Skip to main content

Regulatory sensitivity detection for legal privilege, clinical PHI, and financial MNPI

Project description

ogentic-shield

Regulatory sensitivity detection for legal privilege, clinical PHI, and financial MNPI.

PyPI Python License

ogentic-shield classifies whether a piece of text — or a whole document — contains content that shouldn't leave a regulated boundary. Attorney-client privilege. HIPAA-protected clinical content. Material non-public financial information. The long tail of PII. It returns a structured AnalysisResult (score, category groups, detected entities, suggested routing) and can redact masked tokens back into plaintext after a round-trip through an external LLM.

Built for the legal, clinical, and financial AI workflows where the wrong default is "ship the prompt to OpenAI and hope."

Why this exists

On February 10, 2026, US v. Heppner (S.D.N.Y.) established that sending privileged content through a third-party AI tool can constitute waiver. The guardrail every regulated org now needs — classify before you call — didn't exist as an OSS primitive. Shield is that primitive.

Install

pip install ogentic-shield                # core (Layer 1 + 2)
pip install 'ogentic-shield[llm]'         # + Layer 3 (Ollama-backed disambiguation)
pip install 'ogentic-shield[mcp]'         # + MCP server (Claude Desktop / Goose / Cursor)
pip install 'ogentic-shield[server]'      # + FastAPI HTTP surface
pip install 'ogentic-shield[all]'         # everything

Layer 1 + 2 require the spaCy en_core_web_lg model: python -m spacy download en_core_web_lg

30-second example

from ogentic_shield import Shield

shield = Shield(profiles=["shield-legal"])

# Text-level analysis
result = shield.analyze(
    "Privileged attorney-client memo: do not disclose to opposing counsel."
)
print(result.score)                  # 0..100 sensitivity score
print(result.category_groups_found)  # {CategoryGroup.PRIVILEGE}
print(result.routing_suggestion)     # "local_only"

# Document-level redaction (v0.4.0+)
redacted = shield.redact_document("memo.txt")
print(redacted.redacted_text)        # entities replaced with deterministic tokens
print(redacted.mapping.tokens)       # token -> original, for round-trip after LLM

The full API — profiles, layers, calibration, redaction, async, MCP, HTTP server, document analysis — is documented on GitHub. See the README on GitHub for the complete reference.

What's in the box

  • Three-layer detection — fast regex (Layer 1) → spaCy NER (Layer 2) → optional local-LLM disambiguation (Layer 3). Each layer adds precision without surrendering recall.
  • Profile-drivenshield-legal, shield-finance, shield-healthcare, custom. Profiles define which categories to flag and at what threshold.
  • Documents APIShield.analyze_document() and Shield.redact_document() handle .txt / .md / .log today; PDF / DOCX / XLSX / EML / MSG / HTML on the roadmap.
  • Token-preserving redactionShield.redact() and the new Shield.redact_document() substitute entities with deterministic [Label_abc123] tokens. Pair with unredact_text() to restore originals after a round-trip through OpenAI / Anthropic / Ollama.
  • MCP serverogentic-shield --mcp exposes Shield as an MCP tool surface (shield.analyze, shield.profiles, shield.calibration). Claude Desktop, Goose, and Cursor all work out of the box.
  • Privacy-first — runs entirely in-process. No telemetry, no Ogentic-hosted infra. The audit row Shield emits is shape-only (hashes, scores, category names) — never the prompt text itself.

Part of a stack

ogentic-shield is the classification leg of the OgenticAI privacy-routing stack:

ogentic-shield  →  ogentic-router  →  ogentic-audit
   (classify)        (route)            (forensic log)

Together they form the open-source foundation for Sotto, OgenticAI's commercial product for regulated professionals.

Links

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ogentic_shield-0.5.0.tar.gz (271.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ogentic_shield-0.5.0-py3-none-any.whl (92.3 kB view details)

Uploaded Python 3

File details

Details for the file ogentic_shield-0.5.0.tar.gz.

File metadata

  • Download URL: ogentic_shield-0.5.0.tar.gz
  • Upload date:
  • Size: 271.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ogentic_shield-0.5.0.tar.gz
Algorithm Hash digest
SHA256 4800de9349f6519cdfe334183afa4a87a683f465acb18fcb618481b10cf87c57
MD5 06f7db37929591d85a43d6d473cf5cb5
BLAKE2b-256 a2ca502a633b9818fe4508ff42af6810e0c22fd479431c3921052774f026582c

See more details on using hashes here.

File details

Details for the file ogentic_shield-0.5.0-py3-none-any.whl.

File metadata

  • Download URL: ogentic_shield-0.5.0-py3-none-any.whl
  • Upload date:
  • Size: 92.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ogentic_shield-0.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 90a9293081df046773ccffe1a084bfade86a9c0774e95cc61a3e4a0592498532
MD5 72f01db229c9cb83b64c51719e0f0e70
BLAKE2b-256 7c9c3b5793020a80d1d964629cfdd8697e5467053b0b47b107b81e37b0834f61

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page