Scouter Documentation
Scouter adds runtime semantic authorization to AI agents. Declare what the agent is allowed to do, wrap the client, and evaluate tool calls, writes, and external requests before they execute.
Instrument actions
Capture agent activity at the point where requests become tool calls, records, files, or API requests.
Score risk
Compare each action with declared intent, permissions, data exposure, and runtime context.
Enforce policy
Run in audit mode first, then move to warnings, escalations, or hard stops for unsafe behavior.
Architecture
Scouter sits between the agent framework and the action surface. It triages whether an action needs analysis, estimates consequence, applies specialized guards, and returns an allow, warn, or block decision.
Designed for production agents
The SDK supports audit and enforcement workflows so teams can observe behavior, tune policy, and stop high-risk execution without rebuilding the agent from scratch.
Install
Use the private package for your agent runtime. Python supports OpenAI, LangChain, CrewAI, AutoGen, and PhiData. Node supports OpenAI and the Vercel AI SDK.
pip install scouter-ainpm install @scouter-ai/nodePython quickstart
Create a Scouter client, register the intent, and wrap the OpenAI client before agent calls are made. Start with audit mode when you want visibility first.
from scouter.client import ScouterClient
from scouter.integrations.openai import wrap_openai
from openai import OpenAI
scouter = ScouterClient(api_key="scouter_api_key", mode="audit")
intent = scouter.register_intent(
name="support-refund-agent",
description="Answer refund questions and create approved support actions.",
)
client = wrap_openai(
OpenAI(api_key="openai_api_key"),
scouter=scouter,
intent_id=intent.intent_id,
)Node quickstart
The Node SDK follows the same pattern: configure Scouter, describe the agent intent, then wrap the client used by your application.
import OpenAI from "openai";
import { ScouterClient } from "@scouter-ai/node";
import { wrapOpenAI } from "@scouter-ai/node/integrations/openai";
const scouter = new ScouterClient({
apiKey: "scouter_api_key",
mode: "audit",
});
const intent = await scouter.registerIntent({
name: "support-refund-agent",
description: "Answer refund questions and create approved support actions.",
});
const client = wrapOpenAI(new OpenAI(), {
scouter,
intentId: intent.intentId,
});Execution guards
Guards inspect specific action types before execution. Use them to identify destructive commands, risky database operations, unsafe API calls, and exposure patterns that policy alone may miss.
| Guard | What it watches | Examples |
|---|---|---|
| ShellGuard | Terminal and filesystem commands that could damage systems or reveal sensitive files. | Recursive deletes, broad permission changes, access to protected files. |
| DatabaseGuard | SQL and data-layer actions that modify or expose production data. | Drops, unscoped deletes, suspicious injection patterns. |
| APIGuard | External requests, credential handling, and high-risk endpoint access. | Secrets in URLs, privileged updates, data exfiltration paths. |
Configuration
Connect the SDK to the hosted Scouter backend and dashboard. Create an API key from the Scouter console, then pass it through environment variables or your secret manager.
SCOUTER_BACKEND_URL=http://127.0.0.1:4173
SCOUTER_API_KEY=your-api-key-hereExamples
The private SDK package includes examples for quickstarts, inline guards, OpenAI governance, backend connection, chatbot flows, and guard demonstrations.
Development
Use editable installs for local Python work and the standard Node build scripts for the TypeScript package.
cd python
pip install -e ".[dev]"
pytest tests/cd node
npm install
npm run build
npm test