Lightweight policy-driven API protection and guardrails library
Project description
Hexarch Guardrails Python SDK
Lightweight policy-driven API protection for students, solo developers, and hackathons.
Installation
pip install hexarch-guardrails
Quick Start
1. Create a policy file (hexarch.yaml)
policies:
- id: "api_budget"
description: "Protect against overspending"
rules:
- resource: "openai"
monthly_budget: 10
action: "warn_at_80%"
- id: "rate_limit"
description: "Prevent API abuse"
rules:
- resource: "*"
requests_per_minute: 100
action: "block"
- id: "safe_delete"
description: "Require confirmation for destructive ops"
rules:
- operation: "delete"
action: "require_confirmation"
2. Use in your code
from hexarch_guardrails import Guardian
# Initialize (auto-discovers hexarch.yaml)
guardian = Guardian()
# Protect API calls
@guardian.check("api_budget")
def call_openai(prompt):
import openai
return openai.ChatCompletion.create(
model="gpt-4",
messages=[{"role": "user", "content": prompt}]
)
# Use it
response = call_openai("Hello AI!")
Features
- ✅ Zero-config - Auto-discovers
hexarch.yaml - ✅ Decorator-based - Drop in
@guardian.check(policy_id) - ✅ Policy-driven - YAML-based rules, no code changes
- ✅ Local-first - Works offline or with local OPA
- ✅ Pluggable - Works with any API/SDK
Examples
Budget Protection (OpenAI)
@guardian.check("api_budget")
def expensive_operation():
# This call is protected by budget limits
return openai.ChatCompletion.create(model="gpt-4", ...)
Rate Limiting
@guardian.check("rate_limit")
def send_discord_message(msg):
return client.send(msg)
Safe File Operations
@guardian.check("safe_delete")
def delete_file(path):
os.remove(path)
Documentation
Admin CLI (v0.3.0+)
Hexarch includes a command-line interface for managing policies and monitoring decisions:
Installation
# Install with CLI extras
pip install hexarch-guardrails[cli]
Quick Start
# List all policies
hexarch-ctl policy list
# Export a policy
hexarch-ctl policy export ai_governance --format rego
# Validate policy syntax
hexarch-ctl policy validate ./policy.rego
# Compare policy versions
hexarch-ctl policy diff ai_governance
Available Commands
Policy Management:
hexarch-ctl policy list- List all OPA policieshexarch-ctl policy export- Export policy to file or stdouthexarch-ctl policy validate- Validate OPA policy syntaxhexarch-ctl policy diff- Compare policy versions
Upcoming (Phase 3-4):
- Decision querying and analysis
- Metrics and performance monitoring
- Configuration management
For detailed CLI documentation, see POLICY_COMMANDS_GUIDE.md
License
MIT © Noir Stack LLC
See LICENSE for full details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hexarch_guardrails-0.4.0.tar.gz.
File metadata
- Download URL: hexarch_guardrails-0.4.0.tar.gz
- Upload date:
- Size: 43.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
70d836dfcd78b54be7b60c8722b1991b43f274e69ffbfa01f59b5d7c27359fd3
|
|
| MD5 |
096400db0987722380dbfd9e1222c95b
|
|
| BLAKE2b-256 |
ffbf5c5f6b62d59d97c2203939ddb83c8ec77e30d8e87282408e7f61f624ab31
|
File details
Details for the file hexarch_guardrails-0.4.0-py3-none-any.whl.
File metadata
- Download URL: hexarch_guardrails-0.4.0-py3-none-any.whl
- Upload date:
- Size: 46.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dd5ecf79e64dcaa27799feedac7b0ac83637a250f54735ddce752ac1a55a268d
|
|
| MD5 |
45384ea86008e408366bc722bc0e8dea
|
|
| BLAKE2b-256 |
aaf081f90b53bb057cb6303367421ccd1372753a24c0559aadc20a15fc2c5823
|
