langchain - ✅(Solved) Fix feat(middleware): Add Cisco AI Defense middleware for LLM and tool inspection [1 pull requests, 4 comments, 3 participants]

langchain2026-03-18 12:00:20

ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

GitHub issue URL

Helpful · Quick feedback

GitHub stats

langchain-ai/langchain#36069•Fetched 2026-04-08 00:57:17

View on GitHub

Comments

Participants

Timeline

Reactions

Author

shiva-guntoju-09

Participants

eyurtsev

fairchildadrian9-create

shiva-guntoju-09

Timeline (top)

commented ×4mentioned ×4subscribed ×4closed ×1

Add two new middleware classes that integrate Cisco AI Defense security policies into LangChain agents:

CiscoAIDefenseMiddleware — inspects LLM inputs and outputs via before_model / after_model hooks using the Cisco AI Defense Chat Inspection API.
CiscoAIDefenseToolMiddleware — inspects tool call requests and responses via wrap_tool_call using the Cisco AI Defense MCP Inspection API.

Error Message

Configurable exit behavior: "end" (jump to end with violation message) or "error" (raise exception)

Root Cause

Add two new middleware classes that integrate Cisco AI Defense security policies into LangChain agents:

CiscoAIDefenseMiddleware — inspects LLM inputs and outputs via before_model / after_model hooks using the Cisco AI Defense Chat Inspection API.
CiscoAIDefenseToolMiddleware — inspects tool call requests and responses via wrap_tool_call using the Cisco AI Defense MCP Inspection API.

Fix Action

Fixed

Fixed by PR: feat(middleware): add Cisco AI Defense middleware for LLM and tool inspection (https://github.com/langchain-ai/langchain/pull/36068)

PR fix notes

PR #36068: feat(middleware): add Cisco AI Defense middleware for LLM and tool inspection

Repository: langchain-ai/langchain
Author: shiva-guntoju-09
State: closed | merged: False
Link: https://github.com/langchain-ai/langchain/pull/36068

Description (problem / solution / changelog)

Fixes #36069

Summary

Add two new middleware classes that integrate Cisco AI Defense security policies into LangChain agents:

CiscoAIDefenseMiddleware — inspects LLM inputs and outputs via before_model / after_model hooks using the Cisco AI Defense Chat Inspection API.
CiscoAIDefenseToolMiddleware — inspects tool call requests and responses via wrap_tool_call using the Cisco AI Defense MCP Inspection API.

Key features

Composable: use either middleware independently (LLM-only, tool-only) or both together.
Sync + async: implements both sync and async hooks (before_model / abefore_model, after_model / aafter_model, wrap_tool_call / awrap_tool_call).
exit_behavior: "end" (jump to end with a blocking message) or "error" (raise CiscoAIDefenseError).
Fail-open / fail-closed: configurable via fail_open parameter — when the AI Defense API is unreachable, either allow the request through (fail-open) or propagate the error (fail-closed).
Region aliases: short aliases "us", "eu", "apj" are normalized automatically.
Lazy import: aidefense is imported inside methods (not at module level), so it remains an optional dependency.

Configuration

Install the optional dependency:

pip install aidefense

Minimal examples

LLM inspection only:

from langchain.agents import create_agent
from langchain.agents.middleware import CiscoAIDefenseMiddleware

agent = create_agent(
    "openai:gpt-4.1",
    middleware=[
        CiscoAIDefenseMiddleware(
            api_key="your-cisco-ai-defense-api-key",
            region="us",               # or "eu", "apj", or full region name
            check_input=True,           # inspect user messages (default)
            check_output=True,          # inspect AI responses (default)
            exit_behavior="end",        # "end" or "error"
            fail_open=True,             # allow request if API unreachable
        ),
    ],
)

Tool inspection only:

from langchain.agents import create_agent
from langchain.agents.middleware import CiscoAIDefenseToolMiddleware

agent = create_agent(
    "openai:gpt-4.1",
    tools=[my_tool],
    middleware=[
        CiscoAIDefenseToolMiddleware(
            api_key="your-cisco-ai-defense-api-key",
            region="us",
            inspect_requests=True,      # inspect tool call args (default)
            inspect_responses=True,     # inspect tool results (default)
            exit_behavior="end",
            fail_open=True,
        ),
    ],
)

