SourceryKit is the Python SDK for Provably. It provides verifiable guardrails for AI agents by automatically recording outbound HTTP calls, enforcing endpoint policies, and checking your agent's claims against a source of truth—all before any request leaves your process.
⚠️ IMPORTANT: Upgrading the SDK from v0.2 to v1.0? See the v1.0 migration guide.
SourceryKit handles policy enforcement and logging right inside your agent's normal workflow:
claimed_values list of extracted values.SourceryKit requires Python 3.12+. You can grab it directly from source:
git clone [email protected]:ProvablyAI/sourcerykit.git
pip install -e ./sourcerykitOr install it directly via pip:
pip install sourcerykitTo get things running, SourceryKit must be configured with your project variables. The interactive CLI handles account provisioning, organization workspace initialization, database validation, and persists credentials globally (OS application folder) and locally (project .env).
sourcerykit initThe wizard will guide you through:
⚠️ IMPORTANT: The wizard only configures SOURCERYKIT_* variables. It does not handle third-party LLM provider infrastructure keys, which must still be exported separately.
Already have credentials, or need to bypass the wizard (CI, containers, debugging)? Environment variables override the stored config:
export PROVABLY_API_KEY="..."
export SOURCERYKIT_ORG_ID="..."
export SOURCERYKIT_POSTGRES_URL="postgresql://user:password@host:5432/db"For a full list of CLI commands, check out the CLI Documentation file, or simply run:
sourcerykit --helpFor a full list of environment variables, see .env.example.
Here is how to bootstrap the system, run an intercepted request, build a payload, and check if everything passes validation:
import uuid
import httpx
import sourcerykit
from agents import Agent, Runner
from sourcerykit import SourceryKitAgentResponse
async def run_verifiable_agent():
# 1. Fire up the system
await sourcerykit.bootstrap_system()
# 2. Tell the registry which URL is allowed
await sourcerykit.insert_trusted_endpoint(url="https://api.example.com/data")
# 3. Make a network call inside an intercept context
async with sourcerykit.async_intercept_context(agent_id="demo-agent", action_name="get_data"):
async with httpx.AsyncClient() as client:
response = await client.get(
"https://api.example.com/data",
params={"query": "example_parameter"}
)
response.raise_for_status()
# 4. Run agent with SourceryKitAgentResponse as the output format
# (e.g., output_type=... for OpenAI, response_format=... for LangChain, output_format=... for Claude).
# The output is a structured response containing `claimed_values`.
prompt = "You are a helpful assistant."
agent = Agent(
name="demo-agent",
instructions=prompt,
tools=[...],
model="model-name",
output_type=SourceryKitAgentResponse,
)
result = await Runner.run(agent, prompt)
final_output: SourceryKitAgentResponse = result.final_output
# 5. Build the handoff payload from the agent's structured output
payload_data = {
"reasoning": final_output.reasoning,
"claims": [
{
"action_name": "get_data",
"claimed_value": final_output.claimed_values,
"verification_mode": "field_extraction",
}
],
}
payload = await sourcerykit.build_handoff_payload(
payload_data,
run_id=uuid.uuid4(),
prompt=prompt,
intercept_agent_id="demo-agent",
)
# 6. Ask the evaluator for a verdict
result = await sourcerykit.evaluate_handoff(payload=payload)
print(f"Evaluation Outcome: {result.get('outcome')}") # PASS, CAUGHT, or ERRORWant to dig into the details? Check out our documentation and specific guides:
We welcome fixes, features, and doc updates! Check out CONTRIBUTING.md to see how to run tests and open up a pull request.
This project is licensed under the Business Source License 1.1.
See the LICENSE file for full terms and details.