sourcerykit 1.0.0b1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. sourcerykit-1.0.0b1/.gitignore +65 -0
  2. sourcerykit-1.0.0b1/CHANGELOG.md +43 -0
  3. sourcerykit-1.0.0b1/LICENSE.md +101 -0
  4. sourcerykit-1.0.0b1/PKG-INFO +228 -0
  5. sourcerykit-1.0.0b1/README.md +180 -0
  6. sourcerykit-1.0.0b1/cookbooks/claude_agent/README.md +49 -0
  7. sourcerykit-1.0.0b1/cookbooks/langchain_agent/README.md +50 -0
  8. sourcerykit-1.0.0b1/cookbooks/openai_agents/README.md +53 -0
  9. sourcerykit-1.0.0b1/pyproject.toml +135 -0
  10. sourcerykit-1.0.0b1/src/sourcerykit/__init__.py +31 -0
  11. sourcerykit-1.0.0b1/src/sourcerykit/bootstrap/__init__.py +3 -0
  12. sourcerykit-1.0.0b1/src/sourcerykit/bootstrap/_cache.py +118 -0
  13. sourcerykit-1.0.0b1/src/sourcerykit/bootstrap/bootstrap.py +46 -0
  14. sourcerykit-1.0.0b1/src/sourcerykit/cli/__init__.py +0 -0
  15. sourcerykit-1.0.0b1/src/sourcerykit/cli/config.py +136 -0
  16. sourcerykit-1.0.0b1/src/sourcerykit/cli/doctor.py +184 -0
  17. sourcerykit-1.0.0b1/src/sourcerykit/cli/endpoints.py +56 -0
  18. sourcerykit-1.0.0b1/src/sourcerykit/cli/feedback.py +57 -0
  19. sourcerykit-1.0.0b1/src/sourcerykit/cli/init.py +360 -0
  20. sourcerykit-1.0.0b1/src/sourcerykit/cli/logo.py +29 -0
  21. sourcerykit-1.0.0b1/src/sourcerykit/cli/main.py +50 -0
  22. sourcerykit-1.0.0b1/src/sourcerykit/cli/trace.py +237 -0
  23. sourcerykit-1.0.0b1/src/sourcerykit/cli/utils.py +160 -0
  24. sourcerykit-1.0.0b1/src/sourcerykit/config.py +213 -0
  25. sourcerykit-1.0.0b1/src/sourcerykit/db/__init__.py +1 -0
  26. sourcerykit-1.0.0b1/src/sourcerykit/db/_engine.py +98 -0
  27. sourcerykit-1.0.0b1/src/sourcerykit/db/_intercepts.py +75 -0
  28. sourcerykit-1.0.0b1/src/sourcerykit/db/_schema.py +139 -0
  29. sourcerykit-1.0.0b1/src/sourcerykit/db/_traces.py +140 -0
  30. sourcerykit-1.0.0b1/src/sourcerykit/db/_trusted_endpoints.py +107 -0
  31. sourcerykit-1.0.0b1/src/sourcerykit/errors/__init__.py +32 -0
  32. sourcerykit-1.0.0b1/src/sourcerykit/evaluator/__init__.py +3 -0
  33. sourcerykit-1.0.0b1/src/sourcerykit/evaluator/_eval_modes.py +151 -0
  34. sourcerykit-1.0.0b1/src/sourcerykit/evaluator/evaluator.py +120 -0
  35. sourcerykit-1.0.0b1/src/sourcerykit/handoff/__init__.py +5 -0
  36. sourcerykit-1.0.0b1/src/sourcerykit/handoff/_guide.py +46 -0
  37. sourcerykit-1.0.0b1/src/sourcerykit/handoff/_preprocess.py +21 -0
  38. sourcerykit-1.0.0b1/src/sourcerykit/handoff/_query_records.py +43 -0
  39. sourcerykit-1.0.0b1/src/sourcerykit/handoff/payload_builder.py +185 -0
  40. sourcerykit-1.0.0b1/src/sourcerykit/intercept/__init__.py +8 -0
  41. sourcerykit-1.0.0b1/src/sourcerykit/intercept/_aiohttp_hook.py +62 -0
  42. sourcerykit-1.0.0b1/src/sourcerykit/intercept/_httpx_hook.py +86 -0
  43. sourcerykit-1.0.0b1/src/sourcerykit/intercept/_loader.py +44 -0
  44. sourcerykit-1.0.0b1/src/sourcerykit/intercept/_self_egress.py +26 -0
  45. sourcerykit-1.0.0b1/src/sourcerykit/intercept/_storage.py +59 -0
  46. sourcerykit-1.0.0b1/src/sourcerykit/intercept/interceptor.py +85 -0
  47. sourcerykit-1.0.0b1/src/sourcerykit/intercept/requests_hook.py +97 -0
  48. sourcerykit-1.0.0b1/src/sourcerykit/logger.py +24 -0
  49. sourcerykit-1.0.0b1/src/sourcerykit/provably/__init__.py +3 -0
  50. sourcerykit-1.0.0b1/src/sourcerykit/provably/_answer_model.py +79 -0
  51. sourcerykit-1.0.0b1/src/sourcerykit/provably/_api.py +369 -0
  52. sourcerykit-1.0.0b1/src/sourcerykit/provably/_auth_api.py +157 -0
  53. sourcerykit-1.0.0b1/src/sourcerykit/provably/_errors.py +150 -0
  54. sourcerykit-1.0.0b1/src/sourcerykit/provably/_http.py +170 -0
  55. sourcerykit-1.0.0b1/src/sourcerykit/provably/auth_service.py +122 -0
