AASP Documentation

The AI Agent Security Platform - Monitor, control, and secure what your AI agents do.

What is AASP?

AASP is a security control plane for AI agents. It intercepts every tool call, API request, and action your agents take, evaluates them against your security policies, and either allows, blocks, or requires human approval before execution.

Key Features

  • Real-time Interception - Catch every action before it executes
  • Policy Engine - Define rules with conditions, regex patterns, and effects
  • Human-in-the-Loop - Require approval for sensitive operations
  • Complete Audit Trail - Log every action for compliance
  • One-Line Integration - Add to existing LangChain agents instantly

Quick Start

Get AASP protecting your AI agents in under 5 minutes.

Step 1: Create an Account

Sign up at /signup to get your API key. Save it securely - it won't be shown again!

Step 2: Install the SDK

bash
pip install aasp

Step 3: Add to Your Agent

python
from aasp import AASPCallback
from langchain.agents import AgentExecutor

# Your existing agent setup
agent = create_openai_functions_agent(llm, tools, prompt)

# Add AASP protection
executor = AgentExecutor(
    agent=agent,
    tools=tools,
    callbacks=[AASPCallback(api_key="aasp_live_xxx")]
)

# All tool calls are now monitored!
executor.invoke({"input": "Send $5000 to vendor"})

Step 4: Create Policies

Go to your Dashboard → Policies and create rules to control what your agents can do.

Installation

Python SDK

bash
# From PyPI (coming soon)
pip install aasp

# From source (current)
pip install git+https://github.com/your-org/aasp-platform.git#subdirectory=sdk/python

Requirements

  • Python 3.8+
  • LangChain 0.1.0+ (for callback integration)
  • httpx (installed automatically)

Python SDK

AASPCallback

The main integration point for LangChain agents.

python
from aasp import AASPCallback

callback = AASPCallback(
    api_key="aasp_live_xxx",           # Required: Your API key
    base_url="https://aasp-mvp.aminereg.com/api/v1",  # API endpoint
    agent_id="my-agent",               # Optional: Identify this agent
    block_on_error=False,              # Block if AASP is unreachable
    approval_timeout=300,              # Seconds to wait for approval
)

AASPClient

Direct API client for custom integrations.

python
from aasp import AASPClient, Decision

client = AASPClient(
    api_key="aasp_live_xxx",
    base_url="https://aasp-mvp.aminereg.com/api/v1"
)

# Evaluate an action
result = client.evaluate_action(
    agent_id="my-agent",
    action_type="tool_call",
    target="send_email",
    params={"to": "customer@example.com", "subject": "Hello"}
)

if result.decision == Decision.ALLOW:
    # Proceed with action
    pass
elif result.decision == Decision.BLOCK:
    # Action was blocked
    print("Blocked: " + result.reason)
elif result.decision == Decision.REQUIRE_APPROVAL:
    # Wait for human approval
    client.wait_for_approval(result.approval_id, timeout=300)

LangChain Integration

AASP integrates seamlessly with LangChain's callback system.

With AgentExecutor

python
from langchain.agents import AgentExecutor, create_openai_functions_agent
from langchain_openai import ChatOpenAI
from langchain.tools import tool
from aasp import AASPCallback

# Define your tools
@tool
def send_payment(amount: float, recipient: str) -> str:
    """Send a payment to a recipient."""
    return "Sent {} USD to {}".format(amount, recipient)

@tool
def delete_record(record_id: str) -> str:
    """Delete a database record."""
    return "Deleted record {}".format(record_id)

# Create agent
llm = ChatOpenAI(model="gpt-4")
tools = [send_payment, delete_record]
agent = create_openai_functions_agent(llm, tools, prompt)

# Add AASP protection
executor = AgentExecutor(
    agent=agent,
    tools=tools,
    callbacks=[AASPCallback(
        api_key="aasp_live_xxx",
        agent_id="payment-agent"
    )]
)

# Every tool call is now monitored
result = executor.invoke({"input": "Send $10000 to vendor@acme.com"})

Handling Blocked Actions

python
from aasp import AASPCallback
from aasp.exceptions import ToolBlockedError, ApprovalTimeoutError

callback = AASPCallback(api_key="aasp_live_xxx")

try:
    result = executor.invoke({"input": "Delete all records"})
except ToolBlockedError as e:
    print("Action blocked by policy: " + e.policy_id)
    print("Reason: " + e.reason)
except ApprovalTimeoutError as e:
    print("Approval not received within timeout")
    print("Approval ID: " + e.approval_id)

