Skip to content

fortsignal/fortsignal-deepagents

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
fortsignal_deepagents
fortsignal_deepagents
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 
uv.lock
uv.lock
 
 

Repository files navigation

FortSignal DeepAgents

Deep Agents with FortSignal enforcement — every risky tool call cryptographically authorized before execution.

Every risky operation (file write, edit, execute, sub-task) is intercepted and routed through FortSignal's challenge/verify flow — only cryptographically signed intents reach your machine.

License Python PyPI

Verifiable Intent Pilot — Now Open

Running a small, high-touch pilot for teams building real agents. Natural language policies, cryptographically enforced agent behavior, full audit visibility.

👉 Client Guide →
Interested? Contact us or open an issue.

Before you start

  1. API key — Sign up at fortsignal.com/signup → Dashboard → API Keys. Your key starts with fs_live_.
  2. Register your agent — In the dashboard, create an agent and generate an Ed25519 keypair. Download the private key as agent-key.json.
  3. Approve a delegation — In the dashboard, approve a delegation with your passkey. Agent calls return delegation_invalid until this is done.

Install

pip install fortsignal-deepagents

Quick Start

Agent mode (autonomous — Ed25519 signs each challenge automatically):

export FORTSIGNAL_API_KEY="fs_live_..."
export FORTSIGNAL_AGENT_ID="your-agent-id"
export FORTSIGNAL_AGENT_KEY="/path/to/agent-key.json"

fortsignal-deepagents --model "openai:gpt-4o"

Human mode (passkey approval required per risky action):

export FORTSIGNAL_API_KEY="fs_live_..."
export FORTSIGNAL_USER_ID="your-user-id"

fortsignal-deepagents --model "openai:gpt-4o"

One-shot prompt:

fortsignal-deepagents --model "openai:gpt-4o" --message "create hello.py with a greeting"

Agent key file

FORTSIGNAL_AGENT_KEY points to a JSON file with your Ed25519 private key:

{ "privateKey": "<base64url-encoded Ed25519 private key>" }

Generate from the dashboard (recommended), or create it manually:

from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
import base64, json

key = Ed25519PrivateKey.generate()
priv = base64.urlsafe_b64encode(key.private_bytes_raw()).rstrip(b"=").decode()
pub  = base64.urlsafe_b64encode(key.public_key().public_bytes_raw()).rstrip(b"=").decode()

with open("agent-key.json", "w") as f:
    json.dump({"privateKey": priv}, f)

print("Public key to register:", pub)

Register the public key in the dashboard, then approve a delegation before running.

How it works

  1. Agent calls a risky tool → FortSignalMiddleware intercepts it
  2. /challenge/start — challenge bound to exact action + target
  3. Agent signs with Ed25519 (autonomous) or human signs with passkey (human-in-the-loop)
  4. /challenge/verify — only verified intents execute

Risky tools intercepted: write_file, edit_file, execute, task, write_todos

Read-only tools pass through without any verification check.

Python API

from fortsignal_deepagents import create_fortsignal_deep_agent

agent = create_fortsignal_deep_agent(
    model="openai:gpt-4o",
    agent_id="my-agent-id",
    agent_key_path="/path/to/agent-key.json",
)

Or use the middleware directly:

from fortsignal_deepagents import FortSignalMiddleware
from deepagents import create_deep_agent

middleware = FortSignalMiddleware(
    agent_id="my-agent-id",
    agent_key_path="/path/to/agent-key.json",
)
agent = create_deep_agent(model="openai:gpt-4o", middleware=[middleware])

Environment variables

Variable Required Description
FORTSIGNAL_API_KEY Yes Your fs_live_... API key
FORTSIGNAL_AGENT_ID Agent mode Your registered agent ID
FORTSIGNAL_AGENT_KEY Agent mode Path to agent-key.json
FORTSIGNAL_USER_ID Human mode Your userId for passkey approval
FORTSIGNAL_BASE_URL No Override API base (default: https://api.fortsignal.com)
FORTSIGNAL_LOG_LEVEL No Log verbosity (default: WARNING)

Development

git clone https://github.com/fortsignal/fortsignal-deepagents.git
cd fortsignal-deepagents
uv sync
uv run pytest

Full detail → api.fortsignal.com/docs

Tests

66 tests — all mock (middleware logic), no API key required.

Mock tests run offline and cover config, safe-tool passthrough, risky-tool interception, challenge/verify flow (agent + passkey modes), retry logic, API error handling, and middleware injection.

uv run pytest tests/ -v

Policy Setup

After creating an Agent Passport, create a policy in the FortSignal dashboard to define what the agent can do. Example for a coding agent:

Setting Value
Actions edit_file, file_write, execute, write_file, task, write_todos
Action recipients — execute cmd:git *, cmd:python*, cmd:uv *, cmd:pip *, cmd:pytest *, cmd:npm *, cmd:npx *
Action recipients — task task:*

The cmd: prefix is added automatically by the middleware to execute commands so they match the per-action policy overrides. The task: prefix is added similarly for task descriptions.

License
MIT © FortSignal

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

6 tags

Packages

 
 
 

Contributors

Languages