Metadata-Version: 2.4
Name: quint-agent
Version: 0.2.0
Summary: Behavioral telemetry and policy enforcement for AI agents
Project-URL: Homepage, https://quintai.dev/agent-sdk
Project-URL: Repository, https://github.com/Quint-Security/quint-agent-py
Project-URL: Documentation, https://docs.quintai.dev/agent-sdk
Author-email: Quint Security <team@quintai.dev>
License-Expression: Apache-2.0
License-File: LICENSE
Keywords: agents,ai,llm,observability,security
Classifier: Development Status :: 3 - Alpha
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Requires-Python: >=3.10
Requires-Dist: httpx>=0.27
Requires-Dist: pydantic>=2.5
Requires-Dist: pyyaml>=6.0
Requires-Dist: typing-extensions>=4.10
Provides-Extra: all
Requires-Dist: anthropic>=0.40; extra == 'all'
Requires-Dist: langchain-core>=0.3; extra == 'all'
Requires-Dist: langgraph>=0.2; extra == 'all'
Requires-Dist: mcp>=1.0; extra == 'all'
Requires-Dist: openai-agents>=0.0.10; extra == 'all'
Requires-Dist: openinference-instrumentation-anthropic>=0.1; extra == 'all'
Requires-Dist: openinference-instrumentation-crewai>=0.1; extra == 'all'
Requires-Dist: openinference-instrumentation-langchain>=0.1; extra == 'all'
Requires-Dist: openinference-instrumentation-llama-index>=0.1; extra == 'all'
Requires-Dist: openinference-instrumentation-openai>=0.1; extra == 'all'
Requires-Dist: opentelemetry-api>=1.20; extra == 'all'
Requires-Dist: opentelemetry-sdk>=1.20; extra == 'all'
Provides-Extra: anthropic
Requires-Dist: anthropic>=0.40; extra == 'anthropic'
Provides-Extra: dev
Requires-Dist: mypy>=1.10; extra == 'dev'
Requires-Dist: pytest-asyncio>=0.23; extra == 'dev'
Requires-Dist: pytest-cov>=5.0; extra == 'dev'
Requires-Dist: pytest-httpx>=0.30; extra == 'dev'
Requires-Dist: pytest>=8.0; extra == 'dev'
Requires-Dist: respx>=0.21; extra == 'dev'
Requires-Dist: ruff>=0.6; extra == 'dev'
Provides-Extra: langchain
Requires-Dist: langchain-core>=0.3; extra == 'langchain'
Provides-Extra: langgraph
Requires-Dist: langgraph>=0.2; extra == 'langgraph'
Provides-Extra: mcp
Requires-Dist: mcp>=1.0; extra == 'mcp'
Provides-Extra: openai
Requires-Dist: openai-agents>=0.0.10; extra == 'openai'
Provides-Extra: otel
Requires-Dist: opentelemetry-api>=1.20; extra == 'otel'
Requires-Dist: opentelemetry-sdk>=1.20; extra == 'otel'
Provides-Extra: otel-all
Requires-Dist: openinference-instrumentation-anthropic>=0.1; extra == 'otel-all'
Requires-Dist: openinference-instrumentation-crewai>=0.1; extra == 'otel-all'
Requires-Dist: openinference-instrumentation-langchain>=0.1; extra == 'otel-all'
Requires-Dist: openinference-instrumentation-llama-index>=0.1; extra == 'otel-all'
Requires-Dist: openinference-instrumentation-openai>=0.1; extra == 'otel-all'
Requires-Dist: opentelemetry-api>=1.20; extra == 'otel-all'
Requires-Dist: opentelemetry-sdk>=1.20; extra == 'otel-all'
Provides-Extra: otel-anthropic
Requires-Dist: openinference-instrumentation-anthropic>=0.1; extra == 'otel-anthropic'
Requires-Dist: opentelemetry-api>=1.20; extra == 'otel-anthropic'
Requires-Dist: opentelemetry-sdk>=1.20; extra == 'otel-anthropic'
Provides-Extra: otel-langchain
Requires-Dist: openinference-instrumentation-langchain>=0.1; extra == 'otel-langchain'
Requires-Dist: opentelemetry-api>=1.20; extra == 'otel-langchain'
Requires-Dist: opentelemetry-sdk>=1.20; extra == 'otel-langchain'
Provides-Extra: otel-openai
Requires-Dist: openinference-instrumentation-openai>=0.1; extra == 'otel-openai'
Requires-Dist: opentelemetry-api>=1.20; extra == 'otel-openai'
Requires-Dist: opentelemetry-sdk>=1.20; extra == 'otel-openai'
Description-Content-Type: text/markdown

# quint-agent

> Behavioral telemetry and policy enforcement for AI agents.

