Home/Integrations

Every major agent framework. Every tool call.

Veto runs as an in-process SDK next to your agent. Wrap the tool once, ship a signed audit of every call — allow, block, or pause for a human. Under 10 ms per decision. No network hop on the happy path.

Install. Wrap. Ship.

Install the SDK — pip install veto or npm i veto-sdk
Wrap the tool. Your agent code does not change — @veto.wrap in Python, protect() in TypeScript.
Write policy in English. Veto compiles to deterministic IR, evaluates in your process, and signs every decision.
InstallSee the codeRead the docs

LLM SDKs

OpenAI

Wrap tools passed to `chat.completions.create` — every function call decided in-process before it fires.

Claude

Intercept `tool_use` blocks from the Anthropic SDK and Claude Agent SDK before the call executes.

Gemini

Function-declaration-aware policy evaluation for Google Gemini tool calls.

Agent frameworks

LangChain

Tool-level policy enforcement for LangChain agents and chains — one wrap, no chain rewrites.

LangGraph

State-aware decisions on LangGraph tool nodes. Policy evaluates with full graph context.

CrewAI

Per-role, per-crew authorization. Scope what each agent may actually do at the tool layer.

Vercel AI SDK

Streaming-compatible policy checks for Vercel AI SDK tool calls — no pause in the user-visible stream.

PydanticAI

Type-safe policy on PydanticAI tool calls with full argument shape at decision time.

AutoGen

Per-agent tool scoping and policy on inter-agent delegation for Microsoft AutoGen conversations.

Bedrock

Per-call policy on Amazon Bedrock action groups — complements IAM, not replaces it.

Browser automation

Browser Use

URL allowlists, form-submit gates, download controls for browser-use browser agents.

Playwright

Policy on Playwright MCP tool calls — gate navigation, clicks, and downloads by context.

Protocols

MCP

MCP gateway that fronts upstream servers and decides every tool call against policy.

Veto SDKs

TypeScript SDK

Native TypeScript SDK — wrap any tool call, any framework. Twelve lines.

Python SDK

Native Python SDK — `@veto.wrap` on any callable. Twelve lines.

Related resources

AI Agent Guardrails Guide

Taxonomy of guardrail approaches — input, output, dialog, and the action layer where Veto sits.

AI Agent Authorization Guide

Authentication, authorization, and runtime action authorization — where each layer sits in the stack.

Compare Guardrail Tools

Feature matrix against NeMo, Guardrails AI, Lakera, Microsoft Agent Governance Toolkit, and more.

Use Cases by Industry

Finance wires, healthcare records, DevOps deploys, support refunds, enterprise prod changes.

Don't see your framework?

The core SDK wraps any tool call in any language runtime. If your system calls tools, Veto can decide them.

Start freeView on GitHub