SDK
The AgentWarden SDK is for custom agent applications where the application owns the agent loop.
Use the SDK when your application controls prompts, tool execution, tool outputs, and final responses.
You keep your model, tools, orchestration, UI, approval service, IAM, DLP, and storage. The SDK adds AgentWarden checkpoints around the boundaries where policy decisions are needed.
Access and Setup
Contact the Dynamo AI support team for the AgentWarden SDK package or install command for your environment.
At runtime, the SDK needs:
- an AgentWarden server URL,
- a runtime API key,
- the use case id for the deployed policy.
Use neutral environment variable names such as:
export AGENTWARDEN_BASE_URL="<agentwarden-server-url>"
export AGENTWARDEN_API_KEY="<runtime-api-key>"
export AGENTWARDEN_USE_CASE_ID="<use-case-id>"
For audit attribution, pass a stable client_user_id when constructing the SDK, or set AGENTWARDEN_USER_ID in the runtime environment. This value groups runtime events by user in AgentWarden telemetry. Use user_email separately when your application needs to attach an email address to a specific event.
Checkpoints
The SDK supports two decision styles:
- Pre-action decisions: evaluate a prompt or tool request before it continues.
- Content decisions: evaluate tool output or a final response before it moves onward.
Typical checkpoints:
| Checkpoint | Runs before |
|---|---|
| Prompt input | The model receives the user prompt. |
| Tool request | A tool executes or changes state. |
| Tool output | Tool output becomes model context. |
| Final response | The user receives the final answer. |
Minimal Shape
The exact agent loop depends on your application, but the pattern is:
import os
from agentwarden_sdk import AgentWardenSDK
async def handle_request(prompt, ticket_id, conversation_id, generation_id):
async with AgentWardenSDK(
base_url=os.environ["AGENTWARDEN_BASE_URL"],
api_key=os.environ["AGENTWARDEN_API_KEY"],
use_case_id=os.environ["AGENTWARDEN_USE_CASE_ID"],
) as sdk:
warden = sdk.session(
conversation_id=conversation_id,
generation_id=generation_id,
model="example-model",
)
prompt_action = await warden.before_user_submit_prompt(prompt)
await prompt_action.enforce()
safe_tool_output = await warden.run_tool(
tool_name="lookup_ticket",
tool_kind="mcp",
tool_input={"ticket_id": ticket_id},
call=lambda: lookup_ticket(ticket_id),
)
# Pass safe_tool_output back to your agent loop before generating final_text.
final_text = await generate_response(prompt, safe_tool_output)
final_action = await warden.after_agent_response(final_text)
return final_action.apply(final_text)
The host application still owns the loop. AgentWarden returns policy decisions; the SDK helps enforce and apply them consistently.
Tool Inputs
Send structured intent, not unnecessary private payloads.
Policy usually needs names, kinds, parameters, recipients, paths, and short previews. For first integrations, normalize tool output to text before it enters model context.
Useful tool_kind values include:
| Tool kind | Use for |
|---|---|
mcp | External services or MCP-hosted actions. |
shell | Terminal commands. |
file | Workspace file reads and writes. |
generic | In-process business logic. |
Examples and Cookbooks
Dynamo AI can provide runnable SDK examples and cookbook-style recipes for common integration paths.
Useful examples typically cover:
- a minimal prompt checkpoint,
- a support-agent loop with tool calls,
- pre-tool and post-tool decision handling,
- runtime event logging for review.
Use a dedicated non-production use case for examples that create or update policy.