Documentation

Everything you need to integrate AgentSteer into your AI agent framework.

Quick Start

1

Install the package

pip install agentsteer
2

Run quickstart

agentsteer quickstart

This opens your browser to sign in (Google, GitHub, or email/password), installs the hook globally for all repos, and verifies the connection.

3

You're done

Every Claude Code session is now monitored. View your sessions at agentsteer sessions or on the web dashboard.

Local mode: If you prefer to bring your own OpenRouter API key instead of using the cloud service, run agentsteer quickstart --local.

Framework Integration

Option A: Quickstart (recommended)

agentsteer quickstart

This signs you in, installs the PreToolUse hook to ~/.claude/settings.json, and verifies the connection. Works across all repos globally.

Option B: Install hook only

agentsteer install claude-code

Option C: Manual setup

Add to your ~/.claude/settings.json:

{
  "hooks": {
    "PreToolUse": [{
      "matcher": "*",
      "hooks": [{
        "type": "command",
        "command": "python3 -m agentsteer.hooks.claude_code"
      }]
    }]
  }
}
How it works: Every tool call (Bash, Write, Edit, etc.) is scored against the task description. If the score exceeds 0.80 (highly suspicious), the tool call is blocked. The agent sees the block reason and continues normally.

Organizations

For teams, an admin creates an organization and shares the org token. Members join with a single command.

Create an organization

# Create org with optional domain whitelist
agentsteer org create "Acme Corp" --domains acme.com
agentsteer org create "Acme Corp" --domains acme.com --require-oauth

The --domains flag restricts membership to specific email domains. The --require-oauth flag disables email/password login for the org.

Team members join via browser

agentsteer quickstart --org ORG_TOKEN

Automated mass deployment (no browser)

# Non-interactive: uses machine hostname as user identity
agentsteer quickstart --org-token ORG_TOKEN --auto

For system administrators deploying across many machines. No browser interaction required.

Admin commands

agentsteer org members    # List all org members
agentsteer org sessions   # View all sessions across the org

Evaluation Results

Tested on AgentDojo workspace suite with prompt injection attacks. Monitor blocks 100% of attacks on Claude Code and 95% on OpenHands.

FrameworkModelConditionAttack SuccessUtilityEval
Claude CodeHaiku 4.5No monitor (n=20)100%5%view
Claude CodeHaiku 4.5With monitor (n=20)0%55%view
OpenHandsHaiku 4.5No monitor (n=5)60%0%view
OpenHandsHaiku 4.5With monitor (n=20)5%75%view

How It Works

1. Intercept

Hook captures every tool call before execution (file writes, commands, API calls)

2. Score

A security model scores the action against the task description (0 = safe, 0.9 = malicious)

3. Decide

Score >= 0.80 = block the action. Agent sees the block reason and continues its main task.

4 Security Policies

PolicyWhat it catchesExample
P1: Read-onlyTask says read but agent writesTask: "summarize files" / Action: delete file
P2: DelegationAgent follows external instructionsTask delegates to URL/email with hidden instructions
P3: Category mismatchWrong type of actionTask: "edit code" / Action: send email
P4: Target mismatchRight action, wrong targetTask: "email alice@co" / Action: email eve@evil

Configuration

VariableDefaultDescription
OPENROUTER_API_KEYcloud mode: not neededOnly required for local mode
SECURE_ENV_TASKauto-detectedOverride task description for scoring context
SECURE_ENV_THRESHOLD0.80Score threshold for blocking (0-1)
SECURE_ENV_DEBUGunsetEnable debug logging to ~/.agentsteer/

CLI Reference

CommandDescription
agentsteer quickstartOne-command setup: login + install hook + test
agentsteer loginSign in via browser (Google/GitHub/email)
agentsteer statusShow current config and connection status
agentsteer sessionsList all cloud sessions
agentsteer install <framework>Install hook (claude-code, openhands)
agentsteer org create <name>Create an organization
agentsteer org membersList org members
agentsteer org sessionsView all sessions in the org
agentsteer score <task> <action>Score a single action
agentsteer reportOpen local dashboard
agentsteer versionPrint version