Skip to content

Releases: bmdhodl/agent47

v1.2.13

Choose a tag to compare

@github-actions github-actions released this 30 May 17:18
ed0f1ee

What's Changed

Other changes

  • Polish README for GitHub discovery by @bmdhodl in #419
  • Improve repo trust and OSS onboarding by @bmdhodl in #420
  • Switch PyPI releases to Trusted Publishing by @bmdhodl in #422
  • Point demo users to quickstart activation by @bmdhodl in #423
  • Add optional Pydantic AI starter recipe by @bmdhodl in #424
  • Clarify incident dashboard handoff by @bmdhodl in #426
  • Add dashboard handoff guide by @bmdhodl in #427
  • Fix MCP package release consistency by @bmdhodl in #429
  • Fix AgentGuard release hygiene docs by @bmdhodl in #438
  • feat: add sticky agent proof fixture by @bmdhodl in #432
  • Add first-run CLI fallback guidance by @bmdhodl in #435
  • Add MCP proof gallery coverage by @bmdhodl in #436
  • Guard hosted dashboard handoff copy by @bmdhodl in #437
  • Add local-first agentguard-mcp budget server by @bmdhodl in #440
  • feat: add deployed-agent guard profile by @bmdhodl in #442
  • feat(sdk): publish typed contracts for public SDK surface by @bmdhodl in #444
  • docs(readme): add Real Incidents section with PocketOS entry by @bmdhodl in #447
  • Make budget MCP entrypoint dogfoodable by @bmdhodl in #454
  • docs: record first Glama MCP release by @bmdhodl in #455
  • docs: improve Glama metadata quality by @bmdhodl in #456
  • Add Glama badges and clean up root docs by @bmdhodl in #457
  • Clean root docs and improve query_traces metadata by @bmdhodl in #458
  • Add optional MCP npm release guard by @bmdhodl in #430
  • docs: add release cadence by @bmdhodl in #459
  • Publish AgentGuard skill distribution docs by @bmdhodl in #461
  • Document managed-agent threat and cost surfaces by @bmdhodl in #465
  • Improve SDK first-run proof by @bmdhodl in #467
  • Refresh MCP indexing state and document blockers by @bmdhodl in #472
  • [codex] Fix CI tool pins for Python 3.9 by @bmdhodl in #478
  • docs: refresh ARCHITECTURE.md to match current repo layout by @bmdhodl in #481
  • Clarify doctor first-run proof path by @bmdhodl in #482
  • agent: fail clearly for async decorator tracer mismatch by @bmdhodl in #483
  • agent: make MCP budget recording atomic by @bmdhodl in #484
  • agent: share trace event sanitization with async tracer by @bmdhodl in #485
  • agent: fail loudly on guard bugs and refresh pricing trust by @bmdhodl in #486
  • agent: harden LangChain callback span bookkeeping by @bmdhodl in #487
  • agent: remove dead MCP shim and tighten adoption tests by @bmdhodl in #488
  • harden: add actionlint workflow guardrail by @bmdhodl in #489
  • feat: goal-level metering API (guard.goal context manager) by @bmdhodl in #521
  • docs: position AgentGuard vs Manifest (in-process guard, not LLM router) by @bmdhodl in #522
  • docs(readme): cite MSFT Claude Code cost retreat as validation by @bmdhodl in #531
  • docs(readme): add agent exfiltration threat model with Copilot Cowork cite by @bmdhodl in #535
  • Release v1.2.11 by @bmdhodl in #545
  • Gate release announcements on published releases by @bmdhodl in #546
  • Harden post-publish release workflow by @bmdhodl in #547
  • Prepare v1.2.12 release by @bmdhodl in #548
  • Log v1.2.12 release prep handoff by @bmdhodl in #549
  • Prepare v1.2.13 release by @bmdhodl in #550

Full Changelog: v1.2.10...v1.2.13

AgentGuard v1.2.10

Choose a tag to compare

@bmdhodl bmdhodl released this 02 May 15:48

AgentGuard v1.2.10

Patch release focused on activation proof, PyPI-facing onboarding, and release reliability.

Activation Proof Path

  • Tightened the README and getting-started path around doctor, demo, and quickstart so first-time SDK users can reach local guard proof faster.
  • Added a coding-agent review-loop proof artifact that shows budget and retry guards stopping a simulated review/refinement loop without API keys or network calls.
  • Added sync coverage for the public sample incident and generated PyPI README so release-facing activation assets do not silently drift.

