Skip to main content

Regulatory sensitivity detection for legal privilege, clinical PHI, and financial MNPI

Project description

ogentic-shield

Regulatory sensitivity detection for legal privilege, clinical PHI, and financial MNPI.

PyPI Python License

ogentic-shield classifies whether a piece of text — or a whole document — contains content that shouldn't leave a regulated boundary. Attorney-client privilege. HIPAA-protected clinical content. Material non-public financial information. The long tail of PII. It returns a structured AnalysisResult (score, category groups, detected entities, suggested routing) and can redact masked tokens back into plaintext after a round-trip through an external LLM.

Built for the legal, clinical, and financial AI workflows where the wrong default is "ship the prompt to OpenAI and hope."

Why this exists

On February 10, 2026, US v. Heppner (S.D.N.Y.) established that sending privileged content through a third-party AI tool can constitute waiver. The guardrail every regulated org now needs — classify before you call — didn't exist as an OSS primitive. Shield is that primitive.

Install

pip install ogentic-shield                # core (Layer 1 + 2)
pip install 'ogentic-shield[llm]'         # + Layer 3 (Ollama-backed disambiguation)
pip install 'ogentic-shield[mcp]'         # + MCP server (Claude Desktop / Goose / Cursor)
pip install 'ogentic-shield[server]'      # + FastAPI HTTP surface
pip install 'ogentic-shield[all]'         # everything

Layer 1 + 2 require the spaCy en_core_web_lg model: python -m spacy download en_core_web_lg

30-second example

from ogentic_shield import Shield

shield = Shield(profiles=["shield-legal"])

# Text-level analysis
result = shield.analyze(
    "Privileged attorney-client memo: do not disclose to opposing counsel."
)
print(result.score)                  # 0..100 sensitivity score
print(result.category_groups_found)  # {CategoryGroup.PRIVILEGE}
print(result.routing_suggestion)     # "local_only"

# Document-level redaction (v0.4.0+)
redacted = shield.redact_document("memo.txt")
print(redacted.redacted_text)        # entities replaced with deterministic tokens
print(redacted.mapping.tokens)       # token -> original, for round-trip after LLM

The full API — profiles, layers, calibration, redaction, async, MCP, HTTP server, document analysis — is documented on GitHub. See the README on GitHub for the complete reference.

What's in the box

  • Three-layer detection — fast regex (Layer 1) → spaCy NER (Layer 2) → optional local-LLM disambiguation (Layer 3). Each layer adds precision without surrendering recall.
  • Profile-drivenshield-legal, shield-finance, shield-healthcare, custom. Profiles define which categories to flag and at what threshold.
  • Documents APIShield.analyze_document() and Shield.redact_document() handle .txt / .md / .log today; PDF / DOCX / XLSX / EML / MSG / HTML on the roadmap.
  • Token-preserving redactionShield.redact() and the new Shield.redact_document() substitute entities with deterministic [Label_abc123] tokens. Pair with unredact_text() to restore originals after a round-trip through OpenAI / Anthropic / Ollama.
  • MCP serverogentic-shield --mcp exposes Shield as an MCP tool surface (shield.analyze, shield.profiles, shield.calibration). Claude Desktop, Goose, and Cursor all work out of the box.
  • Privacy-first — runs entirely in-process. No telemetry, no Ogentic-hosted infra. The audit row Shield emits is shape-only (hashes, scores, category names) — never the prompt text itself.

Part of a stack

ogentic-shield is the classification leg of the OgenticAI privacy-routing stack:

ogentic-shield  →  ogentic-router  →  ogentic-audit
   (classify)        (route)            (forensic log)

Together they form the open-source foundation for Sotto, OgenticAI's commercial product for regulated professionals.

Links

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ogentic_shield-0.4.0.tar.gz (256.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ogentic_shield-0.4.0-py3-none-any.whl (91.7 kB view details)

Uploaded Python 3

File details

Details for the file ogentic_shield-0.4.0.tar.gz.

File metadata

  • Download URL: ogentic_shield-0.4.0.tar.gz
  • Upload date:
  • Size: 256.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ogentic_shield-0.4.0.tar.gz
Algorithm Hash digest
SHA256 b37ee4d7feb51312e07f09408e44fc6009296b6021cc370c3acf862a360ed299
MD5 91f8b84c7ab403cc94642387e6db37b5
BLAKE2b-256 ff40955ff28fc582669fdd549c4e801721d631ca328b5e3ad30e0a5e17595f35

See more details on using hashes here.

File details

Details for the file ogentic_shield-0.4.0-py3-none-any.whl.

File metadata

  • Download URL: ogentic_shield-0.4.0-py3-none-any.whl
  • Upload date:
  • Size: 91.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ogentic_shield-0.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 2b9fc5d0f332de582f43cf8c613cda63263a5a1307d4c48d5ddd2611363d0197
MD5 242f71a779ea0e3e15f8bf03c0c4820c
BLAKE2b-256 7a1e53d675f43bf53f4f299c91bcbdefbb2f695e880bf1bfac77d1b12c70e442

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page