Command Palette

Search for a command to run...

UnylyUnyly
Browse all

loicfontaine-max/qorami-sdk

FreeNot checked

Check an email before an AI agent sends it: returns send / ask-a-human / block, with machine reason codes and prompt-injection detection.

GitHubEmbed

About

Check an email before an AI agent sends it: returns send / ask-a-human / block, with machine reason codes and prompt-injection detection.

README

Official clients, tool schemas and an MCP server for Qorami — a control point between your AI agents and actually sending email. Before each send, the agent asks Qorami, which replies send, request_human_confirmation, or do_not_send.

Get an API key in the dashboard. Full API reference: https://qorami.fr/docs.

Path What
js/ Zero-dependency JavaScript / TypeScript client (fetch, Node 18+ or browser).
python/ Zero-dependency Python client (stdlib only) + LangChain, CrewAI, LlamaIndex & OpenAI-Agents tools.
tools/ Drop-in OpenAI function-calling & Anthropic tool-use schemas for qorami_check_email.
mcp/ Stdio MCP server (qorami_health, verify_email, check_action_status) for Claude Desktop, Cursor, any MCP client.
n8n-nodes-qorami/ n8n community node (Settings → Community Nodes → n8n-nodes-qorami) — guard an email, usable as an AI-Agent tool.
n8n/ No-code recipe: guard a workflow's email with a plain HTTP Request node (no install).
examples/ Runnable Node & Python quickstarts.

JavaScript / TypeScript

import { QoramiClient } from './js/qorami.mjs'

const qorami = new QoramiClient({ apiKey: process.env.QORAMI_API_KEY })

await qorami.guard(
  { recipient: '[email protected]', subject: 'Our offer', body, policyProfile: 'sales' },
  {
    send: () => mailer.send(),                            // allowed
    requestHumanConfirmation: (r) => queue(r.action.id), // a human was notified
    doNotSend: (r) => log('blocked', r.decision),        // do not send
  },
)

Or step by step with qorami.verify(...) and, after a review, poll qorami.status(actionId) until nextAction.type === 'send'.

Python

from qorami import QoramiClient
qorami = QoramiClient(api_key=os.environ["QORAMI_API_KEY"])

result = qorami.verify(recipient="[email protected]", subject="Our offer",
                       body=email_body, policy_profile="sales")
if result.next_action_type == "send":
    send_email()
elif result.next_action_type == "request_human_confirmation":
    queue_for_review(result.action_id)   # a human was notified by email
# else: do_not_send

Agent framework tools

pip install qorami[<framework>] ships a drop-in qorami_check_email wrapper — each returns ALLOWED / NEEDS HUMAN APPROVAL / BLOCKED and reuses the client:

Framework Install Import
LangChain pip install qorami[langchain] from qorami_langchain import build_qorami_tool
CrewAI pip install qorami[crewai] from qorami_crewai import QoramiEmailGuard
LlamaIndex pip install qorami[llamaindex] from qorami_llamaindex import build_qorami_tool
OpenAI Agents SDK pip install qorami[openai-agents] from qorami_openai_agents import qorami_check_email
from qorami_langchain import build_qorami_tool
tool = build_qorami_tool()        # reads QORAMI_API_KEY

No-code workflows (n8n) use a plain HTTP Request node — see n8n/.

MCP server

Register Qorami as a native tool in Claude Desktop / Cursor / any MCP client — see mcp/. It exposes qorami_health, verify_email and check_action_status over stdio.

The contract

Every client returns the same decision the agent must obey via nextAction.type: send, request_human_confirmation (a human approves first — poll the action), or do_not_send. See https://qorami.fr/docs.

Cleaned version (auto-remediation)

When an email is risky only because of mechanically-removable content (a leaked secret, a suspicious link, an IBAN/card/SSN), the verify result carries a cleaned, sendable copy — send remediation.safeBody instead of blocking outright:

const r = await qorami.verify({ recipient, subject, body, policyProfile: 'general' })
if (r.nextAction.type === 'do_not_send' && r.remediation?.safeToSend) {
  mailer.send({ ...email, body: r.remediation.safeBody })   // safe, redacted copy
}
r = qorami.verify(recipient=..., subject=..., body=email_body)
if r.next_action_type == "do_not_send" and (r.remediation or {}).get("safeToSend"):
    send_email(body=r.remediation["safeBody"])   # safe, redacted copy

remediation.removed lists what was stripped (e.g. ["secret", "link"]). The MCP server surfaces the same field.

License

MIT — see LICENSE.

from github.com/loicfontaine-max/qorami-sdk

Install loicfontaine-max/qorami-sdk in Claude Desktop, Claude Code & Cursor

Recommended · one command, every IDE
unyly install loicfontaine-max-qorami-sdk

Installs into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.

First time? Get the CLI: curl -fsSL https://unyly.org/install | sh

Or configure manually

Run in your terminal:

claude mcp add loicfontaine-max-qorami-sdk -- npx -y qorami-mcp

FAQ

Is loicfontaine-max/qorami-sdk MCP free?

Yes, loicfontaine-max/qorami-sdk MCP is free — one-click install via Unyly at no cost.

Does loicfontaine-max/qorami-sdk need an API key?

No, loicfontaine-max/qorami-sdk runs without API keys or environment variables.

Is loicfontaine-max/qorami-sdk hosted or self-hosted?

Self-hosted: the server runs locally on your machine via the install command above.

How do I install loicfontaine-max/qorami-sdk in Claude Desktop, Claude Code or Cursor?

Open loicfontaine-max/qorami-sdk on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare loicfontaine-max/qorami-sdk with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All communication MCPs