I built SudoAgent, a Python library that guards “dangerous” function calls at runtime.

It’s meant for agent/tool code (refunds, deletes, API writes, prod changes) where you want a gate outside the prompt.

How it works

Evaluate a policy on the call context (action + args/kwargs)

Optionally request human approval (terminal y/n in v0.1.1)

Write audit entries (JSONL by default) and correlate with request_id

Key semantics

Decision logging is fail-closed (if decision logging fails, the function does not execute)

Outcome logging is best-effort (logging failure won’t change the function return/exception)

Redacts secret key names + value patterns (JWT-like, sk-, PEM blocks)

It’s intentionally minimal and framework-agnostic: implement your own Policy, Approver,or AuditLogger (Slack/web UI/db) and inject them.