  56. sourcerykit-1.0.0b1/src/sourcerykit/provably/service.py +617 -0
  57. sourcerykit-1.0.0b1/src/sourcerykit/schemas/__init__.py +6 -0
  58. sourcerykit-1.0.0b1/src/sourcerykit/schemas/agent_response.py +28 -0
  59. sourcerykit-1.0.0b1/src/sourcerykit/schemas/handoff.py +109 -0
  60. sourcerykit-1.0.0b1/src/sourcerykit/schemas/outcome.py +9 -0
  61. sourcerykit-1.0.0b1/src/sourcerykit/schemas/verification_mode.py +8 -0
  62. sourcerykit-1.0.0b1/src/sourcerykit/trusted_endpoints/__init__.py +11 -0
  63. sourcerykit-1.0.0b1/src/sourcerykit/trusted_endpoints/service.py +187 -0
  64. sourcerykit-1.0.0b1/src/sourcerykit/utils/__init__.py +5 -0
  65. sourcerykit-1.0.0b1/src/sourcerykit/utils/validation.py +20 -0
@@ -0,0 +1,65 @@
1
+ # Python
2
+ __pycache__/
3
+ *.py[cod]
4
+ *$py.class
5
+ *.so
6
+ .Python
7
+ build/
8
+ develop-eggs/
9
+ dist/
10
+ downloads/
11
+ eggs/
12
+ .eggs/
13
+ lib/
14
+ lib64/
15
+ parts/
16
+ sdist/
17
+ var/
18
+ wheels/
19
+ *.egg-info/
20
+ *.egg
21
+ MANIFEST
22
+
23
+ # Pre-commit hook environments (local cache)
24
+ .cache/
25
+
26
+ # Cursor IDE / debug session artifacts
27
+ .cursor/
28
+
29
+ # Virtual environments
30
+ .venv/
31
+ venv/
32
+ ENV/
33
+ env/
34
+
35
+ # Documentation
36
+ docs/_build/
37
+
38
+ # Testing / coverage
39
+ .pytest_cache/
40
+ .coverage
41
+ .coverage.*
42
+ htmlcov/
43
+ coverage.xml
44
+ .hypothesis/
45
+
46
+ # Type checkers / linters
47
+ .mypy_cache/
48
+ .ruff_cache/
49
+ .pytype/
50
+
51
+ # IDEs
52
+ .claude/
53
+ .idea/
54
+ .vscode/
55
+ *.swp
56
+ *.swo
57
+
58
+ # OS
59
+ .DS_Store
60
+ Thumbs.db
61
+
62
+ # Secrets
63
+ .env
64
+ .env.*
65
+ !.env.example
@@ -0,0 +1,43 @@
1
+ # Changelog
2
+
3
+ ## 1.0.0
4
+
5
+ Major release following a full repository refactor. The package is now published as **`sourcerykit`**.
6
+
7
+ ### Breaking changes
8
+
9
+ - **Package renamed** — all imports change from `provably` to `sourcerykit`. (#44)
10
+ - **`set_interceptor_context` removed** — replaced by the `intercept_context()` context manager, which correctly scopes the `ContextVar` and prevents leaks across requests. (#44)
11
+ - **Database schema redesigned** — `provably_intercepts` and `trusted_endpoints` now use `UUID` primary keys (was `SERIAL`) with updated column types (e.g. `indexed_average` stored as `TEXT`). Run `alembic upgrade head` (migration `000` drops old tables, `001`/`002` recreate them). (#44)
12
+
13
+ ### Architecture & tooling
14
+
15
+ - **Async architecture** — HTTP client migrated to `httpx` async; database layer upgraded to async SQLAlchemy. (#44)
16
+ - **Alembic migrations** — schema changes are managed via versioned Alembic scripts. (#44)
17
+ - **Authentication service** — `SourceryKitAuthService` handles account and organisation management against the Provably API. (#44)
18
+ - **CLI setup wizard** — interactive `sourcerykit init` command for first-time account, org, and database configuration. (#44)
19
+ - **Test coverage gate** — `pytest-cov` enforces a 60 % floor on the unit suite in CI. (#44)
20
+
21
+ ### Examples & onboarding
22
+
23
+ - **Cookbooks** — runnable examples using Claude Agent SDK, OpenAI Agents SDK and Langchain Agent SDK. (#44)
24
+ - **Skill** (`init-sourcerykit`) — step-by-step guided onboarding skill for adding SourceryKit to an existing agent project. (#44)
25
+ - **SDK documentation** — full developer docs (Sphinx) covering interception, handoffs, trusted endpoints, and verification modes. (#44)
26
+
27
+ ## 0.2.0
28
+
29
+ - Added `configure_indexing(enable_indexing)`: one-call bootstrap (`initialize_runtime` + `init_interceptor` + enable/disable) for sender agents.
