Guards plugin for Axio TUI

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mosquito from gravatar.com mosquito

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Requires: Python >=3.12
Report project as malware

Project description

axio-tui-guards

PyPI Python License: MIT

Permission guard plugins for axio-tui.

Guards intercept tool calls before execution and can allow, modify, or deny them. Ships two guards: a path-access guard that asks the user before touching filesystem locations, and an LLM-based guard that reviews tool calls for safety.

Features

  • PathGuard — intercepts tools that touch the filesystem; prompts the user once per directory and remembers the decision for the session
  • LLMGuard — runs a secondary LLM call to review each tool invocation before allowing it
  • PermissionGuard protocol — both guards implement axio.PermissionGuard and compose cleanly
  • TUI-aware — prompts appear as native axio-tui dialogs, not blocking stdin reads

Installation

pip install axio-tui-guards

Or install as part of the TUI bundle:

pip install "axio-tui[guards]"

Guards

PathGuard

Intercepts tool calls that contain filesystem paths (file_path, filename, directory, path, cwd). On the first access to a new directory it asks the user to allow, allow all (subtree), or deny.

from axio_tui_guards.guards import PathGuard
from axio.tool import Tool

guard = PathGuard()   # uses TUI prompt_fn by default

tool = Tool(
    name="write_file",
    description="Write a file",
    handler=WriteFile,
    guards=(guard,),
)

Decision caching:

  • Allow — grants access to the parent directory for the current session
  • Allow all — grants access to the directory and all subdirectories
  • Deny — blocks this path; raises GuardError immediately on retry

LLMGuard

Uses a secondary LLM call to review the tool handler arguments before execution. If the reviewer deems the call unsafe it raises GuardError with the reason.

from axio_tui_guards.guards import LLMGuard
from axio_transport_openai import OpenAITransport

reviewer = OpenAITransport(api_key="sk-...", model="gpt-4o-mini")
guard = LLMGuard(transport=reviewer)

Composing guards

Guards are applied in order — attach both for layered protection:

tool = Tool(
    name="shell",
    description="Run shell commands",
    handler=Shell,
    guards=(PathGuard(), LLMGuard(transport=reviewer)),
)

Custom guards

Implement the PermissionGuard protocol to write your own:

from axio.permission import PermissionGuard
from axio.exceptions import GuardError

class MyGuard(PermissionGuard):
    async def check(self, handler):
        if "rm -rf" in getattr(handler, "command", ""):
            raise GuardError("Refusing to run rm -rf")
        return handler

Plugin registration

[project.entry-points."axio.guards"]
path = "axio_tui_guards.guards:PathGuard"
llm  = "axio_tui_guards.guards:LLMGuard"

Part of the axio ecosystem

axio · axio-tui · axio-tui-rag

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mosquito from gravatar.com mosquito

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Requires: Python >=3.12

Release history Release notifications | RSS feed

0.9.6

0.9.5

0.9.4

0.9.2

0.9.1

0.9.0

0.8.0

0.7.0

0.6.2

0.6.1

0.6.0

0.5.1

0.5.0

0.4.1

0.4.0

0.3.5

0.3.4

0.3.3

0.3.2

0.2.3

This version

0.2.2

0.2.1

0.2.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

axio_tui_guards-0.2.2.tar.gz (86.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

axio_tui_guards-0.2.2-py3-none-any.whl (7.0 kB view details)

Uploaded Python 3

File details

Details for the file axio_tui_guards-0.2.2.tar.gz.

File metadata

  • Download URL: axio_tui_guards-0.2.2.tar.gz
  • Upload date:
  • Size: 86.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for axio_tui_guards-0.2.2.tar.gz
Algorithm Hash digest
SHA256 44ba212a07780c6fad628564a75f2b6684a0acf559bd3b5e671499c1ef18e811
MD5 9023c8a728f93d3816f61e852683704e
BLAKE2b-256 e0e9870cc6f3fb7898130b59ebbc5b393931d90cb9c6f3ea373431d949324151

See more details on using hashes here.

Provenance

The following attestation bundles were made for axio_tui_guards-0.2.2.tar.gz:

Publisher: publish.yml on axio-agent/axio-tui-guards

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file axio_tui_guards-0.2.2-py3-none-any.whl.

File metadata

File hashes

Hashes for axio_tui_guards-0.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 5c4c142a0452664ba1f7ead2a931ba2b3d0f111fb77162fd0ad0536926f010c0
MD5 76e06515b1dd87eec2eaa0e10d65c990
BLAKE2b-256 c4674a268953907856de2f7471e7c586253eba6570d60a038438edbe02e0c838

See more details on using hashes here.

Provenance

The following attestation bundles were made for axio_tui_guards-0.2.2-py3-none-any.whl:

Publisher: publish.yml on axio-agent/axio-tui-guards

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page