Configuration

Environment Variables

bash
# Set your API key
export AASP_API_KEY="aasp_live_xxx"

# Optional: Custom API endpoint
export AASP_BASE_URL="https://aasp-mvp.aminereg.com/api/v1"

Using Environment Variables

python
from aasp import AASPCallback
import os

# Will automatically use AASP_API_KEY and AASP_BASE_URL
callback = AASPCallback(
    api_key=os.environ.get("AASP_API_KEY"),
    base_url=os.environ.get("AASP_BASE_URL", "https://aasp-mvp.aminereg.com/api/v1")
)

API Authentication

All API requests must include your API key in the Authorization header.

bash
curl -X POST https://aasp-mvp.aminereg.com/api/v1/ingest \
  -H "Authorization: Bearer aasp_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{"agent_id": "my-agent", "action_type": "tool_call", "target": "send_email"}'

API Key Types

PrefixTypeUse Case
aasp_live_ProductionLive agent monitoring
aasp_test_TestDevelopment and testing

Ingest Endpoint

The primary endpoint for evaluating agent actions.

POST /api/v1/ingest

Request Body

json
{
  "agent_id": "string",        // Required: Unique agent identifier
  "action_type": "string",     // Required: tool_call | api_call | db_query | file_access
  "target": "string",          // Required: Tool/endpoint/table name
  "params": {                  // Optional: Action parameters
    "key": "value"
  }
}

Response

json
{
  "action_id": "clx123...",
  "decision": "allow",         // allow | block | require_approval
  "reason": "No matching policy",
  "policy_id": null,           // ID of matched policy (if any)
  "approval_id": null          // ID for approval (if required)
}

Decision Values

DecisionDescriptionAction
allowAction permittedProceed with execution
blockAction deniedDo not execute, return error
require_approvalNeeds human approvalWait for approval via dashboard

Policies API

List Policies

GET /api/v1/policies

Create Policy

POST /api/v1/policies
json
{
  "name": "Block High-Value Payments",
  "description": "Block payments over $10,000",
  "rules": [
    {
      "action_type": "tool_call",
      "target": "send_payment|process_payment",
      "conditions": {
        "amount": { "gt": 10000 }
      },
      "effect": "block"
    }
  ],
  "enabled": true,
  "priority": 10
}

Policy Rule Structure

FieldTypeDescription
action_typestringType of action to match
targetregexPattern to match target name
conditionsobjectParameter conditions (gt, lt, eq, contains)
effectstringallow | block | require_approval

Approvals API

Check Approval Status

GET /api/v1/approvals/{approvalId}/status

Response

json
{
  "id": "clx456...",
  "status": "pending",    // pending | approved | rejected | expired
  "action": {
    "agent_id": "my-agent",
    "action_type": "tool_call",
    "target": "send_payment",
    "params": { "amount": 5000 }
  },
  "created_at": "2024-01-15T10:30:00Z",
  "decided_at": null,
  "decided_by": null
}

Policies

Policies are rules that determine how AASP handles agent actions. Each policy contains one or more rules that match against incoming actions.

Creating Policies in the Dashboard

  1. Go to Dashboard → Policies
  2. Click Create Policy
  3. Enter a name and description
  4. Add rules with targets, conditions, and effects
  5. Set priority (lower = higher priority)
  6. Enable the policy

Rule Matching

Rules are evaluated in priority order. The first matching rule determines the decision.

Target Patterns

Use regex patterns to match tool names:

text
send_payment           # Exact match
send_.*                # Starts with "send_"
.*payment.*            # Contains "payment"
send_email|send_sms    # Either send_email or send_sms

Conditions

Match against action parameters:

json
{
  "conditions": {
    "amount": { "gt": 1000 },      // Greater than
    "recipient": { "contains": "@external.com" },
    "action": { "eq": "delete" }   // Equals
  }
}

Approvals

When a policy rule has effect: require_approval, the action is paused until a human approves or rejects it.

Approval Flow

  1. Agent attempts an action that matches a require_approval rule
  2. AASP returns decision: require_approval with an approval_id
  3. SDK polls for approval status (or waits synchronously)
  4. Human reviews and approves/rejects in dashboard
  5. Agent receives approval result and proceeds or aborts

Reviewing Approvals

  1. Go to Dashboard → Approvals
  2. Review pending requests
  3. Click Approve or Reject
  4. Optionally add a note explaining your decision

Timeout Handling

python
from aasp.exceptions import ApprovalTimeoutError

callback = AASPCallback(
    api_key="aasp_live_xxx",
    approval_timeout=300  # 5 minutes
)

try:
    result = executor.invoke({"input": "Process refund"})
except ApprovalTimeoutError:
    # Handle timeout - maybe notify user or retry later
    print("Approval not received in time")

Audit Logs

Every action is logged with full details for compliance and debugging.

