Documentation
¶
Overview ¶
Command agentguard-llm-proxy is the AgentGuard LLM API Proxy: an HTTP server that speaks the OpenAI Chat Completions and Anthropic Messages wire formats, forwards traffic to the real upstream, and gates any tool calls the model emits through the central AgentGuard policy engine.
Usage:
agentguard-llm-proxy \
--listen 127.0.0.1:8081 \
--upstream-openai https://api.openai.com \
--upstream-anthropic https://api.anthropic.com \
--guard-url http://127.0.0.1:8080 \
--api-key $AGENTGUARD_API_KEY \
--proxy-api-key $PROXY_AUTH_TOKEN \
--policy /etc/agentguard/policy.yaml \
--tenant-id local \
--fail-mode deny \
--max-buffer-bytes 1048576 \
--log-level info
Set the agent's environment to point its OpenAI-compatible SDK at the proxy. Note the asymmetric `/v1` convention between providers:
OPENAI_BASE_URL=http://127.0.0.1:8081/v1 ANTHROPIC_BASE_URL=http://127.0.0.1:8081
The OpenAI SDK appends paths under OPENAI_BASE_URL including the `/v1` segment that the proxy registers (POST /v1/chat/completions), so the env var must include `/v1`. The Anthropic SDK convention is the opposite — ANTHROPIC_BASE_URL is the *origin* and the SDK appends `/v1/messages` itself, so the env var must NOT include a `/v1` suffix.
See docs/LLM_API_PROXY.md for the wire-format design and docs/PROXY_ARCHITECTURE.md for cross-cutting decisions.
Phase 4C is split across four workers:
- A21: server skeleton + non-streaming forwarding + protocol types.
- A22: streaming pause/resume/rewrite + tool-call accumulators.
- A23: tool-call → policy-scope mapping (defaults + YAML override).
- A24 (this build): policy gate (HTTPPolicyClient against /v1/check), rich provider-aware refusal builder, and the final main.go wiring that binds all three hooks (PolicyCheck, ScopeMap, BuildRefusal) to the server.
Source Files