Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Qorami

FreeNot checked

▎ Check an email before an AI agent sends it: send / ask a human / block — with machine reason codes and prompt-injection detection.

GitHubEmbed

About

▎ Check an email before an AI agent sends it: send / ask a human / block — with machine reason codes and prompt-injection detection.

README

Official clients, tool schemas and an MCP server for Qorami — a control point between your AI agents and actually sending email. Before each send, the agent asks Qorami, which replies send, request_human_confirmation, or do_not_send.

Get an API key in the dashboard. Full API reference: https://qorami.fr/docs.

Path What
js/ Zero-dependency JavaScript / TypeScript client (fetch, Node 18+ or browser).
python/ Zero-dependency Python client (stdlib only) + LangChain, CrewAI, LlamaIndex & OpenAI-Agents tools.
tools/ Drop-in OpenAI function-calling & Anthropic tool-use schemas for qorami_check_email.
mcp/ Stdio MCP server (qorami_health, verify_email, check_action_status) for Claude Desktop, Cursor, any MCP client.
n8n-nodes-qorami/ n8n community node (Settings → Community Nodes → n8n-nodes-qorami) — guard an email, usable as an AI-Agent tool.
n8n/ No-code recipe: guard a workflow's email with a plain HTTP Request node (no install).
examples/ Runnable Node & Python quickstarts.

JavaScript / TypeScript

import { QoramiClient } from './js/qorami.mjs'

const qorami = new QoramiClient({ apiKey: process.env.QORAMI_API_KEY })

await qorami.guard(
  { recipient: '[email protected]', subject: 'Our offer', body, policyProfile: 'sales' },
  {
    send: () => mailer.send(),                            // allowed
    requestHumanConfirmation: (r) => queue(r.action.id), // a human was notified
    doNotSend: (r) => log('blocked', r.decision),        // do not send
  },
)

Or step by step with qorami.verify(...) and, after a review, poll qorami.status(actionId) until nextAction.type === 'send'.

Python

from qorami import QoramiClient
qorami = QoramiClient(api_key=os.environ["QORAMI_API_KEY"])

result = qorami.verify(recipient="[email protected]", subject="Our offer",
                       body=email_body, policy_profile="sales")
if result.next_action_type == "send":
    send_email()
elif result.next_action_type == "request_human_confirmation":
    queue_for_review(result.action_id)   # a human was notified by email
# else: do_not_send

Agent framework tools

pip install qorami[<framework>] ships a drop-in qorami_check_email wrapper — each returns ALLOWED / NEEDS HUMAN APPROVAL / BLOCKED and reuses the client:

Framework Install Import
LangChain pip install qorami[langchain] from qorami_langchain import build_qorami_tool
CrewAI pip install qorami[crewai] from qorami_crewai import QoramiEmailGuard
LlamaIndex pip install qorami[llamaindex] from qorami_llamaindex import build_qorami_tool
OpenAI Agents SDK pip install qorami[openai-agents] from qorami_openai_agents import qorami_check_email
from qorami_langchain import build_qorami_tool
tool = build_qorami_tool()        # reads QORAMI_API_KEY

No-code workflows (n8n) use a plain HTTP Request node — see n8n/.

MCP server

Register Qorami as a native tool in Claude Desktop / Cursor / any MCP client — see mcp/. It exposes qorami_health, verify_email and check_action_status over stdio.

The contract

Every client returns the same decision the agent must obey via nextAction.type: send, request_human_confirmation (a human approves first — poll the action), or do_not_send. See https://qorami.fr/docs.

Cleaned version (auto-remediation)

When an email is risky only because of mechanically-removable content (a leaked secret, a suspicious link, an IBAN/card/SSN), the verify result carries a cleaned, sendable copy — send remediation.safeBody instead of blocking outright:

const r = await qorami.verify({ recipient, subject, body, policyProfile: 'general' })
if (r.nextAction.type === 'do_not_send' && r.remediation?.safeToSend) {
  mailer.send({ ...email, body: r.remediation.safeBody })   // safe, redacted copy
}
r = qorami.verify(recipient=..., subject=..., body=email_body)
if r.next_action_type == "do_not_send" and (r.remediation or {}).get("safeToSend"):
    send_email(body=r.remediation["safeBody"])   # safe, redacted copy

remediation.removed lists what was stripped (e.g. ["secret", "link"]). The MCP server surfaces the same field.

License

MIT — see LICENSE.

from github.com/loicfontaine-max/qorami-sdk

Installing Qorami

This server has no published package — it is built from source. Open the repository and follow its README.

▸ github.com/loicfontaine-max/qorami-sdk

FAQ

Is Qorami MCP free?

Yes, Qorami MCP is free — one-click install via Unyly at no cost.

Does Qorami need an API key?

No, Qorami runs without API keys or environment variables.

Is Qorami hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install Qorami in Claude Desktop, Claude Code or Cursor?

Open Qorami on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Qorami with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All communication MCPs