Both LLM + tool inspection:

from langchain.agents import create_agent
from langchain.agents.middleware import (
    CiscoAIDefenseMiddleware,
    CiscoAIDefenseToolMiddleware,
)

agent = create_agent(
    "openai:gpt-4.1",
    tools=[my_tool],
    middleware=[
        CiscoAIDefenseMiddleware(api_key="...", region="us"),
        CiscoAIDefenseToolMiddleware(api_key="...", region="us"),
    ],
)

Files changed

File	Change
`libs/langchain_v1/langchain/agents/middleware/cisco_ai_defense.py`	New — middleware implementation
`libs/langchain_v1/langchain/agents/middleware/__init__.py`	Added imports and `__all__` entries
`libs/langchain_v1/langchain/agents/middleware/docs/cisco_ai_defense.mdx`	New — MDX documentation
`libs/langchain_v1/tests/unit_tests/agents/middleware/implementations/test_cisco_ai_defense.py`	New — 19 unit tests

Dependencies

aidefense is an optional dependency (lazy-imported). No changes to pyproject.toml are needed — users install it separately when they want to use this middleware.

Test plan

19 unit tests with mocked aidefense client covering:
- Safe input/output passthrough
- Unsafe input/output blocking (exit_behavior="end")
- Unsafe input raising exceptions (exit_behavior="error")
- check_input=False skips inspection
- Fail-open allows request on API error
- Fail-closed propagates API error
- Region alias normalization
- Tool safe/unsafe request and response inspection
- Tool fail-open/closed
- Tool exit_behavior="error"
- Request-only and response-only inspection modes

Changed files

libs/langchain_v1/langchain/agents/middleware/__init__.py (modified, +8/-0)
libs/langchain_v1/langchain/agents/middleware/cisco_ai_defense.py (added, +587/-0)
libs/langchain_v1/tests/unit_tests/agents/middleware/implementations/test_cisco_ai_defense.py (added, +326/-0)

Code Example

from langchain.agents import create_agent
from langchain.agents.middleware import (
    CiscoAIDefenseMiddleware,
    CiscoAIDefenseToolMiddleware,
)

# LLM inspection only
agent = create_agent(
    "openai:gpt-4.1",
    middleware=[CiscoAIDefenseMiddleware(api_key="...", region="us")],
)

# Tool inspection only
agent = create_agent(
    "openai:gpt-4.1",
    tools=[my_tool],
    middleware=[CiscoAIDefenseToolMiddleware(api_key="...", region="us")],
)

# Both LLM + tool inspection
agent = create_agent(
    "openai:gpt-4.1",
    tools=[my_tool],
    middleware=[
        CiscoAIDefenseMiddleware(api_key="...", region="us"),
        CiscoAIDefenseToolMiddleware(api_key="...", region="us"),
    ],
)

RAW_BUFFERClick to expand / collapse

Feature Request

Description

Add two new middleware classes that integrate Cisco AI Defense security policies into LangChain agents:

CiscoAIDefenseMiddleware — inspects LLM inputs and outputs via before_model / after_model hooks using the Cisco AI Defense Chat Inspection API.
CiscoAIDefenseToolMiddleware — inspects tool call requests and responses via wrap_tool_call using the Cisco AI Defense MCP Inspection API.

Motivation

Cisco AI Defense provides runtime security inspection for AI applications, detecting prompt injection, jailbreaks, PII leakage, toxic content, and unsafe tool usage. Integrating it as LangChain middleware lets users add security guardrails to any agent with a single line of configuration — no code changes to their tools or models.

Proposed Design

Two composable middleware classes in a single file (cisco_ai_defense.py), following LangChain's existing patterns (similar to PIIMiddleware, ModelCallLimitMiddleware):

from langchain.agents import create_agent
from langchain.agents.middleware import (
    CiscoAIDefenseMiddleware,
    CiscoAIDefenseToolMiddleware,
)

# LLM inspection only
agent = create_agent(
    "openai:gpt-4.1",
    middleware=[CiscoAIDefenseMiddleware(api_key="...", region="us")],
)

# Tool inspection only
agent = create_agent(
    "openai:gpt-4.1",
    tools=[my_tool],
    middleware=[CiscoAIDefenseToolMiddleware(api_key="...", region="us")],
)

# Both LLM + tool inspection
agent = create_agent(
    "openai:gpt-4.1",
    tools=[my_tool],
    middleware=[
        CiscoAIDefenseMiddleware(api_key="...", region="us"),
        CiscoAIDefenseToolMiddleware(api_key="...", region="us"),
    ],
)

