Skip to content

[AAASM-3537] ✨ (examples): Add Agno tool-policy example#151

Merged
Chisanan232 merged 8 commits into
mainfrom
v0.0.1/AAASM-3537/feat/agno_support
Jun 22, 2026
Merged

[AAASM-3537] ✨ (examples): Add Agno tool-policy example#151
Chisanan232 merged 8 commits into
mainfrom
v0.0.1/AAASM-3537/feat/agno_support

Conversation

@Chisanan232

Copy link
Copy Markdown
Contributor

Description

Adds python/agno-tool-policy, a runnable offline example that governs a real
Agno (formerly Phidata) agent's tools through the SDK's native Agno
adapter
— not a no-op.

Agno runs every function-tool call through agno.tools.function.FunctionCall.execute;
the SDK's Agno adapter patches that chokepoint so governance runs before the tool
body. The example drives real Agno @tool functions exactly as an Agno Agent
does (FunctionCall(...).execute()), wired to a local offline policy:

  • get_weather, summarize_docsallowed, run and return their real output;
  • execute_sqldenied, body short-circuited before it runs.

Mirrors the existing *-tool-policy examples (src/main.py, src/tools.py,
src/policy.py, tests/test_smoke.py, README, .env.example) and adds a CI job to
verify-python.yml.

The smoke tests are a genuine governance proof: the deny test asserts the denied
tool's body never executed (a no-op patch would let it run), and the allow
test asserts the real body ran.

Cross-repo dependency

The example imports agent_assembly.adapters.agno, which ships in the python-sdk
AAASM-3537 branch (PR ai-agent-assembly/python-sdk#162). Until that lands and
a release is published to PyPI, uv sync should install the SDK from that branch.
This is noted in the example's pyproject.toml and README.

Verification

Validated locally against the python-sdk AAASM-3537 branch:

$ uv run python src/main.py
  → get_weather({'city': 'London'})        ✅ ALLOWED
  → summarize_docs({'topic': '...'})        ✅ ALLOWED
  → execute_sql({'sql': 'DROP TABLE ...'})  ❌ BLOCKED — deny_arbitrary_execution

$ uv run pytest tests/ -q
  6 passed

Refs AAASM-3537

🤖 Generated with Claude Code

Chisanan232 and others added 4 commits June 22, 2026 14:29
…pter

A runnable offline demo that governs real Agno @tool functions through the SDK's
native Agno adapter (AgnoPatch over FunctionCall.execute): get_weather and
summarize_docs are allowed, execute_sql is blocked before its body runs.

Refs AAASM-3537

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Drive real Agno tools through AgnoPatch and assert a denied tool's body never
runs (negative control) and an allowed tool returns its real output.

Refs AAASM-3537

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add the example README and list it in the Python examples index.

Refs AAASM-3537

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add an agno-tool-policy job mirroring the other per-example smoke jobs.

Refs AAASM-3537

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@Chisanan232

Copy link
Copy Markdown
Contributor Author

Claude Code — review result (Agno example)

⚠️ agno-tool-policy smoke job is red for release-ordering onlyModuleNotFoundError: No module named 'agent_assembly.adapters.agno'. Adapter ships in python-sdk #162 (unmerged); resolves after #162 merges + a python-sdk b5 release.

Two non-defect reds to note:

  • The run check failing is the unrelated "Auto-assign issue" workflow (Couldn't find issue info in current context) — pre-existing repo automation, not this PR.
  • SonarCloud — acceptance gate, ignored per standing rule.

Validated locally: 6 smoke tests pass; main.py runs allow/allow/blocked. Merge order: LAST — after python-sdk #162 + b5 release. Full cross-repo review on AAASM-3535.

SonarCloud flagged the agno-tool-policy job's actions as a security hotspot
(tag-pinned, not SHA-pinned). Pin actions/checkout and astral-sh/setup-uv to
full commit SHAs (annotated with the tracked major version) to remove the
supply-chain hotspot on this job's new code.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@Chisanan232

Copy link
Copy Markdown
Contributor Author

Claude Code — SonarCloud new-code review (round 2)

Found + fixed 1 security finding: hotspot verify-python.yml:99 — "use full commit SHA for this dependency." SHA-pinned the agno job's actions — astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5 and actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 (commit eb75335c).

SonarCloud quality gate flipped to OK; 0 new-code issues, hotspot resolved. (The agno-tool-policy smoke job stays red for release-ordering only — resolves after python-sdk #162 + a b5 release; the run/Auto-assign check is unrelated repo automation.)

Chisanan232 and others added 3 commits June 22, 2026 16:21
The PyPI agent-assembly pin does not yet ship the native agno adapter.
Track the python-sdk git master so the example validates against the
merged adapter; it greens automatically once the agno adapter lands on
master (revert to the PyPI pin when 0.0.1b5 publishes it).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Wrap long lines per ruff format and replace the loose object/dict
annotations on _run_governed_call with precise Function and
dict[str, str] types so mypy --strict passes. Re-resolve the
agent-assembly git pin to current python-sdk master so the native
agno adapter import resolves. No runtime behavior change.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Replace loose object/dict typing in the _run helper with precise Agno
types (Function, dict[str, Any], FunctionExecutionResult) so mypy --strict
passes over both src and tests. Coerce Optional[Any] tool results via str()
at the assertion sites. No logic or behavior change.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@Chisanan232 Chisanan232 merged commit 76de15b into main Jun 22, 2026
7 checks passed
@Chisanan232 Chisanan232 deleted the v0.0.1/AAASM-3537/feat/agno_support branch June 22, 2026 09:05
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant