The OpenAI Agents SDK runs tools through FunctionTool.invoke. Paybond hooks that boundary with input guardrails (pre-check) and wrapped invoke (post-success evidence) — not as model middleware.
TypeScript only. Python Kit raises a clear error for
openai-agents; use this guide with@paybond/kitor@paybond/openai-agents.
Try it
Terminal
terminal
Terminal commandSwipe to inspect long lines
paybond login
paybond agent demo openai-agents smoke \
--operation paid-tool \
--requested-spend-cents 100 \
--evidence-preset cost_and_completion \
--format tableScaffold
Terminal
terminal
Terminal commandSwipe to inspect long lines
paybond init agent-middleware --framework openai --out paybond-openai-agents.ts
paybond policy init --preset travel --out paybond.policy.yamlRecommended wiring
import { tool, Agent, Runner } from "@openai/agents";
import { z } from "zod";
import { Paybond } from "@paybond/kit";
const paybond = await Paybond.open({ apiKey: process.env.PAYBOND_API_KEY! });
const bookHotelTool = tool({
name: "travel.book_hotel",
description: "Book a hotel room",
parameters: z.object({
city: z.string(),
estimatedPriceCents: z.number().int().nonnegative(),
}),
execute: async (args) => bookHotel(args),
});
const { agentTools: tools, runConfig } = await paybond.agent({
policy: "travel",
framework: "openai-agents",
tools: [bookHotelTool, searchWebTool],
});
const agent = new Agent({ name: "Travel", tools });
await Runner.run(agent, "Book a hotel in Lisbon under $200.", { ...runConfig });
Production: omit sandbox defaults on paybond.agent(), use paybond.instrument() with deferred bind, then instrumented.bind({ intentId, capabilityToken }) per session.
What Paybond adds
| Primitive | Purpose |
|---|---|
inputGuardrail on side-effecting tools | Harbor verify, deny, or HITL hold before invoke |
Wrapped invoke | Spend finalize + auto-evidence after success |
runConfig.toolExecution.preApprovalInputGuardrails | Enables guardrails before OpenAI approval interruptions |
Read-only tools pass through without guardrails.
Optional: pass { bridgeNeedsApproval: true } to createPaybondOpenAIAgentsConfig when you want both Harbor policy and OpenAI's human-in-the-loop pause.
Related guides
- Agent middleware — bind, registry, tenant isolation
- OpenAI Responses API spend controls — Responses API tool boundary
- Agent policy-as-code — versioned YAML
Developer reference: /docs/kit/openai-agents.