Metadata-Version: 2.4
Name: air-gate
Version: 0.2.0
Summary: The AI Action Firewall — policy engine, PII redaction, HMAC-SHA256 audit chains, Slack approvals, and framework integrations for EU AI Act compliance
Project-URL: Homepage, https://airblackbox.ai
Project-URL: Repository, https://github.com/airblackbox/air-gate
Project-URL: Documentation, https://airblackbox.ai/quickstart
Project-URL: Issues, https://github.com/airblackbox/air-gate/issues
Author-email: Jason Shotwell <jason@airblackbox.ai>
License-Expression: Apache-2.0
License-File: LICENSE
Keywords: agents,ai,audit,compliance,eu-ai-act,firewall,gdpr,hipaa,langchain,openai,pii,safety
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
Classifier: Topic :: Software Development :: Libraries
Requires-Python: >=3.10
Requires-Dist: pydantic>=2.0.0
Provides-Extra: dev
Requires-Dist: pytest>=7.0; extra == 'dev'
Requires-Dist: ruff>=0.4.0; extra == 'dev'
Provides-Extra: langchain
Requires-Dist: langchain-core>=0.1.0; extra == 'langchain'
Provides-Extra: server
Requires-Dist: fastapi>=0.104.0; extra == 'server'
Requires-Dist: httpx>=0.25.0; extra == 'server'
Requires-Dist: python-dotenv>=1.0.0; extra == 'server'
Requires-Dist: python-multipart>=0.0.6; extra == 'server'
Requires-Dist: pyyaml>=6.0; extra == 'server'
Requires-Dist: uvicorn>=0.24.0; extra == 'server'
Description-Content-Type: text/markdown

# AIR Gate

**The AI Action Firewall** — Every agent action gated, signed, and auditable.

Gate sits between your AI agents and the real world. Every action flows through Gate, gets checked against policy, PII is automatically redacted, and everything produces a tamper-evident signed record.

## What's New in v0.2.0

- **PII Redaction** — Automatic detection and redaction of emails, SSNs, credit cards, medical records, and 25+ PII categories before they enter the audit chain. GDPR, HIPAA, PCI-DSS compliant.
- **GateClient SDK** — Use Gate as a library without running a server. `from gate import GateClient`
- **Callback URLs** — Gate POSTs the decision back to your agent when a human approves/rejects in Slack.
- **Framework Integrations** — Drop-in wrappers for LangChain tools and OpenAI function tools.
- **Rebranded CLI** — `air-gate demo` and `air-gate verify` (was air-blackbox).

## How It Works

```
Agent wants to send email
       ↓
   Gate intercepts
       ↓
   PII redacted from payload
       ↓
   Policy check
       ↓
  ┌────┴────┐────────┐
  ↓         ↓        ↓
Auto-Allow  Slack   Block
            Approval
  ↓         ↓        ↓
  Signed event recorded
  (HMAC-SHA256 chain)
       ↓
  Callback to agent
```

## Quick Start

### Option 1: Library Mode (no server)

```python
from gate import GateClient

gate = GateClient()  # local mode, zero config

result = gate.check("my-agent", "email", "send_email",
                    payload={"to": "jane@example.com"})

if result["decision"] == "auto_allowed":
    send_the_email()
elif result["decision"] == "blocked":
    print("Blocked:", result["reason"])

# Verify the audit chain anytime
print(gate.verify())
```

### Option 2: Server Mode (Slack approvals)

```bash
pip install air-gate[server]
uvicorn gate.proxy:app --reload
```

```python
gate = GateClient(server_url="http://localhost:8000")
result = gate.check("my-agent", "email", "send_email",
                    payload={"to": "jane@example.com"},
                    callback_url="http://my-agent/callback")
```

### Option 3: Framework Integrations

**LangChain:**
```python
from gate.integrations.langchain import GatedTool

gated_search = GatedTool(tool=my_search_tool, agent_id="research-agent")
# Use gated_search in your agent chain — every call goes through Gate
```

**OpenAI Function Tools:**
```python
from gate.integrations.openai_agents import gated_tool
from gate import GateClient

gate = GateClient()

@gated_tool(gate=gate, agent_id="assistant-v1")
def send_email(to: str, subject: str, body: str) -> str:
    return f"Email sent to {to}"
```

## Run the Demo

```bash
pip install air-gate
air-gate demo
```

## Configuration

Copy `.env.example` to `.env`:

```bash
cp .env.example .env
```

Key environment variables:
- `GATE_SIGNING_KEY` — HMAC signing key (required for production)
- `GATE_STORAGE_PATH` — Event storage file (default: `gate_events.jsonl`)
- `GATE_PII_REDACTION` — Enable PII auto-redaction (default: `true`)
- `GATE_PII_METHOD` — Redaction method: `hash_sha256`, `mask`, `remove`, `tokenise`
- `SLACK_WEBHOOK_URL` — Slack incoming webhook for approvals
- `SLACK_BOT_TOKEN` — Slack bot token (for full interactivity)

Edit `gate_config.yaml` for policy rules:

```yaml
policy:
  default: require_approval
  rules:
    - name: allow-search
      action_type: search
      decision: auto_allow
    - name: block-delete
      action_type: db_delete
      decision: block
    - name: approve-emails
      action_type: email
      decision: require_approval
      max_per_hour: 50
```

## API Endpoints

| Endpoint | Method | Description |
|----------|--------|-------------|
| `/actions` | POST | Submit an agent action |
| `/actions/{id}/approve` | POST | Approve a pending action |
| `/actions/{id}/reject` | POST | Reject a pending action |
| `/events` | GET | Query the event store |
| `/events/{id}` | GET | Get a specific event |
| `/verify` | GET | Verify audit chain integrity |
| `/stats` | GET | Summary statistics |
| `/report` | GET | Generate compliance report (HTML/JSON/Markdown) |
| `/health` | GET | Health check |

## PII Redaction

Gate automatically detects and redacts 25+ categories of PII before data enters the audit chain:

- **Universal:** Email, phone, IP, date of birth, passport, national ID
- **Recruiting:** LinkedIn URLs, resume text, protected characteristics (EEOC)
- **Finance:** Credit cards, bank accounts, routing numbers, SSN, tax ID (PCI-DSS)
- **Healthcare:** Medical record numbers, health plan IDs, NPI (HIPAA)
- **Legal:** Case numbers, bar numbers, client matter IDs

Every redaction is logged with SHA-256 hash of the original value, enabling GDPR Article 17 erasure lookups.

## Architecture

```
gate/
├── client.py           — GateClient SDK (library mode)
├── proxy.py            — FastAPI server (server mode)
├── events.py           — HMAC-SHA256 signed event store (SQLite + JSONL)
├── policy.py           — Policy engine (YAML rules)
├── pii.py              — PII detection + redaction (multi-vertical)
├── slack_bot.py        — Slack approval bot (Block Kit)
├── report.py           — Compliance report generator
├── report_endpoint.py  — /report API endpoint
├── tracing.py          — OpenTelemetry integration
├── cli.py              — air-gate CLI
└── integrations/
    ├── langchain.py    — LangChain tool wrapper
    └── openai_agents.py — OpenAI function tool decorator
```

## Part of AIR Blackbox

- **AIR Blackbox** scans your AI system for compliance issues (build-time)
- **AIR Gate** controls what your AI agents can do at runtime

Together: full AI governance lifecycle. [airblackbox.ai](https://airblackbox.ai)
