{"id":35797598,"url":"https://github.com/DeepTrail/deepsecure","last_synced_at":"2026-06-23T06:00:40.878Z","repository":{"id":297323439,"uuid":"955743124","full_name":"DeepTrail/deepsecure","owner":"DeepTrail","description":"Effortlessly secure your AI agents and AI-powered workflows β€” from prototype to production. Get easy-to-use identity, credential, and access management built for fast-moving AI developers.","archived":false,"fork":false,"pushed_at":"2026-02-03T15:56:05.000Z","size":3928,"stargazers_count":41,"open_issues_count":3,"forks_count":6,"subscribers_count":2,"default_branch":"dev","last_synced_at":"2026-02-04T05:43:30.320Z","etag":null,"topics":["agent-auth","agent-i","ai","ai-agents","api-keys","auth0","authentication","authorization","contributions-welcome","credentials","mcp","mcp-client","mcp-secu","mcp-server","secure-by-","tool-calling"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DeepTrail.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-03-27T05:59:31.000Z","updated_at":"2026-01-23T18:37:33.000Z","dependencies_parsed_at":"2025-06-26T10:01:29.520Z","dependency_job_id":"79bb19ab-cb7b-4129-80c8-2d7ec83cd73f","html_url":"https://github.com/DeepTrail/deepsecure","commit_stats":null,"previous_names":["deeptrail/deepsecure","deeptrail/deepsecure-cli"],"tags_count":14,"template":false,"template_full_name":null,"purl":"pkg:github/DeepTrail/deepsecure","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeepTrail%2Fdeepsecure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeepTrail%2Fdeepsecure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeepTrail%2Fdeepsecure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeepTrail%2Fdeepsecure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DeepTrail","download_url":"https://codeload.github.com/DeepTrail/deepsecure/tar.gz/refs/heads/dev","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeepTrail%2Fdeepsecure/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34677392,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-23T02:00:07.161Z","response_time":65,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-auth","agent-i","ai","ai-agents","api-keys","auth0","authentication","authorization","contributions-welcome","credentials","mcp","mcp-client","mcp-secu","mcp-server","secure-by-","tool-calling"],"created_at":"2026-01-07T10:00:54.773Z","updated_at":"2026-06-23T06:00:40.856Z","avatar_url":"https://github.com/DeepTrail.png","language":"Python","funding_links":[],"categories":["πŸ“š Projects (2474 total)","Products"],"sub_categories":["MCP Clients"],"readme":"\u003c!-- # DeepSecure: Zero-Trust Security Control Plane for AI Agents --\u003e\n\n\u003cdiv align=\"center\"\u003e\n \u003ch1 style=\"display: flex; align-items: center;\"\u003e\n \u003cimg src=\"assets/deeptrail_logo.png\" alt=\"DeepSecure Logo\" height=\"24\" style=\"transform: translateY(2px);\" /\u003e\n \u003cspan style=\"margin-left: 15px;\"\u003eDeepSecure: Effortless Identity \u0026 Auth for AI Agents\u003c/span\u003e\n \u003c/h1\u003e\n \u003ca href=\"https://pypi.org/project/deepsecure/\"\u003e\n \u003cimg src=\"https://img.shields.io/pypi/v/deepsecure?style=flat-square\" alt=\"PyPI version\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://pepy.tech/projects/deepsecure\"\u003e\n \u003cimg src=\"https://static.pepy.tech/badge/deepsecure\" alt=\"PyPI Downloads\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://pypi.org/project/deepsecure/\"\u003e\n \u003cimg src=\"https://img.shields.io/pypi/pyversions/deepsecure?style=flat-square\" alt=\"Python Version\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://opensource.org/licenses/Apache-2.0\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/License-Apache%202.0-blue.svg?style=flat-square\" alt=\"License\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://deepwiki.com/DeepTrail/deepsecure\"\u003e\u003cimg src=\"https://deepwiki.com/badge.svg\" alt=\"Ask DeepWiki\"/\u003e\u003c/a\u003e\n \u003cbr/\u003e\n \u003ca