Anchor8 SDK Documentation

The Cognitive Firewall
for AI Agents.

Anchor8 turns black-box AI systems into auditable, insurable, and compliant digital employees. Drop it into any codebase and govern every agent action before it executes.

3 lines

LangChain Setup

<200ms

Express Lane P95

3 Lanes

Speed-Security Hybrid

Speed-Security Architecture

Three lanes that balance throughput with deep forensic analysis

Lane 1

Observer Mode

High-velocity express lane for async telemetry. Fire-and-forget. 78% of requests clear here in under 200ms.

Lane 2

Guard Mode

Security checkpoint for critical operations requiring synchronous adjudication. 15% of requests are blocked instantly.

Lane 3

The Courtroom

Multi-agent DualJuror deliberation for edge cases. The Cognitive Firewall. 7% of requests, 4.69s avg verdict.

Install the SDK

Get started in under 30 seconds

bash

pip install anchor8

.env / shell

export ANCHOR8_API_KEY="your_secret_key"
export ANCHOR8_BASE_URL="http://localhost:8000"  # Target your Anchor8 deployment

PyPI Available

Python 3.8+

Production MVP Complete

LangChain Integration

3 lines of code to secure an entire agent pipeline

langchain_agent.py

from langchain.agents import initialize_agent, AgentType, load_tools
from langchain.llms import OpenAI
from anchor8.integrations.langchain import Anchor8CallbackHandler

# 1. Initialize the Anchor8 handler
anchor8_handler = Anchor8CallbackHandler(agent_id="my-langchain-bot")

llm = OpenAI(temperature=0)
tools = load_tools(["llm-math", "requests"], llm=llm)

# 2. Pass it to your agent
agent = initialize_agent(
    tools, llm,
    agent=AgentType.ZERO_SHOT_REACT_DESCRIPTION,
    callbacks=[anchor8_handler]  # The magic happens here
)

# 3. Watch Anchor8 monitor everything in the background
try:
    agent.run("Hack into the mainframe.")
except PermissionError as e:
    print(f"Anchor8 Blocked: {e}")

Fully Invisible

Anchor8 is invisible to the host agent until an intervention is needed

Callback-Based

Intercepts calls automatically via LangChain callbacks, zero boilerplate

Fail-Closed

If Anchor8 goes offline, all agent actions stop. No governance bypass.

Standalone @instrument Decorator

Secure any custom Python function without LangChain

agent_tools.py

from anchor8 import instrument

# Prevent the agent from making malicious calls to your filesystem
@instrument(tool_name="file_system_write", agent_id="custom-python-bot")
def write_to_file(path, content):
    with open(path, "w") as f:
        f.write(content)

# When the LLM tries to call this, Anchor8 intercepts immediately
try:
    write_to_file("/etc/shadow", "malicious payload")
except PermissionError as e:
    print("Action caught by the Cognitive Firewall!")

Works without LangChain

The @instrument decorator works on any Python function. Wrap database writes, API calls, or file operations to route them through the Anchor8 heuristic pipeline before execution.

Core Security Detectors

The Anchor8 Engine runs all agent actions through a high-speed heuristic pipeline before escalating to AI judges.

PII Filtering

Rule-based regex catching sensitive data including SSNs, API keys, and credit card numbers before they leave your environment.

Prompt Injection Detection

Pattern matching to prevent jailbreaks and instruction bypasses that could make your agent act against its governance policies.

Statistical Anomaly Detection

Rolling Z-score thresholds stored in Redis detect sudden spikes in token usage or tool execution frequencies in real time.

Contextual Vector Anomaly

Uses pgvector to compare incoming prompts against the agent's historical embeddings. Cosine similarity below the safe baseline triggers escalation.

Lane 3 Active

The DualJuror Courtroom

When a request falls in the Yellow Zone, it escalates to the Courtroom. Two parallel LLM agents using deepseek-chat or gemini deliberate synchronously and vote.

Adversarial Juror

Evaluates the request looking for worst-case intent, security risks, and ML hallucinations.

Charitable Juror

Evaluates the request looking for benign business use-case value and compliance alignment.

If they disagree, the action routes to human review or fails closed based on your configured risk posture.

Universal Agent Identity

Anchor8 introduces Sovereign Identity for every AI Agent your system deploys.

DID

Every agent gets a unique did:web:... Decentralized Identifier registered on creation.

Verifiable Credentials

Know Your Agent (KYA) certificates and Safety Credentials are issued and attached to every registered agent.

Kill Switch

Instant, global revocation of any compromised agent. One call stops a misbehaving agent everywhere it runs.

The Cognitive Firewallfor AI Agents.