Metadata-Version: 2.4
Name: kaizen-security
Version: 0.1.5
Summary: Pluggable enforcement for AI agent actions. Inspect every tool call and block known-bad.
Author: Kaizen Security
License: Apache-2.0
Project-URL: Homepage, https://getkaizen.io
Project-URL: Documentation, https://docs.getkaizen.io
Keywords: ai,agents,security,mcp,guardrails
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Topic :: Security
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Requires-Python: >=3.9
Description-Content-Type: text/markdown
Provides-Extra: test
Requires-Dist: pytest<9.0,>=8.0; extra == "test"
Provides-Extra: openai-agents
Requires-Dist: openai-agents>=0.1; extra == "openai-agents"
Provides-Extra: langchain
Requires-Dist: langchain-core>=0.1; extra == "langchain"
Provides-Extra: crewai
Requires-Dist: crewai>=0.1; extra == "crewai"
Provides-Extra: semantic-kernel
Requires-Dist: semantic-kernel>=1.0; extra == "semantic-kernel"
Provides-Extra: llama-index
Requires-Dist: llama-index-core>=0.10; extra == "llama-index"
Provides-Extra: pydantic-ai
Requires-Dist: pydantic-ai>=0.0.1; extra == "pydantic-ai"
Provides-Extra: opentelemetry
Requires-Dist: opentelemetry-api>=1.20; extra == "opentelemetry"

# Kaizen Security

**Runtime security for the AI agents you build.** Attach Kaizen to your agent and it inspects every action, a tool call, a connection, a file or data access, and blocks what falls outside the agent's normal behavior. In your environment, as it happens.

Docs: [docs.getkaizen.io](https://docs.getkaizen.io) · Console: [app.getkaizen.io](https://app.getkaizen.io) · Source: [github.com/getkaizen/kaizen-security](https://github.com/getkaizen/kaizen-security)

## Install

```bash
pip install kaizen-security
```

The core is dependency-free and stdlib-only.

## Quickstart

```python
from kaizen_security import Kaizen

kz = Kaizen(api_key="kz_live_...", agent="support-bot")

verdict = kz.inspect(tool="export_file", publisher="external", target="45.9.148.108")
if verdict.blocked:
    raise RuntimeError(verdict.reason)
```

Create a key in the console under **API keys**. Without a key the client still enforces any policies you pass locally.

## Attach to your framework

One line, any stack. Each adapter inspects every tool call; a blocked call returns a refusal instead of running.

**OpenAI Agents**

```python
from kaizen_security.integrations.openai_agents import KaizenHooks
await Runner.run(agent, "...", hooks=KaizenHooks(kz, enforce=True))
```

**LangChain**

```python
from kaizen_security.integrations.langchain import guard_tool
tools = [guard_tool(kz, t) for t in tools]
```

**CrewAI**

```python
from kaizen_security.integrations.crewai import guard_tool
safe = guard_tool(kz, my_tool)
```

**Semantic Kernel**

```python
from kaizen_security.integrations.semantic_kernel import kaizen_filter
kernel.add_filter("function_invocation", kaizen_filter(kz))
```

**LlamaIndex**

```python
from kaizen_security.integrations.llamaindex import guard_tool
safe = guard_tool(kz, my_tool)
```

**Pydantic AI**

```python
from kaizen_security.integrations.pydantic_ai import guard

@agent.tool_plain
@guard(kz)
def lookup(q: str) -> str:
    ...
```

**MCP** — run `kaizen-mcp` as a shim in front of any MCP server.

## How it works

A fast local check blocks known-bad before it runs. An isolated Observer learns each agent's behavior and flags real deviations, in your own environment. See the [architecture](https://docs.getkaizen.io/architecture).

There is a TypeScript SDK too: `npm install kaizen-security`.

## License

Apache-2.0
