Metadata-Version: 2.4
Name: skyrelis
Version: 0.1.9
Summary: AI Agent Security Library - Enterprise-grade security for AI agents, starting with comprehensive observability across multiple frameworks
Home-page: https://github.com/skyrelis/skyrelis
Author: Skyrelis Security Team
Author-email: Skyrelis Security Team <security@skyrelis.com>
Maintainer-email: Skyrelis Security Team <security@skyrelis.com>
License: Proprietary
Project-URL: Homepage, https://github.com/skyrelis/skyrelis
Project-URL: Documentation, https://skyrelis.readthedocs.io
Project-URL: Repository, https://github.com/skyrelis/skyrelis
Project-URL: Bug Reports, https://github.com/skyrelis/skyrelis/issues
Project-URL: Security, https://github.com/skyrelis/skyrelis/security
Project-URL: Funding, https://github.com/sponsors/skyrelis
Keywords: ai,agents,security,observability,monitoring,tracing,langchain,telemetry,analytics,debugging,performance,opentelemetry,compliance,audit,threat-detection,cybersecurity,enterprise,SOC2,GDPR,HIPAA,risk-management,governance
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Information Technology
Classifier: License :: Other/Proprietary License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Topic :: System :: Monitoring
Classifier: Topic :: Security
Classifier: Topic :: Security :: Cryptography
Classifier: Topic :: System :: Logging
Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
Classifier: Topic :: Office/Business :: Financial
Classifier: Framework :: AsyncIO
Classifier: Environment :: Web Environment
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: langchain<2.0.0,>=0.1.0
Requires-Dist: langchain-core<2.0.0,>=0.1.0
Requires-Dist: langchain-openai<2.0.0,>=0.0.5
Requires-Dist: requests>=2.25.0
Requires-Dist: aiohttp>=3.8.0
Requires-Dist: pydantic<3.0.0,>=1.8.0
Requires-Dist: python-dotenv>=0.19.0
Provides-Extra: security
Requires-Dist: cryptography>=3.4.0; extra == "security"
Requires-Dist: bcrypt>=3.2.0; extra == "security"
Requires-Dist: pyjwt>=2.0.0; extra == "security"
Provides-Extra: opentelemetry
Requires-Dist: opentelemetry-api>=1.0.0; extra == "opentelemetry"
Requires-Dist: opentelemetry-sdk>=1.0.0; extra == "opentelemetry"
Requires-Dist: opentelemetry-instrumentation>=0.30b0; extra == "opentelemetry"
Requires-Dist: opentelemetry-exporter-jaeger>=1.0.0; extra == "opentelemetry"
Provides-Extra: langsmith
Requires-Dist: langsmith>=0.0.30; extra == "langsmith"
Provides-Extra: crewai
Requires-Dist: crewai>=0.70.0; extra == "crewai"
Requires-Dist: opentelemetry-api>=1.21.0; extra == "crewai"
Requires-Dist: opentelemetry-sdk>=1.21.0; extra == "crewai"
Provides-Extra: compliance
Requires-Dist: psycopg2-binary>=2.9.0; extra == "compliance"
Requires-Dist: sqlalchemy>=1.4.0; extra == "compliance"
Provides-Extra: threat-detection
Requires-Dist: scikit-learn>=1.0.0; extra == "threat-detection"
Requires-Dist: pandas>=1.3.0; extra == "threat-detection"
Requires-Dist: numpy>=1.21.0; extra == "threat-detection"
Provides-Extra: dev
Requires-Dist: pytest>=7.0.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.21.0; extra == "dev"
Requires-Dist: black>=22.0.0; extra == "dev"
Requires-Dist: flake8>=4.0.0; extra == "dev"
Requires-Dist: mypy>=0.991; extra == "dev"
Requires-Dist: bandit>=1.7.0; extra == "dev"
Provides-Extra: all
Requires-Dist: cryptography>=3.4.0; extra == "all"
Requires-Dist: bcrypt>=3.2.0; extra == "all"
Requires-Dist: pyjwt>=2.0.0; extra == "all"
Requires-Dist: opentelemetry-api>=1.0.0; extra == "all"
Requires-Dist: opentelemetry-sdk>=1.0.0; extra == "all"
Requires-Dist: opentelemetry-instrumentation>=0.30b0; extra == "all"
Requires-Dist: opentelemetry-exporter-jaeger>=1.0.0; extra == "all"
Requires-Dist: langsmith>=0.0.30; extra == "all"
Requires-Dist: psycopg2-binary>=2.9.0; extra == "all"
Requires-Dist: sqlalchemy>=1.4.0; extra == "all"
Requires-Dist: scikit-learn>=1.0.0; extra == "all"
Requires-Dist: pandas>=1.3.0; extra == "all"
Requires-Dist: numpy>=1.21.0; extra == "all"
Dynamic: author
Dynamic: home-page
Dynamic: license-file
Dynamic: requires-python