30
+ - Added `outcome_from_trace(trace)` and `aggregate_outcome(payload)` helpers for extracting and rolling up verdicts.
31
+ - Added `set_intercept_url_allowlist(urls)` to top-level namespace; scopes the simulation body hook to an explicit set of URLs.
32
+ - `Outcome` now includes `"ERROR"` alongside `"PASS"` and `"CAUGHT"`.
33
+ - Logging migrated from `print()` to structured `structlog` output.
34
+
35
+ ## 0.1.0
36
+
37
+ Init.
38
+
39
+ - `initialize_runtime` for one-time bootstrap.
40
+ - `intercept` module: monkey-patches `requests` and `httpx`, records rows in `provably_intercepts`, enforces trusted-endpoint allow-list.
41
+ - `handoff` module: `HandoffPayload`, `HandoffClaim`, `post_handoff`, and `evaluate_handoff` with per-claim verification modes (`verbatim`, `field_extraction`, `schema_type`, `range_threshold`).
42
+ - `claim_contract` builder: generates the LLM-facing JSON contract from `HandoffClaim` + `VerificationMode`.
43
+ - `trusted_endpoints`: `is_trusted_endpoint`, `list_trusted_endpoints`, `check_claim_endpoints_are_trusted`.
@@ -0,0 +1,101 @@
1
+ # License
2
+
3
+ Business Source License 1.1
4
+
5
+ Copyright © 2026 Provably Technologies LTD
6
+
7
+ Use Limitation: You may not offer the Software as a commercial hosted
8
+ service without purchasing a commercial license from Provably Technologies Ltd.
9
+
10
+ Change Date: 2029-05-07
11
+ Change License: GPL-3.0-or-later
12
+
13
+ Business Source License 1.1
14
+
15
+ License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
16
+ "Business Source License" is a trademark of MariaDB Corporation Ab.
17
+
18
+
19
+ 1. Definitions
20
+ The "Licensed Work" is the software and documentation made available
21
+ under this License.
22
+ The "Licensor" is the entity offering the Licensed Work under this
23
+ License.
24
+ "You" refers to the licensee of the Licensed Work.
25
+ "Use Limitation" means the restrictions (if any) placed on your use of
26
+ the Licensed Work before the Change Date, as listed in the license
27
+ parameters at the top of this License.
28
+ "Additional Use Grant" means additional rights (if any) the Licensor
29
+ grants to you before the Change Date, as listed in the license parameters
30
+ at the top of this License.
31
+ The "Change License" is the license selected by the Licensor to replace
32
+ this License, as listed in the license parameters at the top of this
33
+ License.
34
+ The "Change Date" is the date when the license automatically changes
35
+ from this License to the Change License, as listed in the license
36
+ parameters at the top of this License.
37
+ "Distribution" and "Use" have the same meaning as under copyright law.
38
+
39
+
40
+ 2. License Grant
41
+ From the Effective Date until the Change Date, the Licensor hereby grants
42
+ you the following rights:
43
+ a) The right to copy, modify, create derivative works, redistribute, and
44
+ make non-production Use of the Licensed Work, solely in compliance
45
+ with the Use Limitation and Additional Use Grant.
46
+ b) The right to sublicense the foregoing rights to third parties acting
47
+ on your behalf (for example, cloud service providers or contractors),
48
+ subject to the same Use Limitation.
49
+
50
+ All other rights are expressly reserved by the Licensor.
51
+
52
+
53
+ 3. Change Date
54
+ On the Change Date, the rights granted in Section 2 terminate, and you
55
+ may thereafter exercise the rights granted to you under the Change
56
+ License. The Licensor will publish the Change License in the same
57
+ repository or source as the Licensed Work or in any successor location.
58
+
59
+
60
+ 4. Compliance and Termination
61
+ Any Use of the Licensed Work not expressly permitted under this License
62
+ (including violating the Use Limitation) is **prohibited**.
63
+
64
+ If you violate this License, your rights will terminate automatically,
65
+ and you must cease all Use and Distribution of the Licensed Work as soon
66
+ as possible. Your licenses from anyone else remain in force.
67
+
68
+
69
+ 5. Disclaimer of Warranty
70
+ THE LICENSED WORK IS PROVIDED "AS IS". TO THE MAXIMUM EXTENT PERMITTED
71
+ BY APPLICABLE LAW, THE LICENSOR DISCLAIMS ALL WARRANTIES, EXPRESS OR
72
+ IMPLIED, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF
73
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND
74
+ NON-INFRINGEMENT.
