Skip to main content

System-enforced LLM contracts - define, validate, and enforce behavioral constraints on AI interactions

Project description

prmpt

System-enforced LLM contracts.

prmpt does NOT make LLMs obedient. LLMs will still hallucinate, ignore instructions, and produce invalid output. prmpt makes violations observable and system behavior deterministic.

Traditional:  "Please follow rules" → LLM → Hope it works
   prmpt:     Validate input → LLM → Catch violations → Handle failure

The LLM is an untrusted black box. Your system decides what to do when it misbehaves.

Install

pip install dotprmpt

Quick Start

import prmpt

# Load a contract
contract = prmpt.load("my-bot.prmpt")

# Validate input
errors = contract.validate_input({"query": "Hello", "user_id": "123"})

# Generate system prompt
system_prompt = contract.to_system_prompt()

# After LLM response, validate output
errors = contract.validate_output(llm_response)

With Ollama

import prmpt
from prmpt.integrations import OllamaEnforcer

contract = prmpt.load("my-bot.prmpt")
enforcer = OllamaEnforcer(contract, model="llama3")

result = enforcer.execute({
    "user_query": "How do I reset my password?",
    "user_id": "user-123"
})

if result.success:
    print(result.output)
else:
    print(f"Violations: {result.violations}")

Demo

# Requires Ollama: https://ollama.ai/download
make demo

The Contract

A .prmpt file defines what the LLM can and cannot do:

Identity:
  name: "support-bot"
  version: "1.0.0"
  spec_version: "0.1.0"

Scope:
  description: "Customer support assistant"
  boundaries:
    - "Only answer product questions"

Invariants:
  - "Always be polite"
  - "Never share internal details"

Allowed Actions:
  - "answer questions"
  - "search knowledge base"

Forbidden Actions:
  - "access payment info"
  - "modify accounts"

Inputs:
  parameters:
    user_query: {type: "string", required: true}
    user_id: {type: "string", required: true}

Outputs:
  format: "json"
  schema:
    type: "object"
    properties:
      answer: {type: "string"}

Validation:
  mode: "schema"

Failure Modes:
  - id: "invalid_input"
    action: "return error"
  - id: "out_of_scope"
    action: "handoff to human"

Handoff Rules:
  conditions:
    - "user requests human"

CLI

prmpt validate contract.prmpt   # Validate structure
prmpt info contract.prmpt       # Show contract info
prmpt prompt contract.prmpt     # Generate system prompt
prmpt resolve contract.prmpt    # Output canonical JSON

API

import prmpt

# Load
contract = prmpt.load("file.prmpt")
contract = prmpt.loads(yaml_string)

# Validate files
errors = prmpt.validate("file.prmpt")           # Returns list
prmpt.validate("file.prmpt", strict=True)       # Raises on error

# Contract properties
contract.name                 # "support-bot"
contract.version              # "1.0.0"
contract.spec_version         # "0.1.0"
contract.invariants           # List[str]
contract.allowed_actions      # Set[str]
contract.forbidden_actions    # Set[str]

# Contract methods
contract.to_system_prompt()           # Generate LLM instructions
contract.validate_input(data)         # Validate input → List[str]
contract.validate_output(text)        # Validate output → List[str]
contract.check_action("do_thing")     # Is action allowed? → bool
contract.should_handoff(data)         # Should handoff? → bool

# Exceptions
from prmpt import (
    ParseError,         # Bad YAML/JSON
    ValidationError,    # Invalid contract
    InputViolation,     # Bad input
    OutputViolation,    # Bad output
    ActionForbidden,    # Action not allowed
    HandoffRequired,    # Needs human
)

Versioning

import prmpt
prmpt.__version__       # "0.1.0" - library version
prmpt.__spec_version__  # "0.1.0" - spec version

Project Structure

src/prmpt/       # Python package
spec/            # Specification document
tests/           # Test contracts
examples/        # Usage examples

Status

Experimental (v0.1.0) — Breaking changes expected.

License

Apache 2.0

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dotprmpt-0.1.0.tar.gz (18.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

dotprmpt-0.1.0-py3-none-any.whl (22.0 kB view details)

Uploaded Python 3

File details

Details for the file dotprmpt-0.1.0.tar.gz.

File metadata

  • Download URL: dotprmpt-0.1.0.tar.gz
  • Upload date:
  • Size: 18.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for dotprmpt-0.1.0.tar.gz
Algorithm Hash digest
SHA256 3adf2403d10dbd5b9ee265cf1c831f97d4f6035c805428710c22d619f91d1443
MD5 9bfb14ef809823c281db3b507a6e09a7
BLAKE2b-256 c10dcc7eb6082c671eaf2e755dcd2d7d2b307d7990ab0b3f7f4694591997443c

See more details on using hashes here.

File details

Details for the file dotprmpt-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: dotprmpt-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 22.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for dotprmpt-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 7f6bd0cffdc22149ae02e6e7691724759b5290b6b1667c9e929eb6ebb2e7bf27
MD5 f08e29d50e60f98455a3b51f5153723d
BLAKE2b-256 d0a6a84a6b719729255ff9c40cdfd323ed869882172e67cc412d995ff8721f63

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page