# 🔒 Skyrelis: AI Agent Security Library

**Enterprise-grade security for AI agents, starting with comprehensive observability.**

[![PyPI version](https://badge.fury.io/py/skyrelis.svg)](https://badge.fury.io/py/skyrelis)
[![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)
[![LangChain 0.1-2.0](https://img.shields.io/badge/LangChain-0.1--2.0-green.svg)](https://python.langchain.com/)
[![CrewAI 0.70+](https://img.shields.io/badge/CrewAI-0.70+-blue.svg)](https://github.com/joaomdmoura/crewAI)
[![License: Proprietary](https://img.shields.io/badge/License-Proprietary-orange.svg)](https://github.com/skyrelis/skyrelis/blob/main/LICENSE)
[![Security](https://img.shields.io/badge/security-focused-red.svg)](https://skyrelis.com)

---

## 🛡️ **Why Agent Security Matters**

As AI agents become more powerful and autonomous, they present new security challenges:
- **Prompt Injection Attacks**: Malicious inputs that hijack agent behavior
- **Data Exposure**: Agents accessing sensitive information inappropriately  
- **Uncontrolled Actions**: Agents performing unintended or harmful operations
- **Compliance Risks**: Lack of audit trails for regulated industries

**Skyrelis provides the security foundation your AI agents need.**

---

## ✨ Current Security Features (v0.1.6)

🔍 **Complete Observability** - Full visibility into agent execution and decision-making  
🎯 **System Prompt Security** - Monitor and protect agent instructions and behaviors  
📊 **Real-time Monitoring** - Instant alerts for suspicious agent activities  
🏷️ **Agent Registry** - Centralized inventory and security posture management  
🔗 **Zero-Config Integration** - Add security with just a decorator  
⚡ **Production Ready** - Built for enterprise scale and reliability  
🌐 **Standards Compliant** - OpenTelemetry, audit logging, and compliance ready  
🚀 **Multi-Framework Support** - LangChain (0.1-2.0), CrewAI (0.70+), and extensible architecture  
✅ **Modern LangChain Compatible** - Full support for LangChain 1.0+ with inheritance-based monitoring  

## 🚧 Coming Soon (Roadmap)

🛡️ **Prompt Injection Detection** - AI-powered input validation and threat detection  
🏗️ **Agent Sandboxing** - Isolated execution environments with controlled permissions  
👥 **Access Control & RBAC** - Role-based permissions for agent operations  
🧠 **Behavioral Analysis** - ML-based anomaly detection for agent activities  
📋 **Compliance Frameworks** - SOC2, GDPR, HIPAA compliance tools  
🔐 **Secret Management** - Secure handling of API keys and sensitive data  

---

## 🚀 Quick Start

### Installation

```bash
# Basic installation
pip install skyrelis

# With CrewAI support
pip install skyrelis[crewai]

# With all features
pip install skyrelis[all]
```

### 🎯 **Multi-Framework Support**

Skyrelis supports multiple AI agent frameworks with unified security monitoring:

#### **✅ LangChain (All Versions)**
- **Legacy LangChain** (0.1.x - 0.9.x) ✅
- **Modern LangChain** (1.0.0+) ✅ **NEW: Fixed compatibility issues**
- **LangChain Core** (0.1.0+) ✅
- **LangChain OpenAI** (0.0.5+) ✅

#### **✅ CrewAI** 
- **CrewAI** (0.70.0+) ✅
- **OpenTelemetry Integration** ✅
- **Agent, Task, and Crew monitoring** ✅

### Secure Your Agent in 30 Seconds

#### **Modern LangChain (1.0+) Example**
```python
from skyrelis import observe_langchain_agent
from langchain_core.runnables import Runnable
from langchain_openai import ChatOpenAI
from langchain_core.messages import HumanMessage, SystemMessage

# Modern LangChain agent with Skyrelis monitoring
@observe_langchain_agent(remote_observer_url="https://your-security-monitor.com")
class ModernSecureAgent(Runnable):
    def __init__(self, llm_model="gpt-4o-mini"):
        self.llm = ChatOpenAI(model=llm_model)
    
    def invoke(self, input_data, config=None, **kwargs):
        messages = [
            SystemMessage(content="You are a helpful AI assistant."),
            HumanMessage(content=input_data["query"])
        ]
        return self.llm.invoke(messages)

# Use your secure agent
agent = ModernSecureAgent()
result = agent.invoke({"query": "What's the weather like?"})
```

#### **Legacy LangChain (0.x) Example**
```python
from skyrelis import observe_langchain_agent
from langchain.agents import AgentExecutor, create_openai_functions_agent
from langchain_openai import ChatOpenAI
from langchain.prompts import ChatPromptTemplate

# Legacy LangChain agent setup
prompt = ChatPromptTemplate.from_messages([
    ("system", "You are a helpful AI assistant. Use tools when needed."),
    ("human", "{input}"),
    ("placeholder", "{agent_scratchpad}")
])

llm = ChatOpenAI(model="gpt-4o-mini")
agent = create_openai_functions_agent(llm, tools, prompt)

# Add enterprise security monitoring with one decorator! 🔒
@observe_langchain_agent(remote_observer_url="https://your-security-monitor.com")
class SecureAgent(AgentExecutor):
    pass

# Initialize and use - now with full security monitoring
secure_agent = SecureAgent(agent=agent, tools=tools)
result = secure_agent.invoke({"input": "What's the weather like?"})
```

#### **CrewAI Example**
```python
from skyrelis import observe_crewai_agent
from crewai import Agent, Task, Crew

@observe_crewai_agent(remote_observer_url="https://your-security-monitor.com")
class SecureCrewAgent(Agent):
    pass

# Your CrewAI agent now has complete security monitoring
agent = SecureCrewAgent(
    role="Security Analyst",
    goal="Analyze security threats",
    backstory="Expert in cybersecurity analysis"
)
```

### 🎉 **What You Get**
All supported frameworks automatically get:
- ✅ **Complete execution tracing** - Every agent call monitored
- ✅ **System prompt monitoring** - Security-critical prompt capture  
- ✅ **Real-time security alerts** - Instant threat notifications
- ✅ **Audit trail compliance** - Full regulatory compliance logging
- ✅ **Agent behavior analysis** - ML-powered anomaly detection
- ✅ **Zero code changes** - Just add the decorator!

## 🔒 What Security Data Gets Captured

When you add the `@observe` decorator, Skyrelis automatically captures security-relevant data:

### 🤖 **Agent Security Profile**
- **System Prompts**: Complete instructions given to the agent
- **Tool Access**: What tools the agent can use and how  
- **LLM Configuration**: Model settings, temperature, safety filters
- **Permission Scope**: What the agent is authorized to do

### 📊 **Execution Security Logs** 
- **Input Validation**: All user inputs and their sources
- **Tool Invocations**: Every tool call with parameters and results
- **LLM Interactions**: Complete conversation logs with the language model
- **Output Analysis**: All agent responses and actions taken
- **Error Tracking**: Security-relevant errors and failures

### 🚨 **Security Events**
- **Unusual Behavior**: Deviations from expected agent patterns
- **Failed Operations**: Blocked or failed actions that might indicate attacks
- **Access Attempts**: Unauthorized access attempts to tools or data
- **Performance Anomalies**: Unusual response times or resource usage

### 📋 **Compliance & Audit**
- **Complete Audit Trail**: Every action with timestamps and context
- **User Attribution**: Who triggered each agent interaction
- **Data Access Logs**: What data was accessed or modified
- **Retention Management**: Automated log retention per compliance requirements

---

## 🎛️ Security Configuration

### Basic Security Setup
```python
@observe(
    monitor_url="https://your-security-monitor.com",
    agent_name="customer_service_agent",
    security_level="production",  # "development", "staging", "production"
)
class CustomerServiceAgent(AgentExecutor):
    pass
```

### Advanced Security Configuration
```python
@observe(
    monitor_url="https://your-security-monitor.com",
    agent_name="financial_advisor_agent",
    security_level="production",
    enable_audit_logging=True,      # Full audit trail
    enable_anomaly_detection=True,  # Behavioral analysis (coming soon)
    enable_input_validation=True,   # Prompt injection detection (coming soon)
    compliance_mode="SOC2",         # Compliance framework (coming soon)
    alert_thresholds={              # Security alerting
        "unusual_tool_usage": 0.8,
        "response_time_anomaly": 2.0,
        "error_rate_spike": 0.1
    }
)
class FinancialAdvisorAgent(AgentExecutor):
    pass
```

