Metadata-Version: 2.4
Name: fortifyos-langchain
Version: 1.1.0
Summary: FortifyOS runtime protection for LangChain and LangGraph agents — zero code changes required.
Author-email: FortifyAI <support@fortifyai.co>
License: MIT
Project-URL: Homepage, https://fortifyai.co
Project-URL: Documentation, https://fortifyai.co/docs
Project-URL: Repository, https://github.com/fortifyai/fortifyos-langchain
Project-URL: Issues, https://github.com/fortifyai/fortifyos-langchain/issues
Keywords: fortifyos,langchain,langgraph,security,ai-agent,hooks,policy,guardrails
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: langchain-core>=0.3
Dynamic: license-file

# fortifyos-langchain

**Runtime security for LangChain and LangGraph agents — with zero code changes.**

`fortifyos-langchain` auto-attaches the [FortifyOS](https://fortifyai.co) policy engine to every LangChain agent running in your Python environment. It intercepts LLM calls and tool invocations, runs your security policies as plain shell scripts, and allows or blocks the action based on the result.

No imports. No callback wiring. No modifications to your agent code.

## Installation

```bash
pip install fortifyos-langchain
```

## How It Works

A `.pth` file shipped with the package is auto-loaded by Python on every interpreter startup, attaching a `FortifyHandler` globally to LangChain via `register_configure_hook`. The handler reads `~/.fortifyos/langchain.json` to map lifecycle events to shell scripts under `~/.fortifyos/hooks/langchain/`.

| Event | Fires when |
|---|---|
| `pre_llm`   | Before an LLM / chat-model call |
| `post_llm`  | After an LLM responds — includes generations, tool_calls, finish_reason, token_usage |
| `pre_tool`  | Before a tool runs |
| `post_tool` | After a tool returns |

Script exit code 0 allows the action; non-zero blocks it.

## What's New In 0.1.1

- `post_llm` payload now includes the actual model output: `generations[].text`, `generations[].content`, `generations[].tool_calls` (the tools the LLM wants to invoke), `generations[].finish_reason`, `token_usage`, and `model`. Useful for inspecting tool calls before they run, detecting content-filter triggers, and tracking token cost.

## Disabling Protection

Set `FORTIFYOS_DISABLE=1` to skip the auto-attach for a single run.

## License

MIT
