veto 0.1.0__tar.gz

veto-0.1.0/.gitignore

@@ -0,0 +1,64 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+*.egg
+MANIFEST
+
+# Virtual environments
+venv/
+.venv/
+ENV/
+env/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Environment files
+.env
+.env.local
+.env.*.local
+
+# Testing
+.pytest_cache/
+.coverage
+htmlcov/
+.tox/
+.nox/
+
+# Type checking
+.mypy_cache/
+.pytype/
+
+# Logs
+*.log
+
+# Demo specific
+demo/.env

veto-0.1.0/PKG-INFO

@@ -0,0 +1,192 @@
+Metadata-Version: 2.4
+Name: veto
+Version: 0.1.0
+Summary: A guardrail system that intercepts and validates AI agent tool calls
+License-Expression: MIT
+Keywords: agent,ai,anthropic,gemini,guardrail,llm,openai,safety,tool-calls
+Requires-Python: >=3.10
+Requires-Dist: aiohttp>=3.8.0
+Requires-Dist: pyyaml>=6.0
+Provides-Extra: all
+Requires-Dist: anthropic>=0.20.0; extra == 'all'
+Requires-Dist: google-genai>=1.0.0; extra == 'all'
+Requires-Dist: openai>=1.0.0; extra == 'all'
+Provides-Extra: anthropic
+Requires-Dist: anthropic>=0.20.0; extra == 'anthropic'
+Provides-Extra: dev
+Requires-Dist: mypy>=1.0.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.21.0; extra == 'dev'
+Requires-Dist: pytest>=7.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.4.0; extra == 'dev'
+Requires-Dist: types-pyyaml>=6.0.0; extra == 'dev'
+Provides-Extra: gemini
+Requires-Dist: google-genai>=1.0.0; extra == 'gemini'
+Provides-Extra: openai
+Requires-Dist: openai>=1.0.0; extra == 'openai'
+Description-Content-Type: text/markdown
+
+# Veto
+
+A guardrail system for AI agent tool calls. Veto intercepts and validates tool calls made by AI models before execution.
+
+## How It Works
+
+1. **Initialize** Veto.
+2. **Wrap** your tools using `veto.wrap()`.
+3. **Pass** the wrapped tools to your AI agent/model.
+
+When the AI model calls a tool, Veto automatically:
+1. Intercepts the call.
+2. Validates arguments against your rules (via YAML & LLM).
+3. Blocks or Allows execution based on the result.
+
+The AI model remains unaware of the guardrail - the tool interface is preserved.
+
+## Installation
+
+```bash
+pip install veto
+```
+
+For LLM provider support:
+```bash
+pip install veto[openai]      # OpenAI support
+pip install veto[anthropic]   # Anthropic support
+pip install veto[gemini]      # Google Gemini support
+pip install veto[all]         # All providers
+```
+
+## Quick Start
+
+### 1. Initialize Veto
+
+Run the CLI to create configuration:
+```bash
+veto init
+```
+This creates a `veto/` directory with `veto.config.yaml` and default rules.
+
+### 2. Wrap Your Tools
+
+```python
+from veto import Veto
+
+# 1. Define your tools normally
+my_tools = [
+    {"name": "my_tool", "handler": my_handler, ...},
+    # ...
+]
+
+# 2. Initialize Veto
+veto = await Veto.init()
+
+# 3. Wrap tools (Validation logic is injected)
+wrapped_tools = veto.wrap(my_tools)
+
+# 4. Pass to your Agent/LLM
+agent = create_agent(
+    tools=wrapped_tools,
+    # ...
+)
+```
+
+### 3. Configure Rules
+
+Edit `veto/rules/financial.yaml` (example):
+
+```yaml
+rules:
+  - id: limit-transfers
+    name: Limit large transfers
+    action: block
+    tools:
+      - transfer_funds
+    conditions:
+      - field: arguments.amount
+        operator: greater_than
+        value: 1000
+```
+
+## Configuration
+
+### veto.config.yaml
+
+```yaml
+version: "1.0"
+
+# Operating mode
+mode: "strict"  # "strict" blocks calls, "log" only logs them
+
+# Validation Backend
+validation:
+  mode: "custom" # "api" or "custom"
+
+# Custom Provider (if mode is custom)
+custom:
+  provider: "gemini" # or openai, anthropic
+  model: "gemini-3-flash-preview"
+
+# Logging
+logging:
+  level: "info"
+
+# Rules
+rules:
+  directory: "./rules"
+  recursive: true
+```
+
+## API Reference
+
+### `Veto.init(options?)`
+
+Initialize Veto. Loads configuration from `./veto` by default.
+
+```python
+veto = await Veto.init()
+```
+
+### `veto.wrap(tools)`
+
+Wraps an array of tools. The returned tools have Veto validation injected into their execution handler.
+
+```python
+wrapped_tools = veto.wrap(my_tools)
+```
+
+### `veto.wrap_tool(tool)`
+
+Wraps a single tool instance.
+
+```python
+safe_tool = veto.wrap_tool(my_tool)
+```
+
+### `veto.get_history_stats()`
+
+Returns statistics about allowed vs blocked calls.
+
+```python
+stats = veto.get_history_stats()
+print(stats)
+# {"total_calls": 5, "allowed_calls": 4, "denied_calls": 1, ...}
+```
+
+### `veto.clear_history()`
+
+Resets the history statistics.
+
+```python
+veto.clear_history()
+```
+
+## CLI Commands
+
+| Command | Description |
+|---------|-------------|
+| `veto init` | Initialize Veto in current directory |
+| `veto version` | Show version |
+
+## License
+
+MIT

