Skip to main content

Trust Layers

Trust layers are framework-specific integrations that add EU AI Act compliance to your existing AI agents with minimal code changes. They provide audit logging, user approval gates, data privacy enforcement, risk assessment, and injection detection.

What Trust Layers Do

When you add a trust layer to your agent, it automatically:

  • Logs every LLM call, tool use, and decision to an audit trail (Article 12)
  • Gates sensitive operations behind human approval (Article 14)
  • Tokenizes PII in prompts before they reach the LLM (Article 10)
  • Classifies tool risk levels and enforces consent (Article 9)
  • Validates inputs against prompt injection patterns (Article 15)
  • Documents the system's behavior for compliance (Article 11)

LangChain Integration

The primary trust layer integration. Install:

```bash pip install air-langchain-trust ```

Basic Usage

```python from langchain.agents import create_openai_tools_agent from air_langchain_trust import AirTrustCallbackHandler

Create the trust layer callback

handler = AirTrustCallbackHandler()

Add to your agent invocation

result = agent.invoke( {"input": "Analyze this data"}, config={"callbacks": [handler]} ) ```

What Gets Tracked

The callback handler automatically intercepts:

  • LLM calls (prompts, completions, token usage)
  • Tool invocations (name, inputs, outputs)
  • Chain execution (start, end, errors)
  • Retrieval operations (queries, documents)

CrewAI Integration

```bash pip install air-crewai-trust ```

```python from air_crewai_trust import AirTrustHook

hook = AirTrustHook() crew = Crew(agents=[...], hooks=[hook]) ```

AutoGen Integration

```bash pip install air-autogen-trust ```

```python from air_autogen_trust import AirTrustMiddleware

middleware = AirTrustMiddleware()

Add to your AutoGen agent configuration

```

Using with the MCP Server

The `add_trust_layer` MCP tool can generate trust layer code for you automatically. In Claude Desktop:

"Add a trust layer to this LangChain agent code"

It will return working, copy-paste-ready code with the right imports and setup for your framework.

Best Practices

  1. Start with LangChain — it has the most mature trust layer integration
  2. Enable all components — audit logging, consent gates, and injection detection work together
  3. Review audit logs — regularly check the audit trail for unexpected behavior
  4. Test with scanning — use the MCP server or GitHub Action to verify your trust layer is detected