href=\"https://github.com/DeepTrail/deepsecure/stargazers\"\u003e\n \u003cimg src=\"https://img.shields.io/github/stars/DeepTrail/deepsecure?style=flat-square\" alt=\"GitHub stars\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://github.com/DeepTrail/deepsecure/discussions\"\u003e\n \u003cimg src=\"https://img.shields.io/github/discussions/DeepTrail/deepsecure?style=flat-square\" alt=\"GitHub Discussions\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://github.com/DeepTrail/deepsecure/pulls\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square\" alt=\"PRs Welcome\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://x.com/imaxxs\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Follow-Mahendra-blue?style=flat-square\u0026logo=x\" alt=\"Follow on X\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://x.com/0xdeeptrail\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Follow-@0xdeeptrail-blue?style=flat-square\u0026logo=x\" alt=\"Follow on X\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://www.linkedin.com/company/deeptrail\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Follow-DeepTrail-blue?style=flat-square\u0026logo=linkedin\" alt=\"Follow on LinkedIn\"/\u003e\n \u003c/a\u003e\n\u003c/div\u003e\n\u003cbr/\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n **Give every AI agent a cryptographic identity and authenticated ephemeral credentials.\n Handle auth, delegation, policy enforcement, and secure proxying automatically. Effortlessly add identity and auth to any AI agent -- regardless of any platform, any framework, and any model.**\n\n[**πŸ“– Documentation**](docs/) [**🎯 Examples**](examples/) [**πŸ’¬ Community**](https://discord.gg/SUbswk8T)\n\n\u003c/div\u003e\n\n## 🎯 Why DeepSecure?\n\n### The Problem: AI Agents Are Security Nightmares\n\n```python\n# ❌ Current state: Security chaos\n# πŸ”‘ API keys scattered everywhere\nos.environ[\"OPENAI_API_KEY\"] = \"sk-...\" # Same key shared across all agents\n\n# πŸ€– No agent identity - who did what? which actions?\nagent1 = YourFavoriteFramework() # Anonymous agent\nagent2 = AnotherFramework() # Another anonymous agent\n\n# 🚫 All-or-nothing permissions\nagent.call_internal_api() # Full admin access to everything\nagent.call_external_api() # Full admin access to everything\n\n# No delegation, no policy enforcement, no audit trail\n# Result: One breach = Complete system compromise\n```\n\n### The Solution: Comprehensive Zero-Trust for AI Agents\n\n```python\n# βœ… With DeepSecure: Complete security transformation\n# πŸ” Cryptographic identity per agent \nclient = deepsecure.Client()\nagent = client.agent(\"financial-analyst\", auto_create=True) # Ed25519 identity\n\n# πŸ“‹ Fine-grained policy enforcement happens automatically\n# When agent fetches secrets, gateway validates JWT claims and enforces policy\nsecret = client.get_secret(\n agent_id=agent.id, \n secret_name=\"openai-api\", \n path=\"/v1/chat/completions\"\n)\n# Gateway enforces: Does agent have OpenAI access? Rate limits? Business hours?\n# Policy controls which agents can access which APIs, when, and how often\n\n# πŸ”„ Secure delegation between agents\ndelegation_token = client.delegate_access(\n delegator_agent_id=agent.id, \n target_agent_id=\"data-processor\", \n resource=\"financial-data\", \n permissions=[\"read\"], \n ttl_seconds=1800)\n\n# πŸ“Š Complete audit trail + policy enforcement\n# Every action logged, every access controlled, every delegation tracked\n# Result: Zero-trust security with full visibility and control\n```\n\n## πŸ”₯ From Security Nightmare to Zero-Trust Security\n\n| **Without DeepSecure** | **With DeepSecure** |\n|---|---|\n| πŸ”‘ **Shared API keys** | πŸ›‘οΈ **AI Agents don't have access to API keys** |\n| πŸ€– **No Agent Identity** | πŸ” **AI Agents get Ed25519 Cryptographic Identity** |\n| 🚫 **No Access Control** | πŸ“‹ **AI Agents with Fine-Grained Policies** |\n| πŸ“Š **No delegation and tracking** | πŸ“Š **AI Agents with crypotographic delegation and audit trail** |\n| 🏭 **Production Blockers** | πŸš€ **Enterprise-Ready** |\n\n## βš™οΈ Getting Started\n\nGet fully set up with DeepSecure in under 5 minutesβ€”secure your AI agents instantly!