Portable specification for AI agent security rules
Project description
hushspec
Portable specification types for AI agent security rules.
hushspec is the Python SDK for the HushSpec open policy format. Parse, validate, evaluate, and enforce security rules for AI agent runtimes.
Installation
pip install hushspec
Requires Python 3.10+.
Quick Start
from hushspec import parse_or_raise, validate, evaluate
policy = parse_or_raise("""
hushspec: "0.1.0"
name: my-policy
rules:
egress:
allow: ["api.github.com"]
block: []
default: block
""")
# Validate
result = validate(policy)
assert result.is_valid
# Evaluate an action
decision = evaluate(policy, {"type": "egress", "target": "api.github.com"})
assert decision.decision == "allow"
HushGuard Middleware
HushGuard wraps policy loading and evaluation behind a simple interface.
from hushspec import HushGuard
guard = HushGuard.from_file("./policy.yaml")
# Check without raising
result = guard.check({"type": "tool_call", "target": "bash"})
if result.decision == "deny":
print(f"Blocked: {result.reason}")
# Or enforce (raises HushSpecDenied on deny)
guard.enforce({"type": "egress", "target": "api.openai.com"})
Features
Evaluation
from hushspec import parse_or_raise, evaluate
spec = parse_or_raise(policy_yaml)
result = evaluate(spec, {"type": "egress", "target": "evil.example.com"})
# result.decision: "allow" | "warn" | "deny"
# result.matched_rule: "rules.egress.default"
Audit Trail
from hushspec import parse_or_raise, evaluate_audited
receipt = evaluate_audited(spec, action, {
"enabled": True,
"include_rule_trace": True,
"redact_content": False,
})
# receipt.decision, receipt.rule_evaluations, receipt.policy_summary
Detection Pipeline
Plug prompt injection, jailbreak, and exfiltration checks into the evaluation flow.
from hushspec import evaluate_with_detection, DetectorRegistry
registry = DetectorRegistry.with_defaults()
result = evaluate_with_detection(spec, action, registry, {
"enabled": True,
"prompt_injection_threshold": 0.5,
})
Receipt Sinks
Route decision receipts to files, stderr, or custom callbacks.
from hushspec import FileReceiptSink, FilteredSink, MultiSink
sink = MultiSink([
FileReceiptSink("/var/log/hushspec-receipts.jsonl"),
FilteredSink(stderr_sink, lambda r: r.decision == "deny"),
])
Panic Mode
from hushspec import activate_panic, deactivate_panic, is_panic_active
activate_panic()
# All evaluate() calls now return deny
deactivate_panic()
CLI
The h2h CLI tool provides validate, lint, test, diff, format, sign, and more:
cargo install hushspec-cli
h2h validate policy.yaml
h2h lint policy.yaml
License
Apache-2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hushspec-0.1.1.tar.gz.
File metadata
- Download URL: hushspec-0.1.1.tar.gz
- Upload date:
- Size: 59.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
44ca39cf4e6ceb39e45c88b412dccee2e91654885e53d23c85e58cbcc8466a19
|
|
| MD5 |
425227463d4a3f4af1311aac4b5ebf24
|
|
| BLAKE2b-256 |
4a3e84acfea6bc7c4731e62ded8531b8dab41536c5f2522c970d98aecd6f794c
|
File details
Details for the file hushspec-0.1.1-py3-none-any.whl.
File metadata
- Download URL: hushspec-0.1.1-py3-none-any.whl
- Upload date:
- Size: 46.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b4f3621d02aebbd9e082dd69f7aab497b9142969f6042a5ded4043408315056b
|
|
| MD5 |
a6998efb06017634f4351368761ba61b
|
|
| BLAKE2b-256 |
7ffc0740f5a385d30ec9f5c0f19cf77e9915ddcfe5c0c2eb872ac60f1c8f6b24
|
