Integrations
Admina integrates with the most popular AI agent frameworks and orchestration tools. Every integration routes governance through the Admina proxy β no code changes required in your existing agents.
OpenClaw
Admina ships with a ready-to-use OpenClaw skill that routes all MCP tool calls from your agent through the Admina governance proxy. The setup steps below install the skill and route the agent's traffic via Admina.
How it works
The admina-governance SKILL.md routes all agent actions through
/api/v1/validate and /api/v1/audit. Governed action types include:
llm_callβ LLM prompt and completion governanceshell_execβ Shell command executionfile_writeβ File system write operationshttp_requestβ Outbound HTTP requestsmessage_sendβ Agent-to-agent or agent-to-user messages
Skill install
The setup.sh script rewrites ~/.openclaw/mcp.json to route all
MCP traffic through Admina:
# Install the Admina skill cd openclaw-skill chmod +x setup.sh ./setup.sh # Restart OpenClaw gateway openclaw gateway restart
Adapter (manual)
For fine-grained control, use the python adapter.py to rewrite and restore
your MCP config:
# Rewrite mcp.json to use Admina as proxy python adapter.py rewrite --config ~/.openclaw/mcp.json # Restore original mcp.json python adapter.py restore --config ~/.openclaw/mcp.json
Stdio bridge
For MCP servers that use the stdio transport (filesystem, npx-based servers), Admina provides a stdio bridge that wraps the server process and intercepts all JSON-RPC messages on stdin/stdout.
# In mcp.json, wrap stdio servers with the bridge
{
"mcpServers": {
"filesystem": {
"command": "python",
"args": [
"/path/to/admina/openclaw-adapter/stdio_bridge.py",
"--",
"npx", "-y", "@modelcontextprotocol/server-filesystem", "/home"
]
}
}
} LangChain
The AdminaCallbackHandler is a drop-in callback for ChatOpenAI
and any other LangChain model. It governs all LLM and tool events through Admina without
changing your existing chain logic.
Governed events
on_llm_startβ Validates prompts before they reach the modelon_llm_endβ Scans completions for PII, toxicity, complianceon_tool_startβ Firewall check before tool executionon_tool_endβ Audit trail of tool results
Configuration
The handler accepts the following parameters:
admina_urlβ Admina proxy URL (default:http://localhost:8080)api_keyβ API key for authenticationsession_idβ Session identifier for trackingpii_redactionβ Enable PII redaction (Data Sovereignty domain)firewallβ Enable firewall (Agent Security domain)loop_detectionβ Enable loop breaker (Agent Security domain)on_blockβ Behavior when a request is blocked (raiseorwarn)
Example
pip install "admina-framework[langchain]" from admina.integrations.langchain import AdminaCallbackHandler from langchain_openai import ChatOpenAI handler = AdminaCallbackHandler( admina_url="http://localhost:8080", api_key="your-key", pii_redaction=True, firewall=True, ) llm = ChatOpenAI(callbacks=[handler]) # Every call to llm.invoke() is now governed response = llm.invoke("Summarize this document")
CrewAI
Admina provides two callbacks for CrewAI:
AdminaStepCallback fires after each agent step, and
AdminaTaskCallback fires after task completion.
Both support per-agent configuration.
Callbacks
AdminaStepCallbackβ Governs each agent step (tool calls, LLM calls, reasoning)AdminaTaskCallbackβ Audits completed tasks with full context (inputs, outputs, agent info)
Example
pip install "admina-framework[crewai]" from admina.integrations.crewai import AdminaStepCallback, AdminaTaskCallback from crewai import Crew, Agent, Task researcher = Agent(name="Researcher", ...) writer = Agent(name="Writer", ...) crew = Crew( agents=[researcher, writer], tasks=[...], step_callback=AdminaStepCallback( admina_url="http://localhost:8080", ), task_callback=AdminaTaskCallback( admina_url="http://localhost:8080", ), ) # Kick off β every step and task is governed result = crew.kickoff()
n8n
The n8n-nodes-admina package adds three governance nodes to your
n8n workflows:
Install
npm install n8n-nodes-admina Nodes
- AdminaGovern β Inline governance node. Place it before any AI node in your workflow. Validates inputs, blocks non-compliant requests, and adds governance metadata to the output.
- AdminaAudit β Passive logging node. Place it after any AI node to log all requests and responses to the Admina audit trail without blocking.