Viewing Logs

  1. Go to Dashboard → Actions
  2. Filter by decision, action type, or agent
  3. Click an action to see full details

Log Entry Contents

  • Timestamp - When the action occurred
  • Agent ID - Which agent performed the action
  • Action Type - tool_call, api_call, etc.
  • Target - The tool or endpoint called
  • Parameters - Full action parameters
  • Decision - allow, block, or require_approval
  • Policy - Which policy matched (if any)
  • Duration - Processing time in ms

Example: Fintech Payment Agent

Protect a payment processing agent from unauthorized transactions.

Policy: Payment Controls

json
{
  "name": "Payment Controls",
  "rules": [
    {
      "action_type": "tool_call",
      "target": ".*payment.*|.*transfer.*",
      "conditions": { "amount": { "gt": 10000 } },
      "effect": "block"
    },
    {
      "action_type": "tool_call",
      "target": ".*payment.*|.*transfer.*",
      "conditions": { "amount": { "gt": 1000 } },
      "effect": "require_approval"
    }
  ]
}

Agent Code

python
from langchain.tools import tool
from aasp import AASPCallback

@tool
def send_payment(amount: float, recipient: str, memo: str) -> str:
    """Send a payment to a recipient."""
    # Your payment logic here
    return "Payment of {} USD sent to {}".format(amount, recipient)

callback = AASPCallback(
    api_key="aasp_live_xxx",
    agent_id="payment-agent"
)

executor = AgentExecutor(
    agent=agent,
    tools=[send_payment],
    callbacks=[callback]
)

# This will be blocked (> $10,000)
executor.invoke({"input": "Pay $15000 to vendor"})

# This will require approval ($1000-$10000)
executor.invoke({"input": "Pay $5000 to supplier"})

# This will be allowed (< $1000)
executor.invoke({"input": "Pay $500 for supplies"})

Example: DevOps Infrastructure Agent

Prevent an infrastructure agent from executing destructive commands.

Policy: Infrastructure Safety

json
{
  "name": "Infrastructure Safety",
  "rules": [
    {
      "action_type": "db_query",
      "target": ".*",
      "conditions": {
        "query": { "matches": "DROP|TRUNCATE|DELETE FROM" }
      },
      "effect": "block"
    },
    {
      "action_type": "tool_call",
      "target": ".*deploy.*|.*restart.*",
      "conditions": { "environment": { "eq": "production" } },
      "effect": "require_approval"
    }
  ]
}

Agent Code

python
@tool
def execute_sql(query: str, database: str) -> str:
    """Execute SQL query on database."""
    return "Executed: {}".format(query)

@tool
def deploy_service(service: str, environment: str) -> str:
    """Deploy a service to an environment."""
    return "Deployed {} to {}".format(service, environment)

# DROP TABLE will be blocked
executor.invoke({"input": "Clean up old logs by dropping the logs table"})

# Production deploy will require approval
executor.invoke({"input": "Deploy the API to production"})

Example: Customer Support Agent

Review all external communications before they're sent.

Policy: Communication Review

json
{
  "name": "Communication Review",
  "rules": [
    {
      "action_type": "tool_call",
      "target": "send_email|send_sms|send_message",
      "conditions": {},
      "effect": "require_approval"
    },
    {
      "action_type": "tool_call",
      "target": ".*refund.*",
      "conditions": { "amount": { "gt": 100 } },
      "effect": "require_approval"
    }
  ]
}

Agent Code

python
@tool
def send_email(to: str, subject: str, body: str) -> str:
    """Send an email to a customer."""
    return "Email sent to {}".format(to)

@tool
def process_refund(order_id: str, amount: float, reason: str) -> str:
    """Process a refund for an order."""
    return "Refunded {} USD for order {}".format(amount, order_id)

# All emails require approval before sending
executor.invoke({
    "input": "Email customer@example.com about their order status"
})

# Refunds over $100 require approval
executor.invoke({
    "input": "Refund order #12345 for $250 due to shipping damage"
})

Need help? Contact us at support@aasp.dev

Go to Dashboard →