Release And Distribution Hygiene

  • Added an opt-in activation metrics design doc that defines allowed activation questions and local-first consent boundaries without adding telemetry.
  • Hardened release discussion category handling so missing GitHub Discussion categories do not block the package release path.
  • Updated the package build timestamp seed to the ZIP-safe reproducible epoch so local and CI release builds do not fail on pre-1980 metadata.
  • Clarified hosted ingest language in incident reporting so HttpSink is described as event mirroring for retained alerts and follow-up, not a remote kill switch by itself.

Install or upgrade:

pip install --upgrade agentguard47

PyPI: https://pypi.org/project/agentguard47/1.2.10/
Compare: v1.2.9...v1.2.10

v1.2.9

Choose a tag to compare

@bmdhodl bmdhodl released this 26 Apr 01:00
c729829

Dashboard Contract Alignment

  • Decision-trace helpers now emit non-empty dashboard-parseable binding_state values for proposed, edited, overridden, and approved events by default.
  • Added hosted-ingest contract coverage for decision-trace warnings so SDK events stay queryable by the dashboard after ingest.
  • Tightened README and guide copy around the local runtime-control proof path, hosted dashboard handoff, and remote-kill polling boundary.

Validation proof is captured in proof/release-1.2.9/.

v1.2.8

Choose a tag to compare

@bmdhodl bmdhodl released this 18 Apr 20:19
7bb2ca1

1.2.8

Agent Security Stack Positioning

  • Added a competitive-positioning doc that places AgentGuard in the runtime behavior and budget layer of the emerging agent security stack.
  • Updated README competitive-doc links to point to both the gateway comparison and broader stack-layer framing.

Per-Token Budget Proof

  • Added examples/per_token_budget_spike.py to prove BudgetGuard catches one oversized token-priced turn locally.
  • Updated README, getting-started docs, and examples docs around token-metered budget enforcement.

Budget-Aware Escalation Guard

  • Added BudgetAwareEscalation, EscalationSignal, and EscalationRequired for portable advisor-style escalation without provider dependencies.
  • Added token-count, confidence, tool-call-depth, and custom-rule triggers, plus local example and guide coverage.

Managed-Agent Session Correlation

  • Added optional session_id support to Tracer, AsyncTracer, and agentguard.init(...).
  • Added local managed-session guide and runnable example proving shared session correlation across distinct traces.

Coding-Agent Skill Packs

  • Added agentguard skillpack to generate repo-local .agentguard.json defaults plus instructions for Codex, Claude Code, GitHub Copilot, and Cursor.
  • Updated coding-agent onboarding docs around the generated local-first flow.

Supply Chain And Release Prep

  • Replaced unhashed workflow pip install steps with a checked-in hash-locked CI toolchain requirements file.
  • Pinned root and MCP Docker base images to the current node:22-alpine digest.
  • Prepared the GitHub side of PyPI Trusted Publishing while keeping token auth until the PyPI publisher is configured.

PyPI: https://pypi.org/project/agentguard47/1.2.8/

v1.2.6

Choose a tag to compare

@bmdhodl bmdhodl released this 04 Apr 00:21
074b611

Hosted Ingest Compatibility

  • HttpSink now drops local-only kind="meta" watermark records before posting to the hosted ingest API, preventing first-batch 400s from validators that only accept trace spans and point events.
  • HttpSink now mirrors supported trace kinds into both kind and type on outbound payloads so the SDK remains compatible across hosted validators while preserving local SDK semantics.

v1.2.5

Choose a tag to compare

@bmdhodl bmdhodl released this 03 Apr 22:56
a47792e

1.2.5

Distribution and Registry Hygiene

  • Added official MCP Registry metadata plus package-local Docker and Smithery config for @agentguard47/mcp-server.
  • Added sdk/tests/test_mcp_registry_metadata.py to keep MCP registry metadata, packaging files, and environment-variable contracts aligned.
  • Refreshed README, SDK README, PyPI README, and package metadata around coding-agent safety and local-first onboarding.

