Scopebound

Zero-trust enforcement for AI agents.

Scopebound sits inside your agent framework and intercepts every tool call before it executes. Define what each agent is allowed to do. Block everything else. See every decision.

from scopebound import ScopeboundSDK, enforce
from langchain_core.tools import BaseTool

sb = ScopeboundSDK()

@enforce(sb, role="invoice-processor")
class ReadInvoicesTool(BaseTool):
    name: str = "read_invoices"
    description: str = "Read pending invoices"

    def _run(self, status: str = "pending") -> str:
        ...  # your existing tool logic — unchanged

That's the entire integration.

How it works

1. Your agent runs normally. The LLM decides to call a tool.
2. Scopebound intercepts the call before _run() is invoked.
3. Policy is checked in under 5ms — is this agent allowed to call this tool?
4. Allowed calls execute. Denied calls raise ScopeboundDenyError before the tool runs.
5. Every decision is written to the tamper-evident audit log.

What you get

• Policy enforcement — OPA/Rego policies define what each agent role can and cannot do
• Scoped JWTs — every agent session gets a cryptographically signed token
• Sub-5ms latency — enforcement adds under 5ms per tool call
• Tamper-evident audit trail — append-only log with SHA-256 hash chain
• Behavioral drift detection — anomalous sessions auto-revoked
• Rate limiting — max calls per minute and per hour, per agent role
• Webhook alerts — POST to your endpoint on policy violations

Supported frameworks

LangChain · OpenAI Assistants · CrewAI · AutoGen · Semantic Kernel · Claude Agent SDK · MCP

Get started

pip install scopebound

→ Quickstart — first enforced call in 5 minutes