75
+
76
+
77
+ 6. Limitation of Liability
78
+ TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE
79
+ LICENSOR BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR
80
+ CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THE LICENSED
81
+ WORK OR THIS LICENSE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
82
+
83
+
84
+ 7. Trademarks
85
+ This License does not grant permission to use the Licensor's trademarks
86
+ or trade names, except to the extent required for reasonable and
87
+ customary use in describing the origin of the Licensed Work.
88
+
89
+
90
+ 8. Severability
91
+ If any provision of this License is held unenforceable or invalid under
92
+ applicable law, such provision shall be interpreted to accomplish the
93
+ objectives of such provision to the greatest extent possible and the
94
+ remaining provisions shall continue in full force and effect.
95
+
96
+
97
+ 9. Governing Law
98
+ This License shall be governed by and construed in accordance with the
99
+ laws of the jurisdiction specified by the Licensor, excluding its
100
+ conflicts-of-law principles. If no jurisdiction is specified, the laws
101
+ of Finland apply (excluding conflict-of-law rules).
@@ -0,0 +1,228 @@
1
+ Metadata-Version: 2.4
2
+ Name: sourcerykit
3
+ Version: 1.0.0b1
4
+ Summary: SourceryKit
5
+ Project-URL: Homepage, https://github.com/ProvablyAI/sourcerykit
6
+ Project-URL: Issues, https://github.com/ProvablyAI/sourcerykit/issues
7
+ Author: Provably Technologies Ltd
8
+ License: Proprietary
9
+ License-File: LICENSE.md
10
+ Keywords: agent,handoff,interceptor,provably,sourcerykit,verifiable
11
+ Classifier: Operating System :: OS Independent
12
+ Classifier: Programming Language :: Python :: 3
13
+ Classifier: Programming Language :: Python :: 3.12
14
+ Classifier: Programming Language :: Python :: 3.13
15
+ Requires-Python: >=3.12
16
+ Requires-Dist: aiohttp>=3.9
17
+ Requires-Dist: alembic>=1.13
18
+ Requires-Dist: greenlet>=3.0
19
+ Requires-Dist: httpx>=0.26
20
+ Requires-Dist: jsonschema>=4.0
21
+ Requires-Dist: msgspec>=0.18.0
22
+ Requires-Dist: psycopg[binary]>=3.1
23
+ Requires-Dist: pydantic>=2.6
24
+ Requires-Dist: python-dotenv>=1.2
25
+ Requires-Dist: questionary>=2.1
26
+ Requires-Dist: requests>=2.31
27
+ Requires-Dist: requests>=2.34
28
+ Requires-Dist: sqlalchemy>=2.0
29
+ Requires-Dist: structlog>=24.1
30
+ Requires-Dist: typer>=0.26
31
+ Provides-Extra: dev
32
+ Requires-Dist: build>=1.2; extra == 'dev'
33
+ Requires-Dist: coverage[toml]>=7.0; extra == 'dev'
34
+ Requires-Dist: mypy>=1.10; extra == 'dev'
35
+ Requires-Dist: myst-parser>=5.1; extra == 'dev'
36
+ Requires-Dist: openai-agents>=0.0.3; extra == 'dev'
37
+ Requires-Dist: pre-commit>=4.0; extra == 'dev'
38
+ Requires-Dist: pytest-asyncio>=0.23; extra == 'dev'
39
+ Requires-Dist: pytest-cov>=5.0; extra == 'dev'
40
+ Requires-Dist: pytest>=8.0; extra == 'dev'
41
+ Requires-Dist: ruff>=0.3; extra == 'dev'
42
+ Requires-Dist: sphinx-rtd-theme>=3.1; extra == 'dev'
43
+ Requires-Dist: sphinx>=9.1; extra == 'dev'
44
+ Requires-Dist: sphinxcontrib-mermaid>=2.0; extra == 'dev'
45
+ Requires-Dist: types-jsonschema>=4.0; extra == 'dev'
46
+ Requires-Dist: types-requests>=2.31; extra == 'dev'
47
+ Description-Content-Type: text/markdown
48
+
49
+ <div align="center">
50
+ <img src="https://github.com/ProvablyAI/sourcerykit/blob/main/docs/logo.svg" alt="SourceryKit" width="280" />
51
+ </div>
52
+
53
+ <div align="center">
54
+
55
+ [![status: v1.0.0b1](https://img.shields.io/badge/status-v1.0.0b1-blue)](https://github.com/ProvablyAI/sourcerykit/blob/main/CHANGELOG.md)
56
+ [![python: 3.12+](https://img.shields.io/badge/python-3.12+-blue)](https://github.com/ProvablyAI/sourcerykit/blob/main/pyproject.toml)
57
+ [![license: Proprietary](https://img.shields.io/badge/license-Proprietary-red)](https://github.com/ProvablyAI/sourcerykit/blob/main/LICENSE.md)
58
+
59
+ </div>
60
+
61
+ SourceryKit is the Python SDK for [Provably](https://provably.ai). It provides verifiable guardrails for AI agents by automatically recording outbound HTTP calls, enforcing endpoint policies, and checking your agent's claims against a source of truth—all before any request leaves your process.