Public Repo Hygiene

  • Removed stale tracked context/ files that carried business-sensitive planning data not meant for the public SDK repo.
  • Retired the obsolete inbox/INBOX_PROTOCOL.md workflow in favor of the current memory/ plus inbox/log.md contract.

v1.2.4

Choose a tag to compare

@bmdhodl bmdhodl released this 01 Apr 03:49
5a85385

Coding-Agent Onboarding

  • Added repo-local .agentguard.json support so humans and coding agents can share static SDK defaults without dashboard coupling.
  • Added the built-in coding-agent profile with tighter loop and retry defaults for repo automation and coding workflows.
  • Added executable starter files under examples/starters/ and aligned agentguard doctor / agentguard quickstart around .agentguard/traces.jsonl.
  • Added the docs/guides/coding-agents.md onboarding guide plus doc updates across the README, SDK README, examples, architecture doc, roadmap, and generated PyPI README.

SDK Hardening

  • JsonlFileSink now creates parent directories automatically so repo-local trace paths like .agentguard/traces.jsonl work out of the box.
  • Repo-config parsing now rejects boolean values in numeric fields to keep local defaults deterministic and auditable.
  • init() now still honors repo-level profile defaults when service, budget, or trace path are passed explicitly but guard-profile values are left implicit.
  • Invalid AGENTGUARD_BUDGET_USD values now fall back to a valid repo-local budget_usd instead of silently dropping budget enforcement.

v1.2.3

Choose a tag to compare

@bmdhodl bmdhodl released this 28 Mar 16:11
b9707e1

AgentGuard 1.2.3

Install or upgrade:

pip install --upgrade agentguard47

What changed

  • release hardening for the next SDK cut: docs, roadmap, changelog, and release criteria are now aligned
  • fixed the current CodeQL findings in examples/cost_guardrail.py and sdk/tests/e2e_v110.py
  • pinned GitHub Actions by commit SHA across CI, publish, CodeQL, Scorecard, and maintenance workflows
  • refreshed stale docs and examples that still referenced v1.2.1 or the removed agentguard view command

Cleanup tracked separately

  • #278 refresh vulnerable mcp-server dependencies
  • #279 resolve remaining repo-level Scorecard governance findings

v1.2.1 — CostTracker Improvements

Choose a tag to compare

@bmdhodl bmdhodl released this 15 Feb 01:44

What's New in v1.2.1

CostTracker Improvements

  • Per-span cost events: CostTracker now includes running total in span end events (cost_usd field)
  • Model pricing accuracy: Updated model pricing for latest OpenAI, Anthropic, and Google models
  • Warning on unknown models: estimate_cost() logs a warning when encountering unrecognized model names

Bug Fixes

  • Fixed span end events not including accumulated cost data
  • Improved CostTracker thread safety

Full Changelog

Full Changelog: v1.2.0...v1.2.1


Installation

pip install agentguard47==1.2.1

Quick Start

from agentguard import Tracer, BudgetGuard

guard = BudgetGuard(max_budget_usd=5.00)
tracer = Tracer(service="my-agent", guards=[guard])

with tracer.span("agent-run"):
    # Your agent code here
    pass  # BudgetExceeded raised if cost > $5

v1.0.0 — Production GA

Choose a tag to compare

@bmdhodl bmdhodl released this 09 Feb 20:17
b6402e6

AgentGuard v1.0.0 — Production GA

Runtime guardrails for AI agents. Stop loops, enforce budgets, trace everything — zero dependencies.

pip install agentguard47

Highlights

  • 5 guards: LoopGuard, FuzzyLoopGuard, BudgetGuard, TimeoutGuard, RateLimitGuard
  • 4 integrations: LangChain, LangGraph, CrewAI, OpenTelemetry
  • Auto-instrumentation: patch_openai() / patch_anthropic() for automatic tracing
  • Full async API: AsyncTracer, async decorators, async monkey-patches
  • Cost tracking: Built-in pricing for OpenAI, Anthropic, Google, Mistral, Meta
  • Evaluation: Assert properties of traces in tests or CI
  • Production-ready: Gzip compression, retry with backoff, sampling, SSRF protection
  • CLI: agentguard report, view, summarize, eval

Quality

  • 317 tests, 86% coverage
  • Python 3.9-3.12
  • Zero dependencies (pure Python stdlib)
  • Development Status: Production/Stable

Links