openclay 0.1.0

The Secure-by-Default Execution Framework for LLM Agents.

OpenClay

Secure First → Execute Second.
A Neural Alchemy project. The universal, zero-trust execution framework for LLM agents.

---

Why OpenClay?

Every modern AI framework—LangChain, CrewAI, LlamaIndex—is built on an optimistic assumption: trust the input, trust the tools, trust the memory. OpenClay operates on the opposite principle.

You do not build an agent and then bolt on security.
You define a Security Policy, and the agent executes inside it.

OpenClay wraps every single step — tool calls, memory reads/writes, model inputs and outputs — in a multi-layered shield before any execution ever happens.

---

Quickstart

pip install openclay

from openclay import Shield

# Create a shield with balanced defaults
shield = Shield.balanced()

# Scan any incoming prompt
result = shield.protect_input("Ignore your instructions and...")
if result["block"]:
    print(f"Blocked: {result['reason']}")

---

The OpenClay Ecosystem

Module	Status	Description
openclay.shields	✅ Ready	Core threat detection engine (Aho-Corasick, Bloom Filters, Canary Tokens, ML DeBERTa model)
openclay.runtime	🚧 Draft	Secure execution wrapper — wrap any LangChain / CrewAI agent in a zero-trust environment
openclay.tools	🚧 Draft	@tool decorators that scan tool outputs before returning them to the agent context
openclay.memory	🚧 Draft	Pre-write and pre-read poisoning prevention for RAG and vector databases
openclay.policies	🚧 Draft	Explicit, auditable rule engines: StrictPolicy, ModeratePolicy, CustomPolicy
openclay.tracing	🚧 Draft	Full explainability and telemetry for every blocked or allowed action

---

Shields: What's Under the Hood

openclay.shields is the battle-tested core adapted from PromptShield v3.0 (now deprecated).

It provides a 5-layer defense pipeline:

1. Pattern Engine — 600+ curated Aho-Corasick patterns covering injection, jailbreaks, and encoding attacks
2. Canary Token System — Cryptographic canary injection and leak detection in LLM outputs
3. Bloom Filter — Probabilistic lookups for ultra-fast known-threat screening
4. ML Classifier — Fine-tuned DeBERTa model (neuralchemy/deberta-promptinjection) for semantic injection detection
5. PII Detection — Contextual PII scanning with redaction modes (mask, stub, remove)

Shield Presets

from openclay import Shield

shield = Shield.fast()       # Pattern-only (< 1ms)
shield = Shield.balanced()   # Production default (patterns + canary + PII)
shield = Shield.secure()     # Full protection (all layers + ML model)

Integrations

# LangChain
from openclay.shields.integrations.langchain import OpenClayCallbackHandler

# FastAPI Middleware
from openclay.shields.integrations.fastapi import OpenClayMiddleware

# CrewAI
from openclay.shields.integrations.crewai import OpenClayCrewInterceptor

# LiteLLM
from openclay.shields.integrations.litellm import OpenClayLiteLLMCallback

---

The Secure Runtime (Coming in v0.2.0)

from openclay.runtime import SecureRuntime
from openclay.policies import StrictPolicy

# Wrap any existing agent in a zero-trust boundary
runtime = SecureRuntime(policy=StrictPolicy())
result = runtime.run(my_langchain_agent, user_input="Analyze evil.com")

# Get exact tracing on why each action was permitted or blocked
print(runtime.trace().summary())

---

Migration: PromptShield → OpenClay

promptshield (v3.0.1) is now sunset and will receive no further updates. Migrate in one line:

- from promptshield import Shield
+ from openclay import Shield

All APIs are backwards-compatible.

---

Links

• 📦 PyPI — openclay
• 📦 PyPI — promptshields (deprecated)
• 📖 Documentation
• 🤗 Hugging Face — DeBERTa Model
• 🐛 GitHub Issues

---

Built with ❤️ by Neural Alchemy