62
+
63
+ ---
64
+
65
+ > [!IMPORTANT]
66
+ > Upgrading the SDK from v0.2 to v1.0? See the [v1.0 migration guide](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/migrations/v1_0/v1_0.md).
67
+
68
+
69
+ ## How Does It Work?
70
+
71
+ SourceryKit handles policy enforcement and logging right inside your agent's normal workflow:
72
+
73
+
74
+ ```mermaid
75
+ flowchart TD
76
+ Agent([Agent]) -->|Initializes| Bootstrap[Bootstrap System]
77
+ Bootstrap -->|Configures| Interceptor[HTTP Interceptor]
78
+ Bootstrap -->|Registers| TrustedEndpoints[(Trusted Endpoints)]
79
+
80
+ Agent -->|Outbound HTTP| Interceptor
81
+ Interceptor -->|Validates against| TrustedEndpoints
82
+ Interceptor -->|Logs to| Intercepts[(Intercepts Table)]
83
+
84
+ Agent -->|Submits| Handoff[Handoff Payload]
85
+ Handoff -->|Verified by| Evaluator[Evaluator]
86
+ Evaluator -->|Queries records| Provably[Provably Backend]
87
+ Provably -->|Generates proofs from| Intercepts
88
+ Evaluator -->|Returns Verdict| Agent
89
+ ```
90
+
91
+ ### The Pieces
92
+
93
+ - **HTTP Interceptor**: Patches your HTTP libraries to watch and log outbound calls, blocking untrusted requests on the spot.
94
+ - **Trusted Endpoints**: A database allow-list of approved destinations for your agent.
95
+ - **Intercepts Table**: An append-only DB table that logs every request and response for auditing.
96
+ - **SourceryKitAgentResponse**: A Pydantic model used as the structured response_format for your agent. Enforces a typed response contract with a `claimed_values` list of extracted values.
97
+ - **Handoff Payload**: A clean data bundle containing the claims your agent is making about its external actions.
98
+ - **Evaluator**: Compares the handoff payload against records in the Provably backend to give you a clear verdict.
99
+ - **Provably Backend**: The source of truth that turns your local intercepts into anchored verification proofs.
100
+
101
+
102
+ ## Quick Example
103
+ Here is how to bootstrap the system, run an intercepted request, build a payload, and check if everything passes validation:
104
+
105
+ ```python
106
+ import uuid
107
+ import httpx
108
+ import sourcerykit
109
+ from agents import Agent, Runner
110
+ from sourcerykit import SourceryKitAgentResponse
111
+
112
+ async def run_verifiable_agent():
113
+ # 1. Fire up the system
114
+ await sourcerykit.bootstrap_system()
115
+
116
+ # 2. Tell the registry which URL is allowed
117
+ await sourcerykit.insert_trusted_endpoint(url="https://api.example.com/data")
118
+
119
+ # 3. Make a network call inside an intercept context
120
+ async with sourcerykit.async_intercept_context(agent_id="demo-agent", action_name="get_data"):
121
+ async with httpx.AsyncClient() as client:
122
+ response = await client.get(
123
+ "https://api.example.com/data",
124
+ params={"query": "example_parameter"}
125
+ )
126
+ response.raise_for_status()
127
+
128
+ # 4. Configure your agent with SourceryKitAgentResponse as the structured output type
129
+ # and run it. Each framework exposes the typed result differently, but the output
130
+ # is always a SourceryKitAgentResponse with `claimed_values`.
131
+ # Pass the keyword argument supported by your framework, e.g.:
132
+ # output_type=SourceryKitAgentResponse (OpenAI Agents SDK)
133
+ # response_format=SourceryKitAgentResponse (LangChain)
134
+ prompt = You are a helpful assistant.
135
+ agent = Agent(
136
+ name="demo-agent",
137
+ instructions=prompt,
138
+ tools=[...],
139
+ model=MODEL_NAME,
140
+ output_type=SourceryKitAgentResponse,
141
+ )
142
+ result = await Runner.run(agent, prompt)
143
+ final_output: SourceryKitAgentResponse = result.final_output
144
+
145
+ # 5. Build the handoff payload from the agent's structured output
146
+ payload_data = {
147
+ "reasoning": final_output.reasoning,
148
+ "claims": [
149
+ {
150
+ "action_name": "get_data",
151
+ "claimed_value": final_output.claimed_values,
152
+ "verification_mode": "field_extraction",
153
+ }
154
+ ],
155
+ }
156
+
157
+ payload = await sourcerykit.build_handoff_payload(
158
+ payload_data,
159
+ run_id=uuid.uuid4(),
160
+ prompt=prompt,
161
+ intercept_agent_id="demo-agent",
162
+ )
163
+
164
+ # 6. Ask the evaluator for a verdict
165
+ result = await sourcerykit.evaluate_handoff(payload=payload)
166
+ print(f"Evaluation Outcome: {result.get('outcome')}") # PASS, CAUGHT, or ERROR
167
+ ```
168
+
169
+ ## Installation
170
+
171
+ SourceryKit requires **Python 3.12+**. You can grab it directly from source:
172
+
173
+ ```bash
174
+ git clone git@github.com:ProvablyAI/sourcerykit.git
175
+ pip install -e ./sourcerykit
176
+ ```
177
+
178
+ Or install it directly via pip:
179
+
180
+ ```bash
181
+ pip install sourcerykit
182
+ ```
183
+
184
+
185
+ ## Configuration
186
+ To get things running, SourceryKit must be configured with your project variables. The interactive CLI handles account provisioning, organization workspace initialization, database validation, and persists credentials globally (OS application folder) and locally (project `.env`).
