Fuze SDK · Guard · fuze-ai

The open-source safety wrapper.

fuze-ai wraps any agent at the point it runs. Guard captures every prompt, tool call, and decision as structured JSONL and keys each event to an EU AI Act Article. MIT-licensed. TypeScript and Python.

Read the quickstart View on GitHubnpm i fuze-ai

Install

One package. One decorator.

Add fuze-ai to an existing agent — raw OpenAI, Anthropic, or Mistral SDK calls work today. Wrap your run with guard(), emit with comply.emit(), and the evidence stream is keyed to the right Article on the first run. Python ships LangGraph and CrewAI adapters; TypeScript parity is on the roadmap.

$npm install fuze-ai

Inside the SDK

Five primitives that wrap an agent.

Each primitive captures a different facet of the runtime and writes it to the same append-only evidence stream.

Audit trail

Art. 12
guard()

Every prompt, tool call, and return value is captured as structured JSONL on the hot path. The Python SDK adds an HMAC-SHA256 hash chain for tamper detection today; TypeScript parity is on the roadmap.

00:12.481PROMPT
00:12.612TOOL.search
00:13.018RESULT
00:13.142EMIT.evidence

Loop guard

runtime
loop()

Detects when the agent re-walks the same call graph and pauses execution before the budget runs out.

cycle · paused

Budget

runtime
budget()

Hard caps on tokens, steps, and wall-clock per run, with the breach event recorded on the evidence stream.

tokens7,238 / 10,000
steps9 / 20
latency1.8 s / 6 s

Side-effects

runtime
side_effect()

Records every external call the agent makes (HTTP, database, payment, mail) so an auditor can review actual effects of a run alongside its trace.

http.POSTlogged
db.writelogged
email.sendlogged
stripe.chargelogged

Human override

Art. 14
requestOversight()

Suspends the run on a durable adapter; the reviewer's signature binds the human decision into the run record.

queue · 2 pending
extend offer · candidate_4f1c
credit denial · applicant_82e0

Instrumenting an agent

One decorator.

guard wraps the agent with the runtime checks and emits structured evidence as it runs. The SDK ships for TypeScript and Python.

  • Works with raw OpenAI / Anthropic / Mistral SDK calls today
  • Token usage extracted across OpenAI, Anthropic, Vercel AI SDK, Mastra, LangChain
  • Python ships LangGraph and CrewAI adapters; TypeScript parity is on the roadmap
  • Zero outbound network by default — evidence emits to wherever you configure
agent.ts
import { guard, comply } from 'fuze-ai'

const screener = guard(myAgent, {
  article:   'Annex III.4(a)',
  residency: 'eu-central-1',
  budget:    { tokens: 10_000, steps: 20 },
})

const result = await screener.run(prompt)
await comply.emit(result)
signed · Art. 12, 14, 26 ← evidence chain

Open source

MIT-licensed. Self-host or take the dashboard on top.

Guard is the spine. Run it on its own and you keep the evidence stream local; pair it with the managed Fuze Control dashboard and the same stream compiles the Annex IV file, the FRIA, and the Article 73 incident report.

Next

Five minutes to know if the Act applies to you.

The classifier walks you through Annex III and tells you which Articles apply, which tier of risk you sit in, and what evidence the Fuze Control dashboard would start emitting on day one. Free, no signup, no email gate.