How do I use InjectShield with the OpenAI Agents SDK?

Question

Accepted Answer

The OpenAI Agents SDK (2025+) supports `input_guardrails` and `output_guardrails` natively — InjectShield ships as a drop-in guardrail. Install `pip install injectshield-openai-agents`, then: ```python from agents import Agent, input_guardrail, output_guardrail from injectshield_openai_agents import InjectShieldInputGuardrail, InjectShieldOutputGuardrail agent = Agent( name="research_agent", instructions=SYSTEM_PROMPT, tools=[web_search, fetch_url], input_guardrails=[InjectShieldInputGuardrail()], output_guardrails=[InjectShieldOutputGuardrail()], ) ``` The input guardrail scans the user message before the model runs; the output guardrail scans the model's response before any tool call is dispatched. Both raise `GuardrailTripwireTriggered` on a positive verdict, which the SDK handles by halting the run and surfacing the trip reason to the caller — exactly the right behavior for production. For **function-calling tool outputs** (the highest-risk surface in agent stacks per OWASP LLM01 + LLM07), wrap each tool function with `@injectshield_tool` — the wrapper classifies the tool's return value with `context: "tool_output"` before it re-enters the model's context. Combine with the SDK's `tool_use_behavior` allowlist to bound what the agent can do after a positive verdict. Logs flow to OpenAI's tracing dashboard and (with `INJECTSHIELD_DASHBOARD=true`) to injectshield.dev/dashboard for cross-stack monitoring. Reference implementation at injectshield.dev/docs/openai-agents-sdk.