Agents should be easy to build safely. That is the principle behind the DataCrawl SDK.
Starting today, you can add authorization to any AI agent in Python or TypeScript with three method calls and an API key.
## Installation
```bash
pip install datacrawl
```
```bash
npm install @datacrawl/sdk
```
## Three methods
The SDK has three methods. That is intentional.
**`authorize()`** - asks DataCrawl whether an agent is allowed to perform an action. Returns a decision: `allow`, `deny`, or `needs_review`. Your code decides what to do with that decision.
**`record()`** - tells DataCrawl what actually happened after the agent acted. Closes the loop on the governance audit trail.
**`protect()`** - applies a prebuilt safe-mode policy to a tool in one line.
## A complete integration
```python
from datacrawl import DataCrawl
dc = DataCrawl(api_key=os.environ["DATACRAWL_API_KEY"])
# Apply Gmail safe mode (blocks external domains, reviews attachments)
dc.protect("gmail")
# In your agent loop:
result = dc.authorize("gmail.send_email", {
"to": recipient,
"subject": subject,
"body": body,
})
if result.decision == "allow":
send_email(recipient, subject, body)
dc.record(result.request_id, "success")
elif result.decision == "needs_review":
# A human gets an approval link - agent waits or moves on
status = dc.poll_approval(result.review_id, timeout_s=60)
if status.decision == "allow":
send_email(recipient, subject, body)
```
That is the entire integration. No new services to deploy. No schema migrations. No configuration files. The policies, the approval workflow, and the audit log are all managed on the DataCrawl side.
## Fail closed by default
The SDK is designed to fail closed. If the `authorize()` call times out, errors, or returns an unexpected response, the default behaviour is to treat it as a `deny`. This is intentional and non-configurable.
A security layer that fails open is not a security layer.
## Prebuilt policies
`dc.protect()` applies a curated set of rules for the most common tools:
| Tool | What safe mode does |
|------|---------------------|
| Gmail | Blocks external domains, reviews attachments, blocks bulk sends |
| Slack | Reviews DMs, blocks @channel mentions |
| GitHub | Reviews issues on protected repos |
| HubSpot | Requires valid email on new contacts |
| Google Calendar | Reviews external attendees and recurring events |
You can customise any rule after applying the template, or build your own policies from scratch in the dashboard.
## What is next
The v0.1 SDK is the beginning. We are working on webhook support for approval notifications, context-aware authorization that understands previous agent actions, and pre-built integrations for LangChain, AutoGPT, and the major agent frameworks.
If you build something with the SDK, we want to hear about it.