Quick Start

Get started with predicate-secure in 3 lines of code.

Basic Usage

The simplest way to secure your agent:

from predicate_secure import SecureAgent

# 1. Your existing agent (unchanged)
agent = YourAgent(task="Do something", llm=your_model)

# 2. Wrap with SecureAgent
secure_agent = SecureAgent(

That's it! Every action your agent attempts will now be checked against your policy.

Create a Policy File

Create a policy.yaml file to define what actions are allowed:

# policy.yaml
rules:
  # Allow browsing specific sites
  - action: "browser.*"
    resource: "https://example.com/*"
    effect: allow

  # Block everything else
  - action: "*"
    resource: "*"
    effect: deny

Flexible Verification Options

You can use pre-execution authorization and post-execution verification independently or together:

Usage Pattern	Description	Sidecar Required?
Pre-execution only	Block unauthorized actions before they run	Yes
Post-execution only	Verify outcomes after actions complete	No
Both (full loop)	Block + verify for maximum safety	Yes

Pre-Execution Authorization Only

Use strict or permissive mode with a policy that has no require_verification predicates:

secure_agent = SecureAgent(
    agent=agent,
    policy="policy.yaml",
    mode="strict",  # Requires sidecar
)

# policy.yaml - authorization only, no verification
rules:
  - action: "browser.*"
    resource: "https://amazon.com/*"
    effect: allow

  - action: "*"
    resource: "*"
    effect: deny

Post-Execution Verification Only

Use debug or audit mode and manually verify outcomes—no sidecar needed:

secure_agent = SecureAgent(
    agent=agent,
    mode="debug",  # No sidecar required
)

# Run agent
result = secure_agent.run()

# Verify outcomes after execution
secure_agent.trace_verification(

Full Closed-Loop Verification

Use strict mode with require_verification predicates for maximum safety:

secure_agent = SecureAgent(
    agent=agent,
    policy="policy.yaml",
    mode="strict",  # Requires sidecar
)

# policy.yaml - authorization + verification
rules:
  - action: "browser.click"
    resource: "*checkout*"
    effect: allow
    require_verification:  # Post-execution check
      - url_contains: "/order-confirmation"
      - element_exists: "#order-number"

Error Handling

Handle authorization and verification errors:

from predicate_secure import AuthorizationDenied, VerificationFailed

try:
    secure_agent.run()
except AuthorizationDenied as e:
    print(f"Action blocked: {e}")
    print

Installation

Framework Guides