Plugins

Integration Catalog

Drop-in safety checks for popular agent frameworks. Each plugin is a thin adapter that calls Atbash before sensitive actions run.

Multi-agent orchestration

@atbash/autogen

v0.2.3

View on npm

Atbash safety judge for AutoGen-style multi-agent orchestration loops.

This package is intentionally small. It gives you one focused helper to ask Atbash for a verdict at the point where your app decides whether to proceed with an action. It does not own your orchestration model.

Installation

bash
npm install @atbash/autogen

When to use it

Use this package when:

  • you already control your own orchestration steps
  • you want one explicit Atbash check before a side effect
  • you do not need a heavier plugin lifecycle

Good fits:

  • AutoGen-style multi-agent loops
  • custom planners
  • supervisor-worker systems
  • approval chains where your app already owns the review UI

Quick start

ts
import { createAtbashClient, loadAgent } from "@atbash/sdk";
import { judgeForAutoGen } from "@atbash/autogen";

const agent = loadAgent(process.env.ATBASH_AGENT_PRIVKEY);
const client = createAtbashClient({ keyPair: { privKey: agent.privkey, pubKey: agent.pubkey } });

const result = await judgeForAutoGen(
  {
    action: "Bank transfer $25 to a new external vendor account",
    context: "AutoGen agent checking transfer before execution",
    toolName: "send_bank_transfer",
    toolArgs: { amount: 25, recipient: "new vendor" },
  },
  client,
);

if (result.allow) {
  // proceed
} else {
  // stop — surface result.reason to the operator
}

API

judgeForAutoGen(input, client)

ParameterTypeDescription
inputAutoGenJudgeInputThe action to evaluate
clientAtbashClientSDK client created with createAtbashClient()

Returns Promise<Decision>.

AutoGenJudgeInput

FieldTypeRequiredDescription
actionstringYesHuman-readable description of the action
contextstringYesWhy the agent is taking this action
toolNamestringNoName of the tool being called (defaults to "autogen_action")
toolArgsunknownNoStructured payload the judge evaluates (defaults to { action })

Decision

FieldTypeDescription
allowbooleanWhether to proceed
verdict`"ALLOW""HOLD"
reasonstring?Policy reason (present on HOLD/BLOCK)
toolCallIdstring?ID to pass back on HOLD resolution

Verdict handling

VerdictMeaningAction
ALLOWSafe to proceedContinue orchestration
HOLDNeeds human reviewStop and hand off; keep toolCallId
BLOCKPolicy violationStop and surface reason
ERRORJudge unreachableFail closed by default

Creating the client

Create the AtbashClient once at startup, then pass it to every judgeForAutoGen call.

ts
import { createAtbashClient, loadAgent } from "@atbash/sdk";

const agent = loadAgent(process.env.ATBASH_AGENT_PRIVKEY);
const client = createAtbashClient({ keyPair: { privKey: agent.privkey, pubKey: agent.pubkey } });

To use a custom endpoint:

ts
const client = createAtbashClient({
  keyPair: { privKey: agent.privkey, pubKey: agent.pubkey },
  judge: { endpoint: process.env.ATBASH_ENDPOINT },
});

What this package does not do

  • It does not wrap your framework for you.
  • It does not create a review queue.
  • It does not log or execute the real action automatically.

That is intentional. The host loop stays in control.

Example

A runnable example is in examples/autogen-runtime-agent/ in the package repository.

bash
cd examples/autogen-runtime-agent
ATBASH_AGENT_PRIVKEY=your_key_here node run.mjs