### Environment-Based Security
```bash
# Security monitoring endpoints
export SKYRELIS_MONITOR_URL="https://your-security-monitor.com"
export SKYRELIS_SECURITY_LEVEL="production"

# Compliance and audit
export SKYRELIS_AUDIT_RETENTION_DAYS="2555"  # 7 years for financial compliance
export SKYRELIS_COMPLIANCE_MODE="SOC2"

# Alert destinations
export SKYRELIS_SLACK_WEBHOOK="https://hooks.slack.com/..."
export SKYRELIS_SECURITY_EMAIL="security-team@company.com"
```

---

## 🔧 Security Integration Examples

### High-Security Financial Agent
```python
from skyrelis import observe
from langchain.agents import create_openai_functions_agent
from langchain_openai import ChatOpenAI
from langchain.tools import StructuredTool

def get_account_balance(account_id: str) -> str:
    # This tool access is now fully monitored and audited
    return f"Account {account_id}: $10,000"

@observe(
    monitor_url="https://security.bank.com/monitor",
    security_level="production",
    compliance_mode="SOX",
    enable_audit_logging=True
)
class BankingAgent(AgentExecutor):
    pass

# Every interaction is now compliance-ready and security-monitored
```

### Customer Service with Threat Detection
```python
@observe(
    monitor_url="https://security.company.com/monitor",
    enable_anomaly_detection=True,      # Detect unusual customer behavior
    enable_input_validation=True,       # Block prompt injection attempts  
    alert_on_threats=True              # Real-time security alerts
)
class CustomerServiceAgent(AgentExecutor):
    pass

# Agent automatically detects and blocks security threats
```

### Research Agent with Data Protection
```python
@observe(
    monitor_url="https://security.research.com/monitor",
    data_classification="confidential",
    enable_data_loss_prevention=True,  # Prevent sensitive data exposure
    audit_data_access=True            # Log all data access events
)
class ResearchAgent(AgentExecutor):
    pass

# Complete data protection and access monitoring
```

---

## 📊 Security Monitoring Dashboard

The Skyrelis Security Monitor provides:

### 🚨 **Real-time Security Alerts**
- **Threat Detection**: Immediate alerts for security events
- **Anomaly Notifications**: Unusual agent behavior alerts  
- **Compliance Violations**: Regulatory compliance failures
- **Performance Issues**: Security-impacting performance problems

### 📈 **Security Analytics**
- **Agent Risk Scores**: Security posture assessment for each agent
- **Threat Landscape**: Attack patterns and security trends
- **Compliance Reporting**: Automated compliance status reports
- **Incident Response**: Security event investigation tools

### 🔍 **Agent Security Inventory**
- **Security Profiles**: All agents with their security configurations
- **Permission Mapping**: What each agent can access and do
- **Vulnerability Assessment**: Security weaknesses and recommendations
- **Policy Compliance**: Adherence to security policies

### 📋 **Audit & Compliance**
- **Complete Audit Trail**: Every action logged for compliance
- **Regulatory Reports**: SOC2, GDPR, HIPAA compliance reporting
- **Data Lineage**: Track data flow through agent operations
- **Retention Management**: Automated compliance-based data retention

---

## 🏗️ Security Architecture

Skyrelis Security Architecture:

1. **Security Decorator**: Wraps agents with security monitoring
2. **Agent Registry**: Centralizes agent security profiles and policies
3. **Real-time Monitoring**: Captures all security-relevant events
4. **Threat Detection**: AI-powered security analysis (coming soon)
5. **Compliance Engine**: Automated compliance and audit reporting
6. **Alert System**: Real-time security notifications and incident response

All security monitoring happens transparently - your agent code remains unchanged while gaining enterprise-grade security!

---

## 🔧 **LangChain >1.0.0 Compatibility Fix**

**✅ RESOLVED: `'method' object attribute '__init__' is read-only` Error**

Previous versions of Skyrelis had compatibility issues with LangChain 1.0+ due to class protection mechanisms. **This is now fixed!**

### **What We Fixed**
- **Problem**: Direct `__init__` method assignment failed in modern LangChain
- **Solution**: Inheritance-based approach that creates `ObservedAgent` classes
- **Result**: Full compatibility with both legacy and modern LangChain versions

### **Technical Details**
```python
# OLD APPROACH (Failed in LangChain 1.0+)
cls.__init__ = new_init  # ❌ Read-only error

# NEW APPROACH (Works with all LangChain versions)
class ObservedAgent(cls):  # ✅ Inheritance-based
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        # Add Skyrelis monitoring
```