Key features

Composable: use either middleware independently or both together
Sync + async: implements both sync and async hooks
Configurable exit behavior: "end" (jump to end with violation message) or "error" (raise exception)
Fail-open / fail-closed: configurable behavior when AI Defense API is unreachable
Lazy import: aidefense SDK is imported inside methods, so it remains an optional dependency — no changes to pyproject.toml needed
Region aliases: "us", "eu", "apj" normalized automatically

Implementation

I have a working implementation ready with:

Middleware source: libs/langchain_v1/langchain/agents/middleware/cisco_ai_defense.py
Updated exports: libs/langchain_v1/langchain/agents/middleware/__init__.py
19 unit tests: libs/langchain_v1/tests/unit_tests/agents/middleware/implementations/test_cisco_ai_defense.py
MDX documentation: libs/langchain_v1/langchain/agents/middleware/docs/cisco_ai_defense.mdx

PR: #36068 (auto-closed due to missing issue link — will relink once this issue is approved)

cc @sydney-runkle for review

extent analysis

Fix Plan

To integrate Cisco AI Defense security policies into LangChain agents, we will implement two new middleware classes: CiscoAIDefenseMiddleware and CiscoAIDefenseToolMiddleware.

Here are the steps to implement the fix:

Create a new file cisco_ai_defense.py in the langchain/agents/middleware directory.
Define the CiscoAIDefenseMiddleware class with before_model and after_model hooks to inspect LLM inputs and outputs using the Cisco AI Defense Chat Inspection API.
Define the CiscoAIDefenseToolMiddleware class with a wrap_tool_call method to inspect tool call requests and responses using the Cisco AI Defense MCP Inspection API.
Update the __init__.py file in the langchain/agents/middleware directory to export the new middleware classes.

Example code for the CiscoAIDefenseMiddleware class:

import aiohttp
from langchain.agents import LLM
from langchain.agents.middleware import Middleware

class CiscoAIDefenseMiddleware(Middleware):
    def __init__(self, api_key: str, region: str):
        self.api_key = api_key
        self.region = region

    async def before_model(self, llm: LLM, prompt: str):
        # Inspect the input prompt using the Cisco AI Defense Chat Inspection API
        async with aiohttp.ClientSession() as session:
            async with session.post(
                f"https://{self.region}.aidefense.cisco.com/inspect",
                headers={"Authorization": f"Bearer {self.api_key}"},
                json={"prompt": prompt},
            ) as response:
                if response.status != 200:
                    # Handle API error
                    pass

    async def after_model(self, llm: LLM, response: str):
        # Inspect the output response using the Cisco AI Defense Chat Inspection API
        async with aiohttp.ClientSession() as session:
            async with session.post(
                f"https://{self.region}.aidefense.cisco.com/inspect",
                headers={"Authorization": f"Bearer {self.api_key}"},
                json={"response": response},
            ) as response:
                if response.status != 200:
                    # Handle API error
                    pass

Verification

To verify that the fix worked, you can create a LangChain agent with the new middleware classes and test it with sample inputs and tools. For example:

from langchain.agents import create_agent
from langchain.agents.middleware import CiscoAIDefenseMiddleware, CiscoAIDefenseToolMiddleware

agent = create_agent(
    "openai:gpt-4.1",
    middleware=[CiscoAIDefenseMiddleware(api_key="...", region="us")],
)

# Test the agent with a sample input
output = agent({"input":

Vote matrix · Quick signals

Works

Did the solution work? Tap to confirm.

Easy Fix

Was it a quick fix?

Time Saver

Did it save you time?

Blocking

Was it severely blocking?

Common Issue

Are others likely hitting this too?

Flaky / Intermittent

Is it intermittent?

Verified / Reproducible

Can you reproduce it reliably?

#api #ssr #installation #tensor shape #autograd error #task chaining #parallel task #integration issue #index setup

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

langchain - ✅(Solved) Fix feat(middleware): Add Cisco AI Defense middleware for LLM and tool inspection [1 pull requests, 4 comments, 3 participants]

Recommended Tools

GitHub issue graph ai analysis

Error Message

Root Cause

Fix Action

Fixed

PR fix notes

PR #36068: feat(middleware): add Cisco AI Defense middleware for LLM and tool inspection

Description (problem / solution / changelog)

Summary

Key features

Configuration

Minimal examples

Files changed

Dependencies

Test plan

Changed files

Code Example

Feature Request

Description

Motivation

Proposed Design

Key features

Implementation

extent analysis

Fix Plan

Verification

Still need to ship something?

RELATED_DISCOVERY

TRENDING