Skip to main content

Runtime AI governance SDK — intercept, evaluate, and enforce compliance policies on LLM and agent tool calls.

Project description



Overrule

Don't ship AI you can't govern.

Runtime policy enforcement for LLM applications.
One SDK. Every call intercepted. Full audit trail. EU AI Act ready.


PyPI Python Tests License GitHub


Get Started   |   Why Overrule   |   Docs   |   Website



Get Started

pip install overrule[openai]        # OpenAI only
pip install overrule[anthropic]     # Anthropic only
pip install overrule[all]           # Both providers
from overrule import Guard

async with Guard() as guard:
    response = await guard.chat(
        model="gpt-4o",
        messages=[{"role": "user", "content": user_input}],
        policies=["pii-detection", "injection-detection"],
    )

That's it. Every call is now scanned for PII and injection attacks, violations are blocked before reaching users, and a structured event is shipped to your audit trail.


Why

Without Overrule

❌  PII leaks to model providers
❌  No record of what AI decided
❌  Injection attacks reach production
❌  "Trust us" during compliance audits
❌  Governance = a Notion doc

With Overrule

✓  PII intercepted at runtime
✓  Every interaction logged + auditable
✓  8 injection patterns blocked
✓  Structured proof for regulators
✓  Governance = enforced code

How It Works

Your App ──▶ Guard ──▶ Policy Engine ──▶ LLM Provider
                            │                   │
                            │                   ▼
                        BLOCK / LOG        Response
                            │                   │
                            ▼                   ▼
                     Violation raised     Event shipped (async)
                                                │
                                                ▼
                                        Cloud Dashboard

Zero latency on the hot path. Policies evaluate locally in <1ms. Telemetry ships asynchronously in the background. Your application never waits on governance.


Features

Governance

  • Intercept + evaluate every LLM input and output
  • Block, log, or pass based on policy outcome
  • Structured violation events with full context

Policies

  • pii-detection — credit cards, SSN, email, phone, IBAN, passport, IPv4
  • injection-detection — 8 prompt injection + 5 SQL injection patterns
  • Custom policies via BasePolicy — ship your own in minutes

Production-grade resilience

  • Fail-open by default — SDK errors never crash your application
  • Circuit breaker (opens after 5 failures, 30s cooldown)
  • Bounded buffer (10K events max), graceful shutdown flush
  • Exponential backoff with jitter on transport failures

Compliance

  • Maps directly to EU AI Act Articles 13, 14, 15
  • Exportable telemetry for auditors
  • Enforcement begins August 2, 2026 — fines up to €35M / 7% revenue

More Examples

Protect any function with a decorator
from overrule import Guard, PolicyAction

guard = Guard()

@guard.protect(policies=["injection-detection"], action=PolicyAction.BLOCK)
async def query_database(sql: str) -> str:
    return await db.execute(sql)
Synchronous API
from overrule import SyncGuard

with SyncGuard() as guard:
    response = guard.chat(model="gpt-4o", messages=messages)
Standalone evaluation (no LLM call)
result = await guard.evaluate("My SSN is 123-45-6789", policies=["pii-detection"])

result.passed       # False
result.violations   # [Violation(policy_id="pii-detection", pattern="ssn", ...)]
Multi-provider support
# OpenAI
await guard.chat(model="gpt-4o", messages=[...], provider="openai")

# Anthropic
await guard.chat(model="claude-sonnet-4-20250514", messages=[...], provider="anthropic")

Same governance. Same audit trail. Swap providers without touching policy logic.

Custom policy
from overrule.policies.base import BasePolicy, PolicyResult
from overrule.models.violation import Violation

class TopicRestriction(BasePolicy):
    policy_id = "topic-restriction"

    def evaluate(self, content: str, *, direction: str = "input") -> PolicyResult:
        if "medical advice" in content.lower():
            return PolicyResult(
                passed=False,
                violations=[Violation(
                    policy_id=self.policy_id,
                    severity="high",
                    description="Medical advice is restricted",
                )],
            )
        return PolicyResult(passed=True, violations=[])

guard.register_policy(TopicRestriction)
Configuration
OVERRULE_API_KEY=sk_ovr_xxxxx
OVERRULE_ENDPOINT=https://overrule.dev/api/v1
OVERRULE_ENVIRONMENT=production
OVERRULE_FAIL_OPEN=true
OVERRULE_BATCH_SIZE=50
OVERRULE_FLUSH_INTERVAL=5.0

Or programmatic:

guard = Guard(config=GuardConfig.from_env(api_key="sk_ovr_xxxxx", fail_open=True))

Performance

Policy evaluation <1ms
Network calls on hot path 0
Buffer capacity 10,000 events
Test suite 78 tests passing
Python 3.10 · 3.11 · 3.12 · 3.13 · 3.14

Security

  • API keys are never exposed in repr(), str(), or serialized output
  • PII redaction shows only last 4 characters (no BIN/prefix leakage)
  • Content truncation emits a warning when policy evaluation is partial
  • Config values are bounds-validated (batch_size, flush_interval, etc.)
  • PEP 561 compliant (py.typed marker for downstream type checking)
  • Fail-open design ensures SDK errors never crash your application

Roadmap

  • Core Guard with fail-open architecture
  • PII + Injection detection policies
  • Async + Sync APIs
  • Multi-provider (OpenAI + Anthropic)
  • Custom policy engine
  • Cloud dashboard with real-time enforcement data
  • Event ingestion API (POST /api/v1/events)
  • Streaming interception
  • LangChain / CrewAI / OpenAI Agents SDK integrations
  • Rust core for <100μs evaluation

Development

git clone https://github.com/overruledev/overrule-python.git && cd overrule-python
pip install -e ".[dev]"
pytest && ruff check . && mypy overrule/

License

MIT



overrule.dev

Built for teams shipping AI to production.



Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

overrule-0.1.0.tar.gz (28.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

overrule-0.1.0-py3-none-any.whl (25.4 kB view details)

Uploaded Python 3

File details

Details for the file overrule-0.1.0.tar.gz.

File metadata

  • Download URL: overrule-0.1.0.tar.gz
  • Upload date:
  • Size: 28.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.4

File hashes

Hashes for overrule-0.1.0.tar.gz
Algorithm Hash digest
SHA256 0312a5150af5c138f31b85196b5953bc819654105b647fd338924142e6c8d7ae
MD5 7041f8a84ad1631e6af395e3a7ebc97d
BLAKE2b-256 6cf8fe28969c6559a335cf06c561651f146281046788d63cc8afca413f9499e3

See more details on using hashes here.

File details

Details for the file overrule-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: overrule-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 25.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.4

File hashes

Hashes for overrule-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 f84aae1a91b64cff3c1269e22953edad172fa45487f70d4d0c458eccb1261203
MD5 23556e0ce980fa63563e00035a1f2fba
BLAKE2b-256 b882bee3fa23c7ad6b1605bce5bb899600594573031520aaa561438083be198a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page