### **Migration**
**No code changes needed!** Your existing Skyrelis decorators work with both:
- ✅ Legacy LangChain (0.1.x - 0.9.x) 
- ✅ Modern LangChain (1.0.0+)
- ✅ All LangChain Core versions
- ✅ CrewAI (0.70.0+)

---

## 📦 Installation Options

```bash
# Basic security monitoring (supports all LangChain versions)
pip install skyrelis

# With CrewAI support
pip install skyrelis[crewai]

# With OpenTelemetry integration
pip install skyrelis[opentelemetry]

# With advanced security features (coming soon)
pip install skyrelis[security]

# With compliance reporting
pip install skyrelis[compliance]

# With threat detection (coming soon)  
pip install skyrelis[threat-detection]

# Everything
pip install skyrelis[all]
```

### **Supported Versions**
- **Python**: 3.8+
- **LangChain**: 0.1.0 - 2.0.0 (all versions supported)
- **LangChain Core**: 0.1.0 - 1.0.0
- **CrewAI**: 0.70.0+
- **Pydantic**: 1.8.0 - 3.0.0 (compatible with both v1 and v2)

---

## 📝 **Recent Updates**

### **v0.1.6 - LangChain 1.0+ Compatibility** 🚀
- ✅ **FIXED**: `'method' object attribute '__init__' is read-only` error in LangChain 1.0+
- ✅ **NEW**: Inheritance-based monitoring approach for modern LangChain
- ✅ **IMPROVED**: Full compatibility with LangChain 0.1.0 - 2.0.0
- ✅ **ENHANCED**: Better error handling and graceful fallbacks
- ✅ **MAINTAINED**: Backward compatibility with existing code

### **Previous Releases**
- **v0.1.3**: Multi-framework support (LangChain + CrewAI)
- **v0.1.2**: Enhanced observability and system prompt capture
- **v0.1.1**: Core security monitoring features
- **v0.1.0**: Initial release with LangChain support

---

## 🎯 Why Choose Skyrelis?

### **For Security Teams**
- **Zero Agent Code Changes**: Add security without disrupting development
- **Complete Visibility**: See everything your agents are doing
- **Multi-Framework Support**: Monitor LangChain, CrewAI, and more from one platform
- **Compliance Ready**: Built-in support for major compliance frameworks
- **Threat Detection**: AI-powered security monitoring

### **For Development Teams**  
- **One-Line Integration**: Just add a decorator
- **Universal Compatibility**: Works with LangChain 0.1-2.0, CrewAI 0.70+
- **No Performance Impact**: Lightweight, async monitoring
- **Development Friendly**: Rich debugging and troubleshooting tools
- **Production Ready**: Battle-tested at enterprise scale
- **Future-Proof**: Inheritance-based approach compatible with framework updates

### **For Compliance Officers**
- **Automated Audit Trails**: Complete logging without manual work
- **Regulatory Support**: SOC2, GDPR, HIPAA, SOX compliance
- **Risk Assessment**: Continuous security posture monitoring
- **Incident Response**: Complete investigation capabilities

---

## 🤝 Contributing

We welcome contributions to make AI agents more secure! Please see our [Contributing Guide](CONTRIBUTING.md) for details.

## 📄 License & Commercial Use

**Skyrelis is proprietary software** - see the [LICENSE](LICENSE) file for details.

### 🏢 **Commercial Licensing**

- **Evaluation & Development**: Free for non-commercial evaluation and development
- **Commercial Use**: Requires a separate commercial license agreement
- **Enterprise**: Contact us for enterprise licensing and support

📧 **Licensing Inquiries**: [security@skyrelis.com](mailto:security@skyrelis.com)

### 🔒 **Why Proprietary?**

As an AI agent security platform, Skyrelis requires:
- **Enterprise Support**: Dedicated support for mission-critical security
- **Compliance Guarantees**: Legal assurances for regulated industries  
- **Advanced Features**: Continuous development of cutting-edge security capabilities
- **Professional Services**: Security consulting and custom implementations

## 🆘 Support

- 📚 **Documentation**: [skyrelis.readthedocs.io](https://skyrelis.readthedocs.io)
- 🔒 **Security Issues**: [security@skyrelis.com](mailto:security@skyrelis.com)
- 🐛 **Bug Reports**: [GitHub Issues](https://github.com/skyrelis/skyrelis/issues)
- 💬 **Discussions**: [GitHub Discussions](https://github.com/skyrelis/skyrelis/discussions)

---

**Made with 🔒 by the Skyrelis Security Team**

*Skyrelis: Securing AI agents for the enterprise.* 
