                 tool_entities.append(tool_uid)
                 entities.append(tool_entity)
+                # Pre-parse response JSON schema for use in _tool_response
+                if tool.response_json_schema:
+                    self._tool_response_schemas[tool.name] = json.loads(
+                        tool.response_json_schema
+                    )
 
             agent_entity = Entity(
                 agent_uid,
@@ -252,11 +273,47 @@ class CedarPolicyHarness(AbstractHarness):
         assert request is not None, "Unexpected none request"
         response = self._authorizer.is_authorized(request, self._policy_set)
         if str(response.decision) == "Allow":
-            reason = f"Allowed by policies: {response.reason}"
-            return Adjudication(decision=Decision.ALLOW, reason=reason)
+            return Adjudication(
+                decision=Decision.ALLOW,
+                reason=f"Allowed by policies: {response.reason}",
+            )
+
+        annotations: list[PolicyAnnotation] = []
+        hard_deny_ids = []
+        for internal_id in response.reason:
+            policy = self._policy_set.policy(internal_id)
+            if policy is None:
+                raise RuntimeError(f"Policy '{internal_id}' not found in policy set")
+            policy_annotations = policy.annotations()
+            if "escalate" not in policy_annotations:
+                hard_deny_ids.append(internal_id)
+            else:
+                custom = {
+                    k: v
+                    for k, v in policy_annotations.items()
+                    if k not in ("id", "reason", "escalate")
+                }
+                annotations.append(
+                    PolicyAnnotation(
+                        id=policy_annotations.get("id", internal_id),
+                        description=policy_annotations.get("reason", ""),
+                        escalate=True,
+                        escalate_arg=policy_annotations["escalate"],
+                        custom=custom,
+                    )
+                )
+
+        if not hard_deny_ids and annotations:
+            return Adjudication(
+                decision=Decision.ESCALATE,
+                reason=f"Escalated by policies: {response.reason}",
+                annotations=annotations,
+            )
         else:
-            reason = f"Denied by policies: {response.reason}"
-            return Adjudication(decision=Decision.DENY, reason=reason)
+            return Adjudication(
+                decision=Decision.DENY,
+                reason=f"Denied by policies: {hard_deny_ids}",
+            )
 
     def _message_request(
         self,
@@ -311,11 +368,17 @@ class CedarPolicyHarness(AbstractHarness):
         action_name = tool_id.replace(" ", "_").replace("-", "_")
         action_uid = EntityUid(f"{self._namespace}::Action", action_name)
 
-        context = Context(
-            {"parameters_json": json.dumps(content.args), "parameters": content.args},
-            schema=self._schema,
-            action=action_uid,
-        )
+        # Build context - only include typed parameters if schema defines them
+        context_data: dict[str, object] = {
+            "parameters_json": json.dumps(content.args),
+        }
+        # Check if tool has typed parameters schema
+        if self._agent:
+            tool = next((t for t in self._agent.tools if t.name == tool_id), None)
+            if tool and tool.parameters_json_schema:
+                context_data["parameters"] = content.args
+
+        context = Context(context_data, schema=self._schema, action=action_uid)
 
         return Request(
             principal=agent_uid,
@@ -345,14 +408,22 @@ class CedarPolicyHarness(AbstractHarness):
         action_name = tool_id.replace(" ", "_").replace("-", "_")
         action_uid = EntityUid(f"{self._namespace}::Action", action_name)
 
-        context = Context(
-            {
-                "response_json": json.dumps(content.response, default=str),
-                "response": content.response,
-            },
-            schema=self._schema,
-            action=action_uid,
-        )
+        # Build context - only include typed response if schema defines it
+        context_data: dict[str, object] = {
+            "response_json": json.dumps(content.response, default=str),
+        }
+        # Check if tool has typed response schema (pre-parsed in _build_authorizer)
+        if tool_id in self._tool_response_schemas:
+            response_schema = self._tool_response_schemas[tool_id]
+            # Check if the response schema is a simple type (not object/Record)
+            # Simple types get wrapped in {"value": ...} by the schema generator
+            if response_schema.get("type") not in ["object", "OBJECT"]:
+                # Simple type was wrapped in {"value": ...} by schema generator
+                context_data["response"] = {"value": content.response}
+            else:
+                context_data["response"] = content.response
+
+        context = Context(context_data, schema=self._schema, action=action_uid)
 
         return Request(
             principal=agent_uid,