- AdminaDashboard β WebSocket trigger node. Streams real-time governance events from Admina into n8n, enabling reactive workflows (alerts, Slack notifications, compliance reports).
Cheshire Cat AI
Admina integrates with Cheshire Cat AI as a Python plugin. The plugin hooks into the Cat's event system to govern agent actions at three critical points.
Governed hooks
-
agent_fast_replyβ Intercepts the agent's reply before it is sent to the user. Enables PII redaction, toxicity filtering, and compliance checks on outputs. -
before_cat_sends_messageβ Final checkpoint before the message leaves the Cat. Applied after all other plugins have processed the response. -
before_cat_recalls_memoriesβ Governs memory recall to prevent leaking sensitive data from the vector store.
Install
Install the Admina plugin from the Cheshire Cat plugin registry or manually:
# Copy the plugin into your Cat's plugins directory cp -r admina-cheshire-cat-plugin/ cat/plugins/admina-governance/ # Set the Admina proxy URL in the plugin settings # via the Cat admin UI or in the plugin's settings.json: { "admina_url": "http://localhost:8080", "api_key": "your-key" }
GuardrailsAI
Admina provides a GuardrailsAI Guard plugin that wraps popular validators with Admina's governance layer. All inference runs locally by default β no data leaves your infrastructure.
guardrails-ai is
currently in quarantine, so the [guardrailsai] extra is not
published with admina-framework in 0.9.x. The plugin itself remains
in the codebase and is auto-detected at runtime if you install the
guardrails package separately.
Install
# Install guardrails-ai directly; Admina auto-detects it on startup pip install guardrails-ai
Wrapped validators
toxic_languageβ Detects and blocks toxic or harmful language in prompts and completionsdetect_piiβ Identifies and redacts personally identifiable informationdetect_jailbreakβ Catches prompt injection and jailbreak attempts
Example
from admina.integrations.guardrailsai import AdminaGuard guard = AdminaGuard( admina_url="http://localhost:8080", validators=["toxic_language", "detect_pii", "detect_jailbreak"], ) # Validate a prompt before sending to the LLM result = guard.validate( "Tell me the SSN of John Smith" ) # result.outcome β "fail" # result.validated_output β "[PII REDACTED]"
GUARDRAILS_REMOTE=true only if you want to use GuardrailsAI's hosted validators.
Model provider adapters
Where the framework integrations above govern agent traffic, model adapters let
the SDK govern direct calls to an LLM provider: wrap a provider in
GovernedModel and every prompt and completion runs the full pipeline
(loop β firewall β PII β guards). Each adapter is a built-in plugin that
lazy-imports its provider SDK, so the dependency is only required when
the adapter is actually used. Since v0.10.0 there are seven, installed via per-provider extras:
admina-framework[openai]ADMINA_OPENAI_API_KEY / ADMINA_OPENAI_MODELadmina-framework[ollama]ADMINA_OLLAMA_BASE_URL / ADMINA_OLLAMA_MODELadmina-framework[anthropic]ADMINA_ANTHROPIC_API_KEY / ADMINA_ANTHROPIC_MODELadmina-framework[mistral]ADMINA_MISTRAL_API_KEY / ADMINA_MISTRAL_MODELadmina-framework[bedrock]ADMINA_BEDROCK_REGION / ADMINA_BEDROCK_MODEL (standard AWS credential chain)admina-framework[gemini]ADMINA_GEMINI_API_KEY / ADMINA_GEMINI_MODELadmina-framework[adapters]ADMINA_VLLM_BASE_URL / ADMINA_VLLM_MODEL (model required)
Two roll-up extras bundle them: [adapters] pulls every provider, and
[all] is [proxy,nlp,telemetry,adapters] for a complete install.
pip install "admina-framework[anthropic]" from admina.sdk import GovernedModel # The Anthropic call now runs through the full governance pipeline model = GovernedModel(adapter="anthropic") resp = await model.ask("Summarise this contract clauseβ¦") # resp.action β "ALLOW" | "BLOCK" (firewall + guards run by default since v0.10.0)
GovernedModel.ask() now runs
the injection firewall and any pluggable guards on the prompt β not just PII redaction β and can
return action="BLOCK" with empty text. Opt out per stage with
GovernedModel(firewall_enabled=False, β¦). Loop detection runs when you pass a
session_id per call.