feat(integrations): add Superagent safety middleware#1128
Open
feat(integrations): add Superagent safety middleware#1128
Conversation
…mory Adds hindsight-superagent integration that wraps Hindsight retain/recall/reflect with Superagent Guard (prompt injection detection) and Redact (PII removal). - SafeHindsight middleware class with configurable guard + redact pipeline - Global configure() / per-instance config with env var fallbacks - CI job and release script entry - 54 unit tests + 10 e2e tests (all passing) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…ured Matches the pattern used by all other integrations — falls back to https://api.hindsight.vectorize.io instead of erroring. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- resolve_safety_client now raises HindsightError if no API key is provided, matching actual safety-agent behavior (create_client() requires a key) - README: document superagent_api_key as required, hindsight_api_url defaults to Hindsight Cloud URL Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…resolution The safety-agent SDK's default fallback endpoint (superagent.sh/api/fallback) returns a 307 redirect that httpx doesn't follow for POST requests, causing all guard() calls to fail on cold starts. This change: - Defaults enable_fallback=False so the primary Cloud Run endpoint is used directly (60s timeout is sufficient) - Exposes enable_fallback and fallback_timeout in config/SafeHindsight for users who want to opt back in - Adds os.environ fallback for SUPERAGENT_API_KEY in resolve_safety_client so it works without calling configure() first - Fixes e2e redact test that was blocked by guard on recall query Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Superagent's hosted guard endpoints (Cloud Run Ollama) currently serve empty model lists, making the default superagent/guard-1.7b unusable. Update all examples to use guard_model="openai/gpt-4o-mini" and document the self-hosting alternative. Increase Hindsight client timeout from 30s to 120s to accommodate reflect's server-side LLM call. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
General-purpose LLMs (gpt-4o-mini) over-classify PII content as security violations, blocking retain before redact runs. Disable guard on retain in all examples and default test helper. Fix e2e tests to use explicit guard_model and OpenAI provider instead of broken hosted endpoints. All 10 e2e tests now pass against live APIs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
gpt-4.1-nano correctly distinguishes prompt injection from legitimate content (including PII), eliminating the need to disable guard on retain. Re-enables full Guard → Redact → Retain pipeline. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace Any return types on recall() and reflect() with RecallResponse and ReflectResponse from hindsight-client. Add py.typed marker for PEP 561 type checker support. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
DK09876
force-pushed
the
feat/superagent-integration
branch
from
e1deb8f to
fcfd95c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
hindsight-superagentintegration — a safety middleware wrapping Hindsight memory ops with Superagent Guard (prompt injection detection) and Redact (PII removal)SafeHindsightclass wrapsretain,recall,reflectwith configurable guard + redact pipelineconfigure()/ per-instance config with env var fallbacks, following existing integration patternstest.yml+ release script entryTest plan
safety-agentpackage patterns🤖 Generated with Claude Code