\n\n### Prerequisites\n- **Python 3.9+**\n- **pip** (Python package installer) \n- **Access to an OS keyring** (macOS Keychain, Windows Credential Store, or Linux keyring) for secure agent private key storage\n- **Docker and Docker Compose** for running the backend services\n\n### 1. Install DeepSecure\n```bash\npip install deepsecure\n```\n\n### 2. Backend Services Setup\n\nDeepSecure uses a dual-service architecture:\n- **`deeptrail-control`** - Control Plane (manages agents, policies, credentials) \n- **`deeptrail-gateway`** - Data Plane (enforces policies, injects secrets)\n\n#### Quick Start with Docker Compose\n```bash\n# Clone the repository\ngit clone https://github.com/DeepTrail/deepsecure.git\ncd deepsecure\n\n# Start both services\ndocker-compose up -d\n\n# Verify services are running\ndocker-compose ps\n```\n\nThis will start:\n- **Control Plane** at `http://localhost:8000`\n- **Gateway** at `http://localhost:8001`\n- **PostgreSQL** database for persistent storage\n\n### 3. Configure DeepSecure CLI\n```bash\n# Set the control plane URL\ndeepsecure configure set-url http://localhost:8000\n\n# Verify connection\ndeepsecure health\n```\n\n### 4. Verify Installation\n```bash\n# Check version\ndeepsecure --version\n\n# Test agent creation\ndeepsecure agent create --name \"test-agent\"\n```\n\nπŸŽ‰ **You're all set!** Your secure AI agent infrastructure is now running.\n\n**Next Steps:**\n- Try the [30-second quickstart](#-30-second-quickstart) below\n- Explore our [examples](#-examples) for real-world use cases\n- Read the [Architecture Guide](docs/design/deepsecure-technical-overview.md) to understand the system\n\n---\n\n## ⚑ 30-Second Quickstart\n\n```bash\n# 1. Install DeepSecure\npip install deepsecure\n\n# 2. Connect to your security control plane\n# For local development:\ndeepsecure configure set-url http://localhost:8001\n\n# For production (your deployed instance): \n# deepsecure configure set-url https://deepsecure.yourcompany.com\n\n# 3. Create your first AI agent identity\ndeepsecure agent create --name \"my-ai-agent\"\n\n# 4. Use in your AI code\nimport deepsecure\n\nclient = deepsecure.Client()\nagent = client.agent(\"my-ai-agent\", auto_create=True)\nsecret = client.get_secret(name=\"openai-api\", agent_name=agent.name)\n\n# That's it! Your agent now has secure, audited access to OpenAI\n```\n\n**🎯 What you just achieved:**\n- βœ… **Centralized Security**: All your AI agents use one security control plane\n- βœ… **Zero Hardcoded Secrets**: Agents get ephemeral credentials automatically \n- βœ… **Unique Identity**: Each agent has cryptographic identity (Ed25519)\n- βœ… **Complete Audit Trail**: Every action is logged for compliance and debugging\n- πŸ›‘οΈ **Policy Enforcement Ready**: Fine-grained access control available via `deepsecure policy` commands\n\n## πŸ—οΈ Architecture: Control Plane + Data Plane\n\nDeepSecure implements a **dual-service architecture** designed for production scale:\n\n### 🧠 Control Plane (`deeptrail-control`)\n- **Agent Identity Management**: Ed25519 cryptographic identities\n- **Policy Engine**: Fine-grained RBAC with delegation support\n- **Credential Issuance**: Ephemeral, time-bound access tokens\n- **Audit Logging**: Immutable security event tracking\n\n### πŸš€ Data Plane (`deeptrail-gateway`)\n- **Secret Injection**: Automatic API key insertion at runtime\n- **Policy Enforcement**: Real-time access control decisions\n- **Split-Key Security**: Client/backend key reassembly for ultimate protection\n- **Request Proxying**: Transparent handling of all agent tool calls\n\n```mermaid\ngraph TB\n A[AI Agent/Developer] --\u003e B[DeepSecure SDK]\n \n %% Management Flow - Direct to Control\n B --\u003e|Management Operations\u003cbr/\u003eAgent/Policy CRUD| D[Control Plane\u003cbr/\u003edeeptrail-control]\n \n %% Runtime Flow - Through Gateway \n B --\u003e|Runtime Operations\u003cbr/\u003eTool Calls| C[Gateway\u003cbr/\u003edeeptrail-gateway]\n C --\u003e D\n C --\u003e E[External APIs\u003cbr/\u003eOpenAI, AWS, etc.]