[![PyPI](https://img.shields.io/pypi/v/quint-agent)](https://pypi.org/project/quint-agent/)
[![CI](https://github.com/Quint-Security/quint-agent-py/actions/workflows/ci.yml/badge.svg)](https://github.com/Quint-Security/quint-agent-py/actions/workflows/ci.yml)
[![License: Apache 2.0](https://img.shields.io/badge/license-Apache%202.0-blue)](LICENSE)

Capture every prompt, tool call, and tool result from your AI agents.
Enforce YAML-defined policy at the tool-call boundary. Stream telemetry to the Quint cloud for behavioral analysis and divergence detection.

## Install

```bash
pip install quint-agent
```

With auto-instrumentation (zero code change):

```bash
pip install 'quint-agent[otel-openai]'     # auto-capture OpenAI calls
pip install 'quint-agent[otel-anthropic]'   # auto-capture Anthropic calls
pip install 'quint-agent[otel-langchain]'   # auto-capture LangChain chains
pip install 'quint-agent[otel-all]'         # all frameworks
```

With framework integrations:

```bash
pip install 'quint-agent[anthropic]'   # guarded_dispatch for Anthropic
pip install 'quint-agent[langchain]'   # QuintCallbackHandler
pip install 'quint-agent[mcp]'         # QuintMCPClient
pip install 'quint-agent[all]'         # everything
```

## Zero-code observability (2 lines)

```python
import quint_agent

quint_agent.init(api_key="qak_...")
# That's it. Every OpenAI/Anthropic/LangChain call is auto-captured.
```

If OTel instrumentors are installed (`[otel-openai]`, `[otel-anthropic]`, etc.), `quint.init()` auto-detects and instruments them. No decorators, no callbacks, no code changes.

## @quint.guard — policy enforcement

```python
import quint_agent

quint_agent.init(api_key="qak_...")

@quint_agent.guard()
def read_file(path: str) -> str:
    return open(path).read()

@quint_agent.guard()
def run_command(cmd: str) -> str:
    import subprocess
    return subprocess.check_output(cmd, shell=True, text=True)

read_file(path="/etc/hosts")        # allowed — captured to cloud
read_file(path="/home/me/.env")     # blocked — ToolBlockedError
```

## Anthropic integration

```python
import anthropic
import quint_agent
from quint_agent.integrations.anthropic import guarded_dispatch

quint_agent.init(api_key="qak_...")

tools_map = {"read_file": read_file}
client = anthropic.Anthropic()
response = client.messages.create(
    model="claude-sonnet-4-6",
    max_tokens=1024,
    tools=[{"name": "read_file", "description": "Read a file", "input_schema": {
        "type": "object", "properties": {"path": {"type": "string"}}, "required": ["path"]
    }}],
    messages=[{"role": "user", "content": "Read /etc/passwd"}],
)

for block in response.content:
    if block.type == "tool_use":
        result = guarded_dispatch(block.name, block.input, tools_map)
```

## LangChain

```python
from quint_agent.integrations.langchain import QuintCallbackHandler

chain.invoke({"input": "..."}, config={"callbacks": [QuintCallbackHandler()]})
```

## MCP

```python
from quint_agent.integrations.mcp import QuintMCPClient

async with mcp_client() as session:
    guarded = QuintMCPClient(session)
    result = await guarded.call_tool("read_file", {"path": "/x"})
```

## Custom policy

```yaml
# my_policy.yaml
rules:
  - name: no_prod_db
    action: block
    reason: "Production database access not allowed"
    when:
      - op: equals
        path: tool_name
        value: execute_sql
      - op: contains
        path: args.connection
        value: prod
```

```python
quint_agent.init(api_key="qak_...", policy="my_policy.yaml")
```

## Default policy

Ships with 4 rules out of the box:
- Block `.env` file reads
- Block AWS credentials access
- Escalate on `secrets/` directory reads
- Block destructive shell commands (`rm -rf /`)

Override by passing your own policy to `quint.init(policy=...)`.

## Docs

Full documentation at [docs.quintai.dev/sdk](https://docs.quintai.dev/sdk/overview).

## License

Apache 2.0 — see [LICENSE](LICENSE).

Built by [Quint Security](https://quintai.dev).
