We built AgentShield, a Python SDK and CLI to add a security checkpoint for AI agents before they perform potentially risky actions like external API calls or executing generated code.
Problem: Agents calling arbitrary URLs or running unchecked code can lead to data leaks, SSRF, system damage, etc.
Solution: AgentShield intercepts these actions:
- guarded_get(url=...): Checks URL against policies (block internal IPs, HTTP, etc.) before making the request.
- safe_execute(code_snippet=...): Checks code for risky patterns (os import, eval, file access, etc.) before execution.
It works via a simple API call to evaluate the action against configurable security policies. It includes default policies for common risks.
Get Started:
Install: pip install agentshield-sdk
Get API Key (CLI): agentshield keys create
Use in Python: from agentshield_sdk import AgentShield # shield = AgentShield(api_key=...) # await shield.guarded_get(url=...) # await shield.safe_execute(code_snippet=...)
Full details, documentation, and the complete README are at <https://pypi.org/project/agentshield-sdk/>
We built this because securing agent interactions felt crucial as they become more capable. It's still early days, and we'd love to get your feedback on the approach, usability, and policies.