\n \n D --\u003e F[Policy Engine]\n D --\u003e G[Split-Key Store] \n D --\u003e H[Audit Log]\n \n %% Labels for clarity\n B -.-\u003e|\"deepsecure agent create\u003cbr/\u003edeepsecure policy create\"| D\n B -.-\u003e|\"agent.call_openai()\u003cbr/\u003ewith secret injection\"| C\n \n style A fill:#e1f5fe\n style C fill:#f3e5f5 \n style D fill:#e8f5e8\n style E fill:#fff3e0\n```\n## πŸ”¬ Examples\n\nExplore our comprehensive example collection:\n\n| Example | Description | Framework |\n|---|---|---|\n| [**Basic Agent Creation**](examples/01_create_agent_and_issue_credential.py) | Create your first secure agent | Core SDK |\n| [**LangChain Integration**](examples/05_langchain_secure_tools.py) | Secure LangChain agents | LangChain |\n| [**CrewAI Team Security**](examples/03_crewai_secure_tools.py) | Multi-agent crew with delegation | CrewAI |\n| [**Gateway Injection**](examples/08_gateway_secret_injection_demo.py) | Automatic secret injection | Core SDK |\n| [**Advanced Delegation**](examples/11_advanced_delegation_patterns.py) | Complex delegation workflows | Core SDK |\n| [**Platform Bootstrap**](examples/12_platform_expansion_bootstrap.py) | Kubernetes/AWS agent bootstrapping | Infrastructure |\n\n## πŸš€ What's Next?\n\nYou've now seen the core workflow! Ready to dive deeper?\n\n### πŸ“š Documentation\n| Resource | Description |\n|---|---|\n| [**πŸš€ Getting Started**](docs/getting-started.md) | Complete setup guide with examples |\n| [**πŸ”§ CLI Reference**](docs/cli-reference.md) | All commands and options |\n| [**πŸ“– SDK Documentation**](docs/sdk/) | Python SDK with full API reference |\n| [**πŸ—οΈ Architecture Guide**](docs/design/deepsecure-technical-overview.md) | Deep dive into system design |\n| [**πŸ”’ Security Model**](docs/security-model.md) | Cryptographic foundations |\n| [**πŸš€ Deployment Guide**](docs/deployment/) | Production deployment patterns |\n\nFor hands-on examples, explore our [`examples/`](examples/) directory with LangChain, CrewAI, and multi-agent patterns.\n\n## 🀝 Contributing\n\nDeepSecure is open source, and your contributions are vital! Help us build the future of AI agent security.\n\n🌟 **Star our GitHub Repository!** \nπŸ› **Report Bugs or Feature Requests**: Use [GitHub Issues](https://github.com/yourusername/deepsecure-cli/issues). \nπŸ’‘ **Suggest Features**: Share ideas on [GitHub Issues](https://github.com/yourusername/deepsecure-cli/issues) or [GitHub Discussions](https://github.com/yourusername/deepsecure-cli/discussions). \nπŸ“ **Improve Documentation**: Help us make our guides clearer. \nπŸ’» **Write Code**: Tackle bugs, add features, improve integrations.\n\nFor details on how to set up your development environment and contribute, please see our [Contributing Guide](CONTRIBUTING.md).\n\n## πŸ«‚ Community \u0026 Support\n\n**GitHub Discussions**: The primary forum for questions, sharing use cases, brainstorming ideas, and general discussions about DeepSecure and AI agent security. This is where we want to build our community!\n\n**GitHub Issues**: For bug reports and specific, actionable feature requests.\n\nWe're committed to fostering an open and welcoming community.\n\n## πŸ“œ License\n\nThis project is licensed under the terms of the [Apache 2.0 License](LICENSE).\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n**⭐ Star us on GitHub if DeepSecure helps secure your AI agents!**\n\n[**πŸš€ Get Started**](#-30-second-quickstart) β€’ [**πŸ“– Documentation**](docs/) β€’ [**πŸ’¬ Join Discord**](https://discord.gg/deepsecure)\n\n*Built with ❀️ for the AI agent developer community*\n\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDeepTrail%2Fdeepsecure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FDeepTrail%2Fdeepsecure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDeepTrail%2Fdeepsecure/lists"}