187
+
188
+ ```bash
189
+ sourcerykit init
190
+ ```
191
+
192
+ The wizard will guide you through:
193
+ - **Account Setup & Authorization**: Create a new account or log into an existing one, and select your organization workspace.
194
+ - **API Key Generation**: Automatically fetch your SDK API-KEY from your account profile.
195
+ - **Database Handshake**: Enter your database details, test the connection, and ensure it's accessible.
196
+ - **Save Config**: Automatically write your credentials and tokens straight to a local .env file.
197
+
198
+ > [!IMPORTANT]
199
+ > The wizard only configures **SOURCERYKIT_*** variables. It does **not** handle third-party LLM provider infrastructure keys, which must still be exported separately.
200
+
201
+ For a full list of environment variables, see [.env.example](https://github.com/ProvablyAI/sourcerykit/blob/main/.env.example).
202
+
203
+ For a full list of CLI commands, run:
204
+ ```bash
205
+ sourcerykit --help
206
+ ```
207
+
208
+ ## More Docs
209
+ Want to dig into the details? Check out the specific guides:
210
+
211
+ - [Architecture Overview](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/architecture.md)
212
+ - [HTTP Interception](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/intercept.md)
213
+ - [Managing Trusted Endpoints](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/trusted-endpoints.md)
214
+ - [Handoff Contracts & Evaluation](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/handoff.md)
215
+
216
+
217
+ ## Contributing
218
+ We welcome fixes, features, and doc updates! Check out [CONTRIBUTING.md](https://github.com/ProvablyAI/sourcerykit/blob/main/CONTRIBUTING.md) to see how to run tests and open up a pull request.
219
+
220
+ ## License
221
+
222
+ This project is licensed under the [Business Source License 1.1](https://github.com/ProvablyAI/sourcerykit/blob/main/LICENSE.md).
223
+
224
+ - Copyright © 2026 Provably Technologies LTD
225
+ - You may not offer the Software as a commercial hosted service without purchasing a commercial license from [Provably Technologies Ltd](https://provably.ai).
226
+ - On 2029-05-07, the license will automatically convert to GPL-3.0-or-later.
227
+
228
+ See the [LICENSE](https://github.com/ProvablyAI/sourcerykit/blob/main/LICENSE.md) file for full terms and details.
@@ -0,0 +1,180 @@
1
+ <div align="center">
2
+ <img src="https://github.com/ProvablyAI/sourcerykit/blob/main/docs/logo.svg" alt="SourceryKit" width="280" />
3
+ </div>
4
+
5
+ <div align="center">
6
+
7
+ [![status: v1.0.0b1](https://img.shields.io/badge/status-v1.0.0b1-blue)](https://github.com/ProvablyAI/sourcerykit/blob/main/CHANGELOG.md)
8
+ [![python: 3.12+](https://img.shields.io/badge/python-3.12+-blue)](https://github.com/ProvablyAI/sourcerykit/blob/main/pyproject.toml)
9
+ [![license: Proprietary](https://img.shields.io/badge/license-Proprietary-red)](https://github.com/ProvablyAI/sourcerykit/blob/main/LICENSE.md)
10
+
11
+ </div>
12
+
13
+ SourceryKit is the Python SDK for [Provably](https://provably.ai). It provides verifiable guardrails for AI agents by automatically recording outbound HTTP calls, enforcing endpoint policies, and checking your agent's claims against a source of truth—all before any request leaves your process.
14
+
15
+ ---
16
+
17
+ > [!IMPORTANT]
18
+ > Upgrading the SDK from v0.2 to v1.0? See the [v1.0 migration guide](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/migrations/v1_0/v1_0.md).
19
+
20
+
21
+ ## How Does It Work?
22
+
23
+ SourceryKit handles policy enforcement and logging right inside your agent's normal workflow:
24
+
25
+
26
+ ```mermaid
27
+ flowchart TD
28
+ Agent([Agent]) -->|Initializes| Bootstrap[Bootstrap System]
29
+ Bootstrap -->|Configures| Interceptor[HTTP Interceptor]
30
+ Bootstrap -->|Registers| TrustedEndpoints[(Trusted Endpoints)]
31
+
32
+ Agent -->|Outbound HTTP| Interceptor
33
+ Interceptor -->|Validates against| TrustedEndpoints
34
+ Interceptor -->|Logs to| Intercepts[(Intercepts Table)]
35
+
36
+ Agent -->|Submits| Handoff[Handoff Payload]
37
+ Handoff -->|Verified by| Evaluator[Evaluator]
38
+ Evaluator -->|Queries records| Provably[Provably Backend]
39
+ Provably -->|Generates proofs from| Intercepts
40
+ Evaluator -->|Returns Verdict| Agent
41
+ ```
42
+
43
+ ### The Pieces
44
+
45
+ - **HTTP Interceptor**: Patches your HTTP libraries to watch and log outbound calls, blocking untrusted requests on the spot.
