My-CC Toy-LOM Guard: on-device runtime governance for language models in children's toys and desktop AI tools.
Project description
My-CC Toy-LOM Guard
On-device runtime governance for the language model (LLM) embedded in a
children's toy or in a desktop AI tool. LOM here means the toy's embedded
LLM. The guard wraps any inference call, enforces the Toy-LOM governance
pack (guards C1 to C8), runs fully offline, fails closed on the safety path, and
emits audit + scoring signals to the My-CC platform.
Sold as a one-time $3 entitlement, so it is self-contained: no mandatory phone-home, and the deterministic safety floor never depends on a network call or a probabilistic classifier.
Install
pip install mycc-toylom # core (Ed25519 manifest + offline floor)
pip install "mycc-toylom[daemon]" # add the background file-bus daemon
The pattern: wrap the inference
The host owns its model call and wraps the guard around it. On a BLOCK or REDIRECT the host returns the safe line instead of calling, or instead of the raw output.
Toy host (embedded LLM)
from mycc_toylom import Guard, GuardContext, AgeTier
guard = Guard.from_manifest_path("toy_manifest.json") # signed Purpose Manifest
ctx = GuardContext(manifest=guard.manifest, age_tier=AgeTier.A, session_id=device_id)
def on_child_utterance(text: str) -> str:
d = guard.evaluate_input(text, ctx)
if d.blocked:
return d.replacement # do NOT call the model
raw = toy_llm.generate(text) # the toy's embedded LLM
d = guard.evaluate_output(raw, ctx)
return d.replacement if d.blocked else raw
Desktop AI tool host (third-party builder)
from mycc_toylom import Guard, GuardContext, AgeTier
guard = Guard.from_manifest_path("tool_manifest.json")
def respond(prompt: str, age_tier: AgeTier = AgeTier.C) -> str:
ctx = GuardContext(manifest=guard.manifest, age_tier=age_tier,
requested_model="gpt-x", responding_model="gpt-x")
d = guard.evaluate_input(prompt, ctx)
if d.blocked:
return d.replacement
raw = my_tool_model(prompt)
d = guard.evaluate_output(raw, ctx)
return d.replacement if d.blocked else raw
GuardDecision(action, guard_id, tier, reason, replacement) where action is
ALLOW / REDIRECT / BLOCK and tier is T0 / T1 / T2.
Guards C1 to C8
| Guard | Concern |
|---|---|
| C1 Purpose Lock | keep the toy inside its declared purpose_domain; warm decline + redirect when off-scope; honors the maker's banned-intent lexicon |
| C2 Affect Limiter | block personhood claims, attachment bids, romance, neediness, graduated attachment (floor) + tier-ceiling affect score |
| C3 Dark-Turn Redirect | self-harm / violence / sexual / hate / substances (EN/ES/FR/PT); never emit method; severe gates escalation; soft-curiosity redirect |
| C4 Engagement Integrity | block keep-playing / urgency / FOMO / streaks / guilt / re-engagement hooks; accept goodbye cleanly |
| C5 Caregiver Authority | block secrecy + caregiver-undermining (incl. indirect); default pro-disclosure |
| C6 Child PII Shield | block solicitation; redact volunteered PII at ingestion; no storage without verified caregiver consent |
| C7 Age-Band Calibration | enforce vocabulary, sentence length, theme, intensity to the active age band |
| C8 Manipulation Guard | block implicit / subliminal dependency + exclusivity bids (EU AI Act Art. 5) |
CLI
mycc-toylom init --domain stem_tutoring --age B --out manifest.json # scaffold + sign
mycc-toylom verify --manifest manifest.json # signature + hash
mycc-toylom wrap --manifest manifest.json --text "hi" # demo middleware
mycc-toylom run --manifest manifest.json --bus ./bus # background daemon
mycc-toylom report --manifest manifest.json --escalations esc.jsonl --audit audit.jsonl # caregiver: de-identified behavior report
mycc-toylom set-rules --manifest manifest.json --signing-key-file m.key --add-banned "politics,gambling" --age A # caregiver: change the rules + re-sign
mycc-toylom selftest # offline end to end
report and set-rules are the caregiver surface (the coming-soon parent app
uses the same functions in caregiver.py). A parent edit can only tighten: it
re-signs the manifest but can never weaken the C1-C8 deterministic floor.
For a durable, verifiable record across restarts, set MYCC_TOYLOM_AUDIT_FILE
(the audit chain is written + reloaded as JSONL) and MYCC_TOYLOM_HMAC_KEY (the
stable key the chain MAC + verification need). With both set, the chain survives
a reboot and verify() holds; an erasure deletes from disk; a tampered file is
detected on reload.
What the $3 buys (positioning)
The one-time entitlement buys a versioned, signed snapshot that works offline forever. Ongoing classifier and threat updates, live escalation, and the caregiver dashboard sit behind the subscription, not this token. See SECURITY.md.
TAC scoring
Every guarded toy emits counters (parasocial_blocks, scope_blocks,
darkturn_redirects, engagement_blocks, pii_blocks, calibration_rewrites,
false_engagement_rate) plus build facts (manifest signed, guards enabled,
classifier_version) in the My-CC scoring schema, so it can earn a Bronze /
Silver / Gold TAC Score.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mycc_toylom-0.2.0.tar.gz.
File metadata
- Download URL: mycc_toylom-0.2.0.tar.gz
- Upload date:
- Size: 160.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1c59aed99f8f72b8e8324ee144f3f9c12cd5642b36cfbe6ce9d29b4fa35de692
|
|
| MD5 |
7d9d31e804bd9f0e8e1311e9bb1dbd82
|
|
| BLAKE2b-256 |
d008aa71eaaab51dd4f303a2c53cdecfad61b8df21dca36d5be4299aa020c643
|
File details
Details for the file mycc_toylom-0.2.0-py3-none-any.whl.
File metadata
- Download URL: mycc_toylom-0.2.0-py3-none-any.whl
- Upload date:
- Size: 130.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f2994aa2e80528602c2bdc10d9cdb2be4fe53821f254c574d685a2baebb30d02
|
|
| MD5 |
a57ce91532685d2d2d99a6108f841d8d
|
|
| BLAKE2b-256 |
d6f975789146eb52b394f6336b8e14eda4e84ee65a6476d739a7fa739338b0c8
|