After init_interceptor() + enable(), every patched httpx/requests call is recorded into provably_intercepts and triggers preprocess. To skip recording, the consumer must wrap each non-agent call in provably_self_egress(...).
Combined with the request-time trust gate (any URL not in trusted_endpoints raises) and the per-write preprocess job (every recorded call queues an indexing run), forgetting a single wrap has cascading effects:
- Dashboard / admin / health-probe fetches against the same backend the agent uses get recorded with
(agent_id="unknown", action_name="unknown"), polluting the intercepts table.
- Each recorded call triggers a preprocess job. A page refresh that fans out to 20+ HTTP calls queues 20+ preprocess runs and starves the agent path.
- Any URL not in
trusted_endpoints raises RuntimeError: BLOCKED, even if the call is unrelated to the agent.
The SDK already has intercept_context(*, agent_id, action_name) for the agent path. If recording were opt-in — only calls inside an intercept_context scope are recorded; everything else passes through — the failure mode becomes "claim doesn’t resolve to an intercept" rather than "dashboard freezes."
Suggested behaviour:
provably.init_interceptor()
provably.enable() # patches installed; recording happens only inside intercept_context
# agent path — recorded:
with provably.intercept_context(agent_id="fetch_and_claim", action_name="crm_get_customer__0"):
customer = httpx.get(...).json()
# everything else — passes through unchanged, no trust check, no preprocess:
profile = httpx.get(...).json()provably_self_egress becomes redundant (or stays as an alias for "explicit pass-through"). The trust gate still fires, but only for calls inside intercept_context, which is exactly the scope it was designed to police.
Hit while building a consumer where the dashboard fetches against the same backend the agent uses — every non-wrapped call ate a preprocess slot.
After
init_interceptor()+enable(), every patchedhttpx/requestscall is recorded intoprovably_interceptsand triggerspreprocess. To skip recording, the consumer must wrap each non-agent call inprovably_self_egress(...).Combined with the request-time trust gate (any URL not in
trusted_endpointsraises) and the per-writepreprocessjob (every recorded call queues an indexing run), forgetting a single wrap has cascading effects:(agent_id="unknown", action_name="unknown"), polluting the intercepts table.trusted_endpointsraisesRuntimeError: BLOCKED, even if the call is unrelated to the agent.The SDK already has
intercept_context(*, agent_id, action_name)for the agent path. If recording were opt-in — only calls inside anintercept_contextscope are recorded; everything else passes through — the failure mode becomes "claim doesn’t resolve to an intercept" rather than "dashboard freezes."Suggested behaviour:
provably_self_egressbecomes redundant (or stays as an alias for "explicit pass-through"). The trust gate still fires, but only for calls insideintercept_context, which is exactly the scope it was designed to police.Hit while building a consumer where the dashboard fetches against the same backend the agent uses — every non-wrapped call ate a preprocess slot.