46
+ - **Trusted Endpoints**: A database allow-list of approved destinations for your agent.
47
+ - **Intercepts Table**: An append-only DB table that logs every request and response for auditing.
48
+ - **SourceryKitAgentResponse**: A Pydantic model used as the structured response_format for your agent. Enforces a typed response contract with a `claimed_values` list of extracted values.
49
+ - **Handoff Payload**: A clean data bundle containing the claims your agent is making about its external actions.
50
+ - **Evaluator**: Compares the handoff payload against records in the Provably backend to give you a clear verdict.
51
+ - **Provably Backend**: The source of truth that turns your local intercepts into anchored verification proofs.
52
+
53
+
54
+ ## Quick Example
55
+ Here is how to bootstrap the system, run an intercepted request, build a payload, and check if everything passes validation:
56
+
57
+ ```python
58
+ import uuid
59
+ import httpx
60
+ import sourcerykit
61
+ from agents import Agent, Runner
62
+ from sourcerykit import SourceryKitAgentResponse
63
+
64
+ async def run_verifiable_agent():
65
+ # 1. Fire up the system
66
+ await sourcerykit.bootstrap_system()
67
+
68
+ # 2. Tell the registry which URL is allowed
69
+ await sourcerykit.insert_trusted_endpoint(url="https://api.example.com/data")
70
+
71
+ # 3. Make a network call inside an intercept context
72
+ async with sourcerykit.async_intercept_context(agent_id="demo-agent", action_name="get_data"):
73
+ async with httpx.AsyncClient() as client:
74
+ response = await client.get(
75
+ "https://api.example.com/data",
76
+ params={"query": "example_parameter"}
77
+ )
78
+ response.raise_for_status()
79
+
80
+ # 4. Configure your agent with SourceryKitAgentResponse as the structured output type
81
+ # and run it. Each framework exposes the typed result differently, but the output
82
+ # is always a SourceryKitAgentResponse with `claimed_values`.
83
+ # Pass the keyword argument supported by your framework, e.g.:
84
+ # output_type=SourceryKitAgentResponse (OpenAI Agents SDK)
85
+ # response_format=SourceryKitAgentResponse (LangChain)
86
+ prompt = You are a helpful assistant.
87
+ agent = Agent(
88
+ name="demo-agent",
89
+ instructions=prompt,
90
+ tools=[...],
91
+ model=MODEL_NAME,
92
+ output_type=SourceryKitAgentResponse,
93
+ )
94
+ result = await Runner.run(agent, prompt)
95
+ final_output: SourceryKitAgentResponse = result.final_output
96
+
97
+ # 5. Build the handoff payload from the agent's structured output
98
+ payload_data = {
99
+ "reasoning": final_output.reasoning,
100
+ "claims": [
101
+ {
102
+ "action_name": "get_data",
103
+ "claimed_value": final_output.claimed_values,
104
+ "verification_mode": "field_extraction",
105
+ }
106
+ ],
107
+ }
108
+
109
+ payload = await sourcerykit.build_handoff_payload(
110
+ payload_data,
111
+ run_id=uuid.uuid4(),
112
+ prompt=prompt,
113
+ intercept_agent_id="demo-agent",
114
+ )
115
+
116
+ # 6. Ask the evaluator for a verdict
117
+ result = await sourcerykit.evaluate_handoff(payload=payload)
118
+ print(f"Evaluation Outcome: {result.get('outcome')}") # PASS, CAUGHT, or ERROR
119
+ ```
120
+
121
+ ## Installation
122
+
123
+ SourceryKit requires **Python 3.12+**. You can grab it directly from source:
124
+
125
+ ```bash
126
+ git clone git@github.com:ProvablyAI/sourcerykit.git
127
+ pip install -e ./sourcerykit
128
+ ```
129
+
130
+ Or install it directly via pip:
131
+
132
+ ```bash
133
+ pip install sourcerykit
134
+ ```
135
+
136
+
137
+ ## Configuration
138
+ To get things running, SourceryKit must be configured with your project variables. The interactive CLI handles account provisioning, organization workspace initialization, database validation, and persists credentials globally (OS application folder) and locally (project `.env`).
139
+
140
+ ```bash
141
+ sourcerykit init
142
+ ```
143
+
144
+ The wizard will guide you through:
145
+ - **Account Setup & Authorization**: Create a new account or log into an existing one, and select your organization workspace.
146
+ - **API Key Generation**: Automatically fetch your SDK API-KEY from your account profile.
147
+ - **Database Handshake**: Enter your database details, test the connection, and ensure it's accessible.
