compliant-llm 0.1.5a1

Tool for testing AI system prompts against various attack vectors

(https://github.com/fiddlecube/compliant-llm)

Compliant LLM is your comprehensive toolkit for ensuring compliance and security of your AI systems.

Infosec, compliance, and gen AI teams use compliant-llm to ensure that their AI agents are secure and compliant with internal policies and frameworks like NIST, ISO, HIPAA, GDPR, etc.

It supports multiple LLM providers, and can be used to test prompts, agents, MCP servers and GenAI models.

Go through our documentation for more details.

🎯 Key Features

• 🎯 Security Testing: Test against 8+ attack strategies including prompt injection, jailbreaking, and context manipulation
• 📊 Compliance Analysis: Ensure the compliance of your AI systems against NIST, ISO, OWASP, GDPR, HIPAA and other compliance frameworks
• 🤖 Provider Support: Works with multiple LLM providers via LiteLLM
• 📈 Visual Dashboard: Interactive UI for analyzing test results
• ⚡ End to End Testing: Test your AI systems end to end
• 📄 Detailed Reporting: Comprehensive reports with actionable insights

⚙️ Installation

pip install compliant-llm

Connect to your LLM

Initialize the API key(s) and configuration to access the target LLM

# for openai models:
export OPENAI_API_KEY=your-api-key-here

# anthropic models:
export ANTHROPIC_API_KEY=your-api-key-here

# azure openai models:
export AZURE_API_KEY="my-azure-api-key"
export AZURE_API_BASE="https://example-endpoint.openai.azure.com"
export AZURE_API_VERSION="2023-05-15"

🚀 Quick Start

1. You can use the compliant-llm dashboard:

compliant-llm dashboard

2. Or use the CLI:

compliant-llm test --prompt "You are a helpful assistant who can only respond ethically" --strategy "prompt_injection,jailbreak" --provider="azure/gpt-4o"

3. Or use a configuration file:

compliant-llm test --config_path configs/config.yaml

3. View the latest test report in UI:

compliant-llm dashboard

Support

Contact: founders@fiddlecube.ai

Meet: 🔗 Find a slot

Community: 💬 Discord, X, LinkedIn

Self-hosted or hosted cloud: Book a demo

🔗 Book a slot

Roadmap

• Full Application Pen Testing
• Compliant and Logged MCP Servers
• Support different Compliance Frameworks - NIST, HIPAA, GDPR, EU AI Act, etc.
• Multimodal Testing
• CI/CD
• Access Control checks
• Control Pane for different controls
• Internal audits and documentation

⭐️ Star us

🤝 Contributors

Developers	Contributors
Those who build with compliant-llm.	Those who make compliant-llm better.
(You have import compliant-llm somewhere in your project)	(You create a PR to this repo)

We welcome contributions from the community! Whether it's bug fixes, feature additions, or documentation improvements, your input is valuable.

1. Fork the repository
2. Create your feature branch (git checkout -b feature/AmazingFeature)
3. Commit your changes (git commit -m 'Add some AmazingFeature')
4. Push to the branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

🔒 Security & Privacy

We take data security and privacy seriously. Please refer to our Security and Privacy page for more information.

Telemetry

Compliant LLM tracks anonymized usage statistics to improve the product. No private or personally identifiable information is tracked.

You can opt-out by setting export DISABLE_COMPLIANT_LLM_TELEMETRY=true.

📝 Cite Us

@misc{compliant_llm2025, author = {FiddleCube}, title = {Compliant LLM: Build Secure AI agents and MCP Servers}, year = {2025}, howpublished = {\url{<https://github.com/fiddlecube/compliant-llm}}>, }