Strands Agents (AWS Agent Core)

Integrate AgentGuard directly into Strands Agents at the tool-call layer — no Virtue Gateway required.

Before you start

Review the AgentGuard SDK reference for client setup, result fields, and error handling.

Installation

pip install agentsuite-sdk[strands]

The [strands] extra does not include an LLM provider — install the one you need separately:

pip install strands-agents[anthropic]   # Anthropic Claude (used in the demo)
pip install strands-agents[openai]     # OpenAI

Quickstart

1. Guard client

from agentsuite import ActionGuardClient, GuardError

guard = ActionGuardClient(api_key=..., policy_id=...)

2. `BeforeToolCallEvent` hook

Set event.cancel_tool to block; leave it unset to allow.

from strands.hooks import BeforeToolCallEvent

def action_guard_hook(event: BeforeToolCallEvent) -> None:
    tool_name = event.tool_use.get("name", "unknown")
    args = event.tool_use.get("input", {})
    try:
        result = guard.actions.guard_query(
            query=f"Tool: {tool_name}, Args: {args}",
        )
        if not result.allowed:
            event.cancel_tool = f"Action blocked by policy: {result.explanation}"
    except GuardError as e:
        event.cancel_tool = f"Action Guard unavailable: {e.message}"

3. MCP client and agent

from strands import Agent
from strands.models.anthropic import AnthropicModel
from strands_tools import MCPClient
from mcp.client.streamable_http import streamablehttp_client

def build_agent() -> Agent:
    headers = {"X-API-Key": MCP_API_KEY} if MCP_API_KEY else {}
    mcp_client = MCPClient(
        lambda: streamablehttp_client(url=MCP_SERVER_URL, headers=headers)
    )
    return Agent(
        model=AnthropicModel(...),
        system_prompt="...",
        tools=[mcp_client],
    )

4. Register hook and run

agent = build_agent()
agent.add_hook(action_guard_hook, BeforeToolCallEvent)
agent("Your user message here")

Full runnable example: demo_action_guard_strands.py

Demo Run

Start the local MCP server (python local_mcp_server.py from the repo root), set env vars, then run:

python examples/demo_action_guard_strands.py

Action Guard + Strands Agents interactive demo (terminal)

Environment Variables

Variable	Description
`VIRTUE_API_KEY`	VirtueAI API key
`ACTION_GUARD_POLICY_ID`	Policy set ID (`agp_...`)
`ANTHROPIC_API_KEY`	Anthropic API key
`MCP_SERVER_URL`	MCP server URL (default in demos: `http://localhost:3002/mcp`)
`MCP_API_KEY`	Optional API key for the MCP server
`AGENT_MODEL`	Optional model name (default in demo: `claude-sonnet-4-20250514`)

Installation​

Quickstart​

1. Guard client​

2. BeforeToolCallEvent hook​

3. MCP client and agent​

4. Register hook and run​

Demo Run​

Environment Variables​