148
+ - **Save Config**: Automatically write your credentials and tokens straight to a local .env file.
149
+
150
+ > [!IMPORTANT]
151
+ > The wizard only configures **SOURCERYKIT_*** variables. It does **not** handle third-party LLM provider infrastructure keys, which must still be exported separately.
152
+
153
+ For a full list of environment variables, see [.env.example](https://github.com/ProvablyAI/sourcerykit/blob/main/.env.example).
154
+
155
+ For a full list of CLI commands, run:
156
+ ```bash
157
+ sourcerykit --help
158
+ ```
159
+
160
+ ## More Docs
161
+ Want to dig into the details? Check out the specific guides:
162
+
163
+ - [Architecture Overview](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/architecture.md)
164
+ - [HTTP Interception](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/intercept.md)
165
+ - [Managing Trusted Endpoints](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/trusted-endpoints.md)
166
+ - [Handoff Contracts & Evaluation](https://github.com/ProvablyAI/sourcerykit/blob/main/docs/handoff.md)
167
+
168
+
169
+ ## Contributing
170
+ We welcome fixes, features, and doc updates! Check out [CONTRIBUTING.md](https://github.com/ProvablyAI/sourcerykit/blob/main/CONTRIBUTING.md) to see how to run tests and open up a pull request.
171
+
172
+ ## License
173
+
174
+ This project is licensed under the [Business Source License 1.1](https://github.com/ProvablyAI/sourcerykit/blob/main/LICENSE.md).
175
+
176
+ - Copyright © 2026 Provably Technologies LTD
177
+ - You may not offer the Software as a commercial hosted service without purchasing a commercial license from [Provably Technologies Ltd](https://provably.ai).
178
+ - On 2029-05-07, the license will automatically convert to GPL-3.0-or-later.
179
+
180
+ See the [LICENSE](https://github.com/ProvablyAI/sourcerykit/blob/main/LICENSE.md) file for full terms and details.
@@ -0,0 +1,49 @@
1
+ # Claude Agent SDK
2
+ This example demonstrates how to integrate SourceryKit with the [Claude Agent SDK](https://github.com/anthropics/claude-agent-sdk-python). It showcases automated intercept capture, target endpoint allow-list constraints, and runtime evaluation loops inside a structured agent execution flow.
3
+
4
+ ## How It Works
5
+ 1. **HTTP Interception**: The `bootstrap_system()` hook dynamically monitors outbound `httpx` calls, ensuring that network operations generated within the agent tool loop (`get_current_temperature_london`) are securely logged to your database intercepts table.
6
+ 2. **All-Method Trust Gate**: SourceryKit enforces structural target validation checks against your external network endpoints. The external weather lookup endpoint (`api.open-meteo.com`) is explicitly registered via policy seeds (`insert_trusted_endpoint`) before execution.
7
+ 3. **Automated Handoff & Evaluation**: Captured network states are bundled alongside the agent's structured `SourceryKitAgentResponse` output. The agent is configured with `output_format={"type": "json_schema", "schema": SourceryKitAgentResponse.model_json_schema()}`, which enforces a typed contract—the LLM returns a `reasoning` string and a `claimed_values` list of `ClaimedValue` objects (each with a JSONPath `path` and extracted string `value`). These `claimed_values` are passed as the `claimed_value` field in the handoff payload and submitted to `evaluate_handoff` to verify data integrity and catch hallucinations.
8
+
9
+
10
+ ## Environment Configuration
11
+ Before running the agent, run the interactive setup wizard to configure your SourceryKit project variables automatically:
12
+
13
+ ```bash
14
+ sourcerykit init
15
+ ```
16
+
17
+ > [!IMPORTANT]
18
+ > The wizard only configures **SOURCERYKIT_*** variables. It does **not** configure your LLM provider infrastructure keys (like `MODEL_NAME` or `ANTHROPIC_API_KEY`). Those must still be set up separately in your environment.
19
+
20
+ You will also need to set these LLM-provider variables manually:
21
+
22
+ | Variable | Required | Description |
23
+ |---|---|---|
24
+ | `MODEL_NAME` | **yes** | Targeted model architecture identifier string passed to create_agent (e.g., `claude-haiku-4-5`). |
25
+ | `ANTHROPIC_API_KEY` | **yes** | API authentication token. |
26
+
27
+ ---
28
+
29
+ ## Execution
30
+
31
+ 1. Install the SDK package:
32
+ ```bash
33
+ pip install sourcerykit claude-agent-sdk python-dotenv httpx pydantic
34
+ ```
35
+ 2. Export your LLM-provider keys into your current shell or place them in a local `.env` file:
36
+ ```bash
37
+ export MODEL_NAME="claude-haiku-4-5"
38
+ export ANTHROPIC_API_KEY="sk-ant-..."
39
+ ```
40
+ 3. Run the example:
41
+ ```bash
42
+ # Standard Validation
43
+ python agent_run.py
44
+
45
+ # or
46
+
47
+ # Hallucination Simulation
48
+ python agent_run.py --tamper
49
+ ```