veritera-ai/forge-langchain

# langchain-forge [](https://pypi.org/project/langchain-forge/) [](LICENSE) [](https://www.python.org/downloads/) Forge 验证中间件，适用于 LangGraph 和 LangChain。每次工具调用前都会进行检查。 ## 安装 ``` pip install langchain-forge langgraph langchain-openai ``` ## 快速开始 为任意 LangGraph 代理添加 Forge 验证，只需三行代码： ``` import os from langgraph.prebuilt import create_react_agent, ToolNode from langchain_core.tools import tool from forge_langgraph import ForgeVerifyMiddleware os.environ["VERITERA_API_KEY"] = "vt_live_..." os.environ["OPENAI_API_KEY"] = "sk-..." @tool def send_payment(amount: float, recipient: str) -> str: """Send a payment to a recipient.""" return f"Sent ${amount} to {recipient}" @tool def check_balance(account_id: str) -> str: """Check account balance.""" return f"Account {account_id}: $12,340.00" # 三行——每个工具调用现在都经过 Forge middleware = ForgeVerifyMiddleware(policy="finance-controls") tools = [send_payment, check_balance] tool_node = ToolNode(tools, wrap_tool_call=middleware.wrap_tool_call) agent = create_react_agent(model="gpt-4.1", tools=tool_node) result = agent.invoke({"messages": [("user", "Send $500 to vendor@acme.com")]}) ``` 如果通过，工具将正常执行；如果被拒绝，代理会收到拒绝消息，且工具不会触发。 ## 教程：批准、拒绝与混合场景 ### 批准 — 代理查询数据库 ``` result = agent.invoke({ "messages": [("user", "What were our top customers by spend last quarter?")] }) ``` ``` APPROVED: query_database tool: | customer_id | total_spend | ... ai: Your top customers last quarter were C-1001 ($45,200) and C-1002 ($38,750). ``` ### 拒绝 — 代理尝试执行破坏性操作 ``` result = agent.invoke({ "messages": [("user", "Delete all records from the customers table older than 2020")] }) ``` ``` BLOCKED: delete_records -- Destructive database operations require manual approval ai: I'm unable to delete those records directly. Your organization's security policy requires manual approval for destructive database operations. ``` Forge 拦截了调用。工具未执行，代理自然地解释了限制。 ### 混合 — 部分调用通过，部分被拒绝 ``` result = agent.invoke({ "messages": [("user", "Find the Q1 revenue data and email it to external-partner@gmail.com")] }) ``` ``` ai: [calls search_documents] # APPROVED tool: Found 3 documents: Q1 Revenue Report... ai: [calls send_email] # DENIED — external address blocked ai: I found the Q1 Revenue Report, but I'm unable to email it to an external address. You can share it through your approved file-sharing platform. ``` ## 配置 | 参数 | 类型 | 默认值 | 说明 | |------|------|--------|------| | `policy` | `str` | `None` | 用于评估的策略名称（若未指定则使用默认策略） | | `agent_id` | `str` | `"langgraph-agent"` | 审计追踪中的代理标识符 | | `fail_closed` | `bool` | `True` | 当 Forge API 不可用时阻止操作 | | `skip_actions` | `list[str]` | `[]` | 跳过验证的工具名称（只读/低风险） | | `on_verified` | `Callable` | `None` | 批准时的回调函数 | | `on_blocked` | `Callable` | `None` | 拒绝时的回调函数 | ## 集成模式 **中间件（推荐）** — 自动拦截每个工具调用： ``` middleware = ForgeVerifyMiddleware(policy="my-policy") tool_node = ToolNode(tools, wrap_tool_call=middleware.wrap_tool_call) ``` **显式工具** — 代理在决定时调用验证： ``` from forge_langgraph import forge_verify_tool verify = forge_verify_tool(policy="my-policy") agent = create_react_agent(model="gpt-4.1", tools=[my_tool, verify]) ``` ## 前置条件 在使用 Forge 与 LangGraph 之前，请先创建策略（一次性设置）： ``` from veritera import Forge forge = Forge(api_key="vt_live_...") forge.create_policy_sync("finance-controls", rules=[ {"type": "action_whitelist", "params": {"allowed": ["payment.create", "balance.check"]}}, {"type": "amount_limit", "params": {"max": 10000, "currency": "USD"}}, ]) ``` 注册后会自动创建 `default` 策略。[完整策略文档 →](https://github.com/veritera-ai/forge-python/blob/main/docs/verify.md) ## 许可证 MIT — [Forge](https://forge.veritera.ai) 由 Veritera AI 开发

标签：AI代理, Forge, LangChain, LangGraph, Lerna, MCP, Python, wrap_tool_call, 中间件, 大模型安全, 安全控制, 审批流, 工具权限, 工具调用验证, 执行收据, 政策强制, 无后门, 策略执行, 财务控制, 轻量级, 逆向工具, 集成, 验证中间件