06 , adapters
How agents connect to Faramesh.
Faramesh can receive tool calls through several adapters. Pick the one that fits your agent's architecture.
faramesh run (recommended)
One command. Detects framework, patches tool dispatch, strips ambient API keys, sets up network interception.
faramesh run -- python agent.py
faramesh run -- node agent.js
faramesh run -- deepagents-cli start
faramesh run -- python -m my_agent
Prints an enforcement report showing what layers are active:
enforcement reporttext
Faramesh Enforcement Report
Runtime: local
Framework: langchain
✓ Framework auto-patch (FARAMESH_AUTOLOAD)
✓ Credential broker (stripped: OPENAI_API_KEY, STRIPE_API_KEY)
✓ Network interception (proxy env vars)
Trust level: PARTIAL
13 frameworks auto-patched
These frameworks are automatically patched when detected , zero code changes.
frameworkenforcement hook point
LangGraph / LangChainBaseTool.run()
CrewAIBaseTool._run()
AutoGen / AG2ConversableAgent._execute_tool_call()
Pydantic AITool.run() + Agent._call_tool()
Google ADKFunctionTool.call()
LlamaIndexFunctionTool.call() / BaseTool.call()
AWS Strands AgentsAgent._run_tool()
OpenAI Agents SDKFunctionTool.on_invoke_tool()
SmolagentsTool.__call__()
HaystackPipeline.run()
Deep AgentsLangGraph + AgentMiddleware
AWS Bedrock AgentCoreApp middleware + Strands hook
MCP Servers (Node.js)tools/call handler
Cross-platform enforcement
faramesh run detects the OS and activates the strongest available enforcement.
platformactive layerstrust level
Linux + rootseccomp-BPF + Landlock + netns + iptables + credential brokerSTRONG
LinuxLandlock + proxy env vars + credential broker + auto-patchMODERATE
macOSProxy env vars + PF rules (sudo) + credential brokerPARTIAL
WindowsProxy env vars + WinDivert (admin) + credential brokerPARTIAL
ServerlessCredential broker + auto-patchCREDENTIAL_ONLY
Credential broker (6 backends)
Faramesh strips API keys from the agent environment. If policy denies the action, the credential is never issued.
backendconfig entrypoint
HashiCorp Vault--vault-addr
AWS Secrets Manager--aws-secrets-region
GCP Secret Manager--gcp-secrets-project
Azure Key Vault--azure-vault-url
1Password Connectenv: FARAMESH_CREDENTIAL_1PASSWORD_HOST
Infisicalenv: FARAMESH_CREDENTIAL_INFISICAL_HOST
Other adapters
SDK adapter (Unix socket)
Enabled by default with faramesh serve. Default socket path is /tmp/faramesh.sock.
faramesh serve \
--policy policy.fpl \
--socket /var/run/faramesh.sock
HTTP proxy adapter
Exposes a REST endpoint at POST /v1/authorize for HTTP-based agents.
faramesh serve \
--policy policy.fpl \
--proxy-port 19090
MCP HTTP gateway
Intercepts tools/call requests. All other calls are forwarded to the target MCP server.
faramesh serve \
--policy policy.fpl \
--mcp-proxy-port 19092 \
--mcp-target http://127.0.0.1:8080
MCP stdio wrapper
Wraps an MCP server process and intercepts tool calls at the stdio level.
faramesh mcp wrap \
-- node your-mcp-server.js
gRPC adapter
Uses Faramesh's internal gRPC service contract. Use the in-repo client for compatibility.
faramesh serve \
--policy policy.fpl \
--grpc-port 19091
The gRPC adapter uses Faramesh's internal service contract. Use the in-repo client code for compatibility.