LangChain logo + P
Integration · Act

Act for LangChain agents

Capture every LangChain run as it actually executes — via LangChain's own callback system, not a network proxy — with the full chain → tool → retriever call tree reconstructed from real run IDs.

TL;DR

Prefactor acts on your LangChain agents at runtime — block, throttle, sandbox, or escalate a tool call or data access before it executes, stop an agent instantly with the kill switch, and delete or redact tagged PII the moment it's encountered.

Act
pillar
TS + Py
official SDKs
Spans
LLM · tools · agents
Tokens
usage captured

How to add act to LangChain

1

Same middleware, no extra package

The prefactor-langchain middleware you already installed for observability is what enforcement runs through — nothing separate to add.

2

Define a runtime policy

Write a policy — block, throttle, sandbox, or escalate — scoped to an action type, a data tag, or a risk level.

3

Evaluated before the action runs

Every intercepted LangChain call is evaluated against your policy before it's allowed to proceed — not flagged after the fact.

# pip install prefactor-langchain
import os
from prefactor_langchain import PrefactorMiddleware

middleware = PrefactorMiddleware.from_config(
    api_url="https://app.prefactorai.com",
    api_token=os.environ["PREFACTOR_API_TOKEN"],  # never hardcode tokens
    agent_id="my-agent",
    agent_name="My Agent",
)

How the LangChain integration actually works

What Prefactor captures for LangChain agents

Runtime policy enforcement

Every tool call, API request, or data access is evaluated against your rules at the point the agent tries to act — block, throttle, sandbox, or escalate, in sub-millisecond time.

Kill switch

Stop a single run, an agent, or every agent a team owns — immediately, no code deploy, triggered natively from Prefactor or programmatically from a custom span.

Human-in-the-loop approval

A flagged action pauses execution and routes to the right approver with full context — what the agent was trying to do, why, and its recent history — through Slack, Teams, or email.

PII deletion

Find every field carrying a tag and remove it in one action, wherever it appears — plus real-time redact, block, or escalate the moment PII is first encountered.

Trace anything — not just LLM calls

The SDK captures LLM, tool, and agent spans automatically. With withSpan you wrap any operation in your own span type — an API call, a database query, a quality check, a business action — each with its own payload and schema. It all flows into the same Observe, Evaluate, and cost views.

research_competitorquality_checkpricing_lookuprefund_decisiondoc_retrieval …anything you define
import { withSpan } from "@prefactor/core";

// Wrap ANY operation in a span you define — an API call, a quality
// check, a business action — with its own spanType, inputs and schema
await withSpan(
  {
    name: "research competitor",
    spanType: "research_competitor",
    inputs: { competitor },
  },
  async () => {
    const results = await search(competitor); // your tool / API calls
    return summarize(results);                // captured as one span
  },
);

Nest spans to capture business-level actions, and start with permissive schemas you tighten over time. Instrumentation strategy →

An example run, span by span

Illustrative — a single LangChain run as nested spans.

Trace · LangChain run
1.84s6 spans1,210 tokensok
invoke_agent 1840
llm: plan 440
tool: search_kb 330
retriever: vector_search 210
llm: synthesize 700
tool: send_reply 320
agentllm calltool callretriever

Illustrative example.

Manual logging vs DIY vs Prefactor

CapabilityManualDIY OpenTelemetryPrefactor
LLM / tool / agent spansHand-rolled✓ build it✓ via the SDK
Token usage captured per callBuild it
Configurable capture & samplingPartial
Hosted Admin UI (agents, instances)
Risk profiles & audit trail

LangChain act — FAQ

How do runtime policies work for LangChain agents?+

A policy engine sits at the point a LangChain agent calls a tool, queries an API, or touches data — the same interception point Prefactor uses across every framework. Every attempted action is evaluated against the agent's identity, permissions, and current context before it's allowed to proceed.

Does enforcement add latency to LangChain runs?+

No meaningfully — policy evaluation runs in sub-millisecond time, so enforcement doesn't add noticeable latency to the agent's response.

Can I kill a single LangChain run without stopping the whole agent?+

Yes — the kill switch scopes to a single run, a single agent, or every agent a team owns. Trigger it from the Prefactor dashboard directly, or programmatically via a custom span the moment your own code detects a problem.

How does human-in-the-loop approval work for LangChain?+

When a policy flags a LangChain agent's action for escalation, execution pauses and an approval request goes out with full context. The approver's decision is logged and either lets the action proceed or cancels it.

How is PII actually deleted from LangChain agent data?+

Detection and tagging happen continuously; deletion is one action against the tag — find every field carrying it for a given person or record, and remove it, wherever it appears across your LangChain runs.

How do I add Prefactor to a LangChain app?+

Install prefactor-langchain, create the middleware with PrefactorMiddleware.from_config(...) using your API URL, token, and agent, and add it to your LangChain agent — it registers as a standard LangChain callback handler.

What does Prefactor capture from LangChain?+

Prefactor hooks LangChain's own callback events — on_chain_start/end, on_tool_start/end, on_retriever_start/end, on_llm_start/on_chat_model_start/on_llm_end, and agent actions — and uses each event's run_id and parent_run_id to reconstruct the full call tree as structured, timestamped spans, so every LangChain run is captured as trace data you can reconstruct, search and export end to end.

Does Prefactor add latency or change how LangChain runs?+

No. Observability capture is designed to stay off your agent's critical path, so it doesn't alter your LangChain logic or your users' responses. The only part that acts inline is the optional runtime guardrails you enable per agent — by design, so a high-risk or low-confidence action can be held for human approval before it executes.

Can I evaluate agents built with LangChain and catch regressions?+

Yes. Once runs are captured, eval suites score quality and groundedness on real traffic, drift detection flags behaviour changes after deployment, and versioned eval history catches regressions before they ship — the observe → evaluate → improve loop applied to your LangChain agents.

Keep going

See it on your LangChain agents

Book a 15-minute setup and our team gets you act in production.