Skip to content

luxinlabs/Warden

Repository files navigation

Warden Runtime (MVP)

Warden is a zero-trust runtime security firewall for agentic AI. This MVP implements:

  • Perception gateway with taint tagging
  • Memory write gate
  • 3-phase tool firewall (registry, SBOM, invocation)
  • Auditor-worker decision path (supervisor)
  • Viral loop detection
  • Append-only cryptographic provenance ledger
  • FastAPI REST + WebSocket APIs
  • SQL-backed persistence wiring (sessions, artifacts, tool registry, append-only ledger entries)
  • Python + TypeScript SDKs
  • Concrete LangChain and MCP integration adapters

Run

python -m venv .venv
source .venv/bin/activate
pip install -e .[dev]
uvicorn warden_api.main:app --reload

By default, persistence is file-backed SQLite at ./warden.db.

Persistence

  • Runtime writes to both in-memory cache and SQL persistence adapter.
  • Persisted entities: sessions, artifacts, tool registry, ledger entries.
  • DB init is executed in API startup path (warden_api.main).

Integrations

Install integration deps:

pip install -e .[integrations]

LangChain

Use WardenLangChainCallbackHandler to pre-commit tool calls via Warden before execution.

MCP

Use WardenMCPGateway.call_tool(...) to gate MCP tool invocations and write_memory(...) for memory writes.

Demo Dashboard

  • Dashboard page: http://127.0.0.1:8000/dashboard
  • Static assets served from: /assets/*
  • Browser-side quick seed endpoint: POST /v1/demo/seed

Generate richer mock data

python scripts/mock_data.py --base-url http://127.0.0.1:8000 --sessions 8

Workflow

Use the workflow file:

  • /.windsurf/workflows/demo-dashboard.md

API

  • POST /v1/sessions
  • DELETE /v1/sessions/{id}
  • POST /v1/ingest
  • POST /v1/tool-calls/pre-commit
  • POST /v1/memory/gate-write
  • GET /v1/ledger/{session_id}
  • GET /v1/ledger/{session_id}/verify
  • GET /v1/alerts
  • GET /v1/registry/tools
  • POST /v1/registry/tools
  • DELETE /v1/registry/tools/{id}
  • GET /v1/compliance/eu-ai-act
  • GET /v1/compliance/soc2
  • WS /v1/stream/{session_id}

About

Runtime Security Firewall for Agentic AI

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors