[BOUNTY #2] LangChain Tool Guard — APort verification for LangChain tools

[JustABiologist]

💰 Claims bounty #2 — $50 USD

What

APortToolGuard — a wrapper for any LangChain BaseTool that gates every
tool invocation behind an APort policy verification check. Before the
tool's logic executes, the agent's passport is verified against the
specified policy.

Features

• Supports all LangChain tool types: @tool decorator, StructuredTool, classic Tool
• Configurable agent ID resolution: config metadata → instance attribute → env var → graceful failure
• Fail-open / fail-closed modes for API error handling
• Mock client included (drop-in replacement for aporthq-sdk-python when available)
• Policy-per-tool — different tools can be guarded with different policies

Acceptance Criteria

• Working class in /examples/agent-frameworks/langchain with README and example agent using protected tools
• APortToolGuard class that wraps LangChain tools
• Verification before tool execution
• Comprehensive tests and documentation
• Example usage with different tool types

Files

examples/agent-frameworks/langchain/
├── tool_guard.py      # APortToolGuard + guard_tool() convenience function
├── example.py         # Working demo: 4 scenarios (unguarded, guarded, multi-tool, config override)
├── test_tool_guard.py # 24 passing pytest cases
└── README.md          # Install, quick start, API reference

Test Evidence

24 passed in 0.18s

Coverage:

• Tool construction (decorated, structured, classic, convenience)
• Verification pass-through (sync, structured, convenience)
• Verification blocking (missing agent ID, fail-open, fail-closed)
• Agent ID resolution (explicit, env var, config metadata, priority)
• Mock client behaviour
• Error messages
• Metadata delegation (name, description, args_schema)
• Integration with multi-tool agent

Example Output

============================================================
LangChain + APort Tool Guard — Example
============================================================

1. Unguarded tool — no APort check:
   ✅ Result: customer_cust_42@example.com

2. Guarded tool — APort verification passes → tool executes:
   ✅ Result: Refund of $49.99 issued for transaction txn_abc

3. Guarded tool — data export with privacy policy:
   ✅ Result: Exported data for user user_789 in csv format

4. Guarded tool with per-call agent_id via RunnableConfig:
   ✅ Result: Refund of $25.00 issued for transaction txn_dynamic

Quick Start

from tool_guard import guard_tool
from langchain_core.tools import tool

@tool
def refund(amount: float) -> str:
    """Issue a refund."""
    return f"Refunded ${amount:.2f}"

guarded = guard_tool(refund, "finance.payment.refund.v1", agent_id="agt_123")
result = guarded.invoke({"amount": 99.99})  # APort verify runs first

[JustABiologist]

Thanks for reviewing. This PR is my submission for bounty #2 ($50 USD). If accepted/merged and the bounty is still payable, payout can be sent via PayPal to stab.me.papi@gmail.com. Happy to use another maintainer-preferred payout method if needed.