Installation
Initialization
Parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
| api_key | str | required | Your Vaultak API key |
| mode | KillSwitchMode | ALERT | Response mode when violation occurs |
| allowed_action_types | list | None (all allowed) | Whitelist of permitted action types |
| allowed_resources | list | None (all allowed) | Glob patterns for permitted resources |
| blocked_resources | list | [] | Glob patterns for blocked resources |
| max_actions_per_minute | int | 60 | Rate limit for agent actions |
| max_risk_score | float | 1.0 | Hard ceiling on risk score |
| risk_threshold | float | 0.7 | Score that triggers the response mode |
| rollback_limit | int | 5 | Max actions to reverse in ROLLBACK mode |
Action Types
| Value | Description |
|---|---|
| ActionType.FILE_READ | Reading a file |
| ActionType.FILE_WRITE | Writing to a file |
| ActionType.FILE_DELETE | Deleting a file |
| ActionType.API_CALL | External API request |
| ActionType.DATABASE_QUERY | Reading from a database |
| ActionType.DATABASE_WRITE | Writing to a database |
| ActionType.CODE_EXECUTION | Executing code |
| ActionType.NETWORK_REQUEST | Network communication |
Response Modes
vt.monitor()
Context manager that wraps your entire agent session.vt.log_action()
Explicitly log a single agent action.5-Dimensional Risk Scoring
Every action is scored across five dimensions:| Dimension | Description |
|---|---|
| Action severity | How destructive is this action type? |
| Resource sensitivity | How sensitive is the target resource? |
| Payload anomaly | Does the payload deviate from baseline? |
| Frequency | Is the agent acting unusually fast? |
| Context | Does this action fit the agent’s normal pattern? |
REST API
All endpoints require your API key in the header:POST /api/check
Pre-execution risk check. Returns decision before action runs.PATCH /api/agents//profile
Update an agent’s permission profile from the API.POST /api/actions
Log a completed agent action.GET /api/agents
List all registered agents with their permission profiles.GET /api/alerts
Retrieve active alerts.Security Policies
Policies let you define rules that automatically block, pause, or allow actions.| Field | Type | Description |
|---|---|---|
| name | str | Human-readable policy name |
| action_type | str | Action type to match |
| resource_pattern | str | Glob pattern for resource matching |
| effect | str | block, pause, or allow |
| max_risk_score | float | Trigger if risk score exceeds this value |
| priority | int | Higher priority policies evaluated first |