AgentSec

Security infrastructure for autonomous AI agents

pip install agentsec

View on PyPI Get Started

The Problem

AI agents are being weaponized. Anthropic recently disclosed a Chinese state-sponsored group used jailbroken Claude to orchestrate autonomous cyberattacks at scale. 80-90% of operations were AI-driven. Several intrusions succeeded.

Organizations deploying AI agents have:

Zero visibility into what agents are actually doing
No architectural controls (only prompt-level "guardrails")
No detection for when models shift into adversarial behavior
No secure runtime infrastructure

The Solution

AgentSec provides three layers of defense:

Telemetry

Know exactly what your agents are doing. Capture prompts, responses, tool calls, network requests, and file operations.

Policy Enforcement

Alignment anchored in architecture, not prompts. YAML-based policies that actually block dangerous actions.

Risk Detection

Catch mode shifts before damage occurs. Heuristic-based risk labeling with 20+ threat categories.

Quick Start

# Install
pip install agentsec

# Use in your agent
from agentsec import AgentSecClient, policy

client = AgentSecClient(agent_id="my-agent")

# Wrap tools with policy enforcement
@policy.guard
def search_database(query: str) -> list:
    # Your tool implementation
    pass

# All calls are now logged + policy-checked
results = search_database("SELECT * FROM users")

View Events

# CLI - tail events in real-time
agentsec tail -f

# CLI - inspect with risk analysis
agentsec inspect

Features

Event Capture

Automatically capture all agent behavior:

Prompts and responses
Tool/function calls with arguments
Network requests (requests, httpx, urllib)
File operations

Policy Engine

Define security policies in YAML:

version: 1
name: security-baseline
default: allow

rules:
  - id: block-credential-access
    match:
      type: file_op
      path: "*credentials*"
    decision: deny
    reason: "Credential file access blocked"

Risk Labels

Automatic risk detection with labels like:

credential_access exfiltration_pattern persistence_mechanism code_execution recon_scan

Documentation

Getting Started

Install AgentSec and capture your first events in under 5 minutes.

Event Schema

Standardized event format for prompts, responses, tool calls, and more.

Policy Reference

YAML policy language for allow/deny/escalate decisions.

Integrations

Guides for OpenAI, Anthropic, LangChain, and more.

Architecture

+------------------+     +-------------------+     +------------------+
|   Your Agent     | --> |  AgentSec SDK     | --> |  Policy Engine   |
|  (OpenAI/Claude/ |     |  - Telemetry      |     |  - Allow/Deny    |
|   LangChain/etc) |     |  - Tool Wrappers  |     |  - Escalate      |
+------------------+     +-------------------+     +------------------+
                                  |
                                  v
                         +-------------------+
                         |  Event Storage    |
                         |  - Local files    |
                         |  - Remote ingest  |
                         +-------------------+