Metadata-Version: 2.4
Name: agentshield-runtime
Version: 0.1.0
Summary: Runtime security guardrails for AI agents — inspect, control, and audit every tool call. Zero-dependency local mode included.
Project-URL: Homepage, https://github.com/hidearmoon/agentshield
Project-URL: Repository, https://github.com/hidearmoon/agentshield
Project-URL: Issues, https://github.com/hidearmoon/agentshield/issues
Project-URL: Documentation, https://github.com/hidearmoon/agentshield#quick-start
Author: hidearmoon
License-Expression: Apache-2.0
Keywords: agent-safety,ai-agent,ai-security,guardrails,langchain,llm-security,mcp,prompt-injection,tool-use
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries
Classifier: Typing :: Typed
Requires-Python: >=3.10
Requires-Dist: httpx<1,>=0.25
Requires-Dist: pyyaml<7,>=6
Provides-Extra: all
Requires-Dist: claude-agent-sdk>=0.1; extra == 'all'
Requires-Dist: crewai>=0.30; extra == 'all'
Requires-Dist: langchain-core>=0.1; extra == 'all'
Requires-Dist: pyautogen>=0.2; extra == 'all'
Provides-Extra: autogen
Requires-Dist: pyautogen>=0.2; extra == 'autogen'
Provides-Extra: claude
Requires-Dist: claude-agent-sdk>=0.1; extra == 'claude'
Provides-Extra: crewai
Requires-Dist: crewai>=0.30; extra == 'crewai'
Provides-Extra: dev
Requires-Dist: pytest-asyncio>=0.23; extra == 'dev'
Requires-Dist: pytest>=8; extra == 'dev'
Requires-Dist: respx>=0.21; extra == 'dev'
Provides-Extra: langchain
Requires-Dist: langchain-core>=0.1; extra == 'langchain'
Description-Content-Type: text/markdown

# AgentShield Python SDK

Lightweight security guardrails for AI agents. All security logic runs server-side.

## Quick Start

```python
from agentshield import Shield

shield = Shield()  # reads AGENTSHIELD_API_KEY from env

@shield.guard
async def send_email(to: str, body: str) -> str:
    ...  # your tool implementation

# The server decides: ALLOW, BLOCK, or REQUIRE_CONFIRMATION
await send_email(to="user@company.com", body="Hello")
```

## Session Mode

```python
async with shield.session("Summarize my emails") as s:
    result = await s.guarded_executor.execute(
        "read_inbox", {"limit": 10}, read_inbox_fn
    )
```

## Error Handling

```python
from agentshield import Shield, ToolCallBlocked, ConfirmationRejected, ServerError

shield = Shield()

@shield.guard
async def send_email(to: str, body: str) -> str:
    ...

try:
    await send_email(to="user@test.com", body="hi")
except ToolCallBlocked as e:
    print(f"Blocked: {e.reason} (trace: {e.trace_id})")
except ConfirmationRejected:
    print("User declined confirmation")
except ServerError as e:
    print(f"Server error: {e}")
```

## Configuration

```python
# Explicit configuration
shield = Shield(
    api_key="your-key",
    base_url="https://shield.yourcompany.com",
    timeout=10.0,
    max_retries=3,
    agent_id="my-agent",
)
```

Or via environment variables:
- `AGENTSHIELD_API_KEY` (required)
- `AGENTSHIELD_BASE_URL` (default: http://localhost:8000)
- `AGENTSHIELD_TIMEOUT` (default: 10.0)
- `AGENTSHIELD_AGENT_ID`

Or via `agentshield.yaml` in the working directory.

## Data Sanitization

```python
# Sanitize external data before processing
result = await shield.sanitize(
    data=email_body,
    source="email/external",
)
# result.content has hidden injections removed
# result.trust_level shows the computed trust level
```

## Framework Integrations

```python
from agentshield.integrations import LangChainShield, CrewAIShield

# LangChain
guarded = LangChainShield(shield).wrap(agent_executor)

# CrewAI
guarded = CrewAIShield(shield).wrap(crew)

# AutoGen
from agentshield.integrations import AutoGenShield
AutoGenShield(shield).wrap(assistant)

# Claude Agent SDK
from agentshield.integrations import ClaudeAgentShield
guarded_handler = ClaudeAgentShield(shield).wrap(my_tool_handler)
```
