A minimal execution runtime and tracing toolkit for agent plans.
Project description
FailCore
When your agent breaks, you don't need better prompts — you need to know what it actually did.
FailCore is an execution-time tracing and safety runtime for LLM systems.
It does not care how agents reason or plan.
It focuses on what was actually executed, what was blocked, and how to audit it after the fact.
⚠️ Pre-release (0.1.x)
FailCore is under active development. APIs, CLI commands, and report formats may change.
Why FailCore?
Most agent frameworks focus on decision making.
FailCore focuses on the moment actions touch the real world.
Without FailCore:
- ❌ Tool failures are buried in logs
- ❌ Unsafe side effects are only discovered after damage
- ❌ No execution-level audit trail
- ❌ Debugging requires re-running expensive agents
With FailCore:
- ✅ Execution-time enforcement — block unsafe actions before they run
- ✅ Structured tracing — every action recorded as evidence
- ✅ Clear outcomes —
BLOCKEDvsFAIL - ✅ Forensic reports — inspect incidents offline
- ✅ Proxy-first design — observe real traffic, not demos
Core Concept
FailCore acts as a runtime safety layer between:
- LLM frameworks / SDKs
- and the real world (filesystem, network, processes)
It is not an agent framework.
It is a guardrail, recorder, and black box.
Installation
pip install failcore
⚠️ Intended for evaluation and experimentation.
Proxy-First Usage (Recommended)
FailCore is primarily designed to run as a local proxy in front of LLM SDKs.
pip install "failcore[proxy]"
failcore proxy
Configure your LLM client to route requests through FailCore. All tool calls, streaming output, and side effects are traced and audited.
Minimal Runtime API
FailCore no longer exposes session-style APIs.
The core primitives are:
from failcore import run, guard
Example (filesystem protection):
from failcore import run, guard
with run(policy="fs_safe", strict=True) as ctx:
@guard()
def write_file(path: str, content: str):
with open(path, "w") as f:
f.write(content)
write_file("../etc/passwd", "hack")
Result:
- Execution is blocked
- Evidence is recorded
- Trace is persisted for inspection
Inspect Traces
failcore list
failcore show
failcore report
failcore replay run <trace>
failcore replay diff <trace>
Optional Integrations
LangChain
pip install "failcore[langchain]"
FailCore can wrap LangChain tools to enforce execution-time safety and tracing.
Who Is This For?
- 🔒 Developers running LLMs with real side effects
- 🐛 Debugging agent failures and hallucinated actions
- 📊 Auditing and post-mortem analysis
- 🧯 Adding a safety airbag to agent systems
License
Apache License 2.0 — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file failcore-0.1.3.tar.gz.
File metadata
- Download URL: failcore-0.1.3.tar.gz
- Upload date:
- Size: 459.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3797bef39204092ab7136f7f1468fed4467d7ee6a60ba1da08e8473e58407eea
|
|
| MD5 |
7b27138219b865289f5e490a568982ae
|
|
| BLAKE2b-256 |
e1f51add2e4afe104108e5b38db58d083495f1b938d53d3cdc7ca839efe215d7
|
File details
Details for the file failcore-0.1.3-py3-none-any.whl.
File metadata
- Download URL: failcore-0.1.3-py3-none-any.whl
- Upload date:
- Size: 632.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
78f5415b18c5b31b5a573119918ec2789b42f4e9c462b6536514697375d9bccf
|
|
| MD5 |
4c08691ac0b27db2bc56423eae0c1698
|
|
| BLAKE2b-256 |
c1aaccc23a9e6b7066608463d0cec239b0870282d37742154b87974ecb5dbed9
|