veto-0.1.0/README.md

@@ -0,0 +1,165 @@
+# Veto
+
+A guardrail system for AI agent tool calls. Veto intercepts and validates tool calls made by AI models before execution.
+
+## How It Works
+
+1. **Initialize** Veto.
+2. **Wrap** your tools using `veto.wrap()`.
+3. **Pass** the wrapped tools to your AI agent/model.
+
+When the AI model calls a tool, Veto automatically:
+1. Intercepts the call.
+2. Validates arguments against your rules (via YAML & LLM).
+3. Blocks or Allows execution based on the result.
+
+The AI model remains unaware of the guardrail - the tool interface is preserved.
+
+## Installation
+
+```bash
+pip install veto
+```
+
+For LLM provider support:
+```bash
+pip install veto[openai]      # OpenAI support
+pip install veto[anthropic]   # Anthropic support
+pip install veto[gemini]      # Google Gemini support
+pip install veto[all]         # All providers
+```
+
+## Quick Start
+
+### 1. Initialize Veto
+
+Run the CLI to create configuration:
+```bash
+veto init
+```
+This creates a `veto/` directory with `veto.config.yaml` and default rules.
+
+### 2. Wrap Your Tools
+
+```python
+from veto import Veto
+
+# 1. Define your tools normally
+my_tools = [
+    {"name": "my_tool", "handler": my_handler, ...},
+    # ...
+]
+
+# 2. Initialize Veto
+veto = await Veto.init()
+
+# 3. Wrap tools (Validation logic is injected)
+wrapped_tools = veto.wrap(my_tools)
+
+# 4. Pass to your Agent/LLM
+agent = create_agent(
+    tools=wrapped_tools,
+    # ...
+)
+```
+
+### 3. Configure Rules
+
+Edit `veto/rules/financial.yaml` (example):
+
+```yaml
+rules:
+  - id: limit-transfers
+    name: Limit large transfers
+    action: block
+    tools:
+      - transfer_funds
+    conditions:
+      - field: arguments.amount
+        operator: greater_than
+        value: 1000
+```
+
+## Configuration
+
+### veto.config.yaml
+
+```yaml
+version: "1.0"
+
+# Operating mode
+mode: "strict"  # "strict" blocks calls, "log" only logs them
+
+# Validation Backend
+validation:
+  mode: "custom" # "api" or "custom"
+
+# Custom Provider (if mode is custom)
+custom:
+  provider: "gemini" # or openai, anthropic
+  model: "gemini-3-flash-preview"
+
+# Logging
+logging:
+  level: "info"
+
+# Rules
+rules:
+  directory: "./rules"
+  recursive: true
+```
+
+## API Reference
+
+### `Veto.init(options?)`
+
+Initialize Veto. Loads configuration from `./veto` by default.
+
+```python
+veto = await Veto.init()
+```
+
+### `veto.wrap(tools)`
+
+Wraps an array of tools. The returned tools have Veto validation injected into their execution handler.
+
+```python
+wrapped_tools = veto.wrap(my_tools)
+```
+
+### `veto.wrap_tool(tool)`
+
+Wraps a single tool instance.
+
+```python
+safe_tool = veto.wrap_tool(my_tool)
+```
+
+### `veto.get_history_stats()`
+
+Returns statistics about allowed vs blocked calls.
+
+```python
+stats = veto.get_history_stats()
+print(stats)
+# {"total_calls": 5, "allowed_calls": 4, "denied_calls": 1, ...}
+```
+
+### `veto.clear_history()`
+
+Resets the history statistics.
+
+```python
+veto.clear_history()
+```
+
+## CLI Commands
+
+| Command | Description |
+|---------|-------------|
+| `veto init` | Initialize Veto in current directory |
+| `veto version` | Show version |
+
+## License
+
+MIT

veto-0.1.0/examples/devops-pipeline/.env.example

@@ -0,0 +1,2 @@
+# Required: Gemini API key for LLM validation
+GEMINI_API_KEY=your-gemini-api-key-here

veto-0.1.0/examples/devops-pipeline/.gitignore

@@ -0,0 +1,30 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Virtual environments
+venv/
+.venv/
+ENV/
+
+# Environment files
+.env
+.env.local
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Testing
+.pytest_cache/
+.coverage
+
+# Logs
+*.log

veto-0.1.0/examples/devops-pipeline/README.md

@@ -0,0 +1,49 @@
+# DevOps Pipeline Agent Example
+
+CI/CD pipeline automation agent with Veto guardrails protecting production deployments.
+
+## Use Case
+
+DevOps teams use AI agents to automate infrastructure operations. Without guardrails, agents could:
+- Deploy to production without approval
+- Run destructive commands on servers
+- Access sensitive credentials
+
+Veto validates every operation against security policies.
+
+## Features Demonstrated
+
+- **Strict mode** — Blocks production deployments
+- **Environment protection** — Staging allowed, production blocked
+- **Safe rollbacks** — Always permitted for incident response
+
+## Setup
+
+1. Create virtual environment:
+```bash
+python -m venv venv
+source venv/bin/activate  # On Windows: venv\Scripts\activate
+```
+
+2. Install dependencies:
+```bash
+pip install -r requirements.txt
+```
+
+3. Configure environment:
+```bash
+cp .env.example .env
+# Edit .env with your GEMINI_API_KEY
+```
+
+4. Run the agent:
+```bash
+python devops_pipeline_agent.py
+```
+
+## Veto Rules
+
+See `veto/rules/deployments.yaml`:
+- Blocks production deployments
+- Allows staging deployments
+- Always allows rollback and monitoring operations