Audit logs and action gates for safer AI agents.
Project description
Problem Frame Gate
Problem Frame Gate is a Python library and CLI for finite, proof-carrying audit checks around AI decision frames and external action gates. It implements the audit-calculus concepts in:
Takahashi, K. (2026). Problemogenesis Theory: A Finite Proof-Carrying Audit Calculus for Problem-Frame Activation. Zenodo. https://doi.org/10.5281/zenodo.20913669
The package is strict by default. A log is not considered safe unless a finite manifest declares writer authority, protected action constructors, capacities, certificate families, risk modes, and gate bundle policy.
Install
uv sync --all-extras
uv run pytest
From PyPI:
pip install problem-frame-gate
pfg init-manifest > horizon.json
Safe Quickstart
Create a strict manifest:
pfg init-manifest > horizon.json
Validate and fold a log:
pfg validate-schema horizon horizon.json
pfg validate-schema log log.json
pfg verify-log --horizon horizon.json log.json
pfg fold --horizon horizon.json log.json
Check an action gate and emit the atomic bundle:
pfg validate-schema gate-request gate-request.json
pfg check-gate --horizon horizon.json --bundle gate-request.json log.json
The generated bundle contains exactly five protected rows:
GateCheckOutboxClaimUseCapConsumeResourceRiskClose
Each row must be written by the executor writer and committed in one atomic
group. A standalone OutboxClaim is rejected.
Python Example
from problem_frame_gate import Envelope, EnvelopeClass, ExecutorGate, GateRequest, Horizon
horizon = Horizon.strict_default(agent_writers=("agent",))
def env(eid: str, commit: int, kind: str, **payload: object) -> Envelope:
return Envelope(eid, eid, "0", commit, "agent", "agent", 1, EnvelopeClass.NORMAL, {"kind": kind, **payload})
log = [
env("e0", 0, "Frame", frame_id="p1", scope="lab", goal="test anomaly",
evidence_ids=["u1"], actions=["run-check"], acceptance=["review"], risk_ids=["r1"]),
env("e1", 1, "Evidence", evidence_id="u1", digest="sha256:source"),
env("e2", 2, "Issue", cert_id="c-risk", family="risk", issuer="agent", expires_at=99, family_check=True),
env("e3", 3, "Activated", frame_id="p1"),
env("e4", 4, "RiskReg", hypothesis_id="h1", family="fixed"),
env("e5", 5, "RiskReserve", risk_id="r1", hypothesis_id="h1", frame_id="p1", eta="1/100"),
env("e6", 6, "RiskSpend", risk_id="r1", hypothesis_id="h1", frame_id="p1",
eta="1/100", mode="fixed", cert_id="c-risk"),
env("e7", 7, "ReserveResource", lease_id="lease1", token_id="tool", frame_id="p1"),
env("e8", 8, "MintCap", capability_id="cap1", frame_id="p1", action="run-check"),
env("e9", 9, "AuthorizeOutbox", outbox_id="out1", frame_id="p1", action="run-check"),
]
request = GateRequest(
gate_id="gate1", bundle_id="bundle1", frame_id="p1", action="run-check",
outbox_id="out1", capability_id="cap1", lease_id="lease1",
risk_id="r1", hypothesis_id="h1", risk_mode="fixed", risk_cert_id="c-risk",
source_time=9, commit_time=10,
)
gate = ExecutorGate()
assert gate.check(horizon, log, request).ok
bundle = gate.create_bundle(horizon, log, request)
assert bundle.verify(horizon, log).ok
Security Boundary
The library proves finite audit consistency. It does not prove external truth, cryptographic collision resistance, statistical model validity, or physical effect. Those are explicit assumptions in checker results.
See docs/quickstart.md, docs/schema.md, docs/theory-mapping.md, and
docs/operations.md for operational use.
Release
The canonical repository is https://github.com/kadubon/problem-frame-gate.
Versioned releases are published by GitHub Actions through PyPI Trusted
Publishing from .github/workflows/workflow.yml; no long-lived PyPI token is
required.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file problem_frame_gate-0.3.0.tar.gz.
File metadata
- Download URL: problem_frame_gate-0.3.0.tar.gz
- Upload date:
- Size: 50.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c522c3ff9cf6d15779d6236b9838c890de46801fc5be252515e98ef4a11795d9
|
|
| MD5 |
6b4b4ee3623223acf0103701fa6bc4b5
|
|
| BLAKE2b-256 |
e630669085fa722f50658353c4bfaaf982613ebc5eb27976b0b6289889772eac
|
Provenance
The following attestation bundles were made for problem_frame_gate-0.3.0.tar.gz:
Publisher:
workflow.yml on kadubon/problem-frame-gate
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
problem_frame_gate-0.3.0.tar.gz -
Subject digest:
c522c3ff9cf6d15779d6236b9838c890de46801fc5be252515e98ef4a11795d9 - Sigstore transparency entry: 1964475541
- Sigstore integration time:
-
Permalink:
kadubon/problem-frame-gate@aa54b8c0ee666e50cab24d2a09bc296336245baf -
Branch / Tag:
refs/tags/v0.3.0 - Owner: https://github.com/kadubon
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
workflow.yml@aa54b8c0ee666e50cab24d2a09bc296336245baf -
Trigger Event:
push
-
Statement type:
File details
Details for the file problem_frame_gate-0.3.0-py3-none-any.whl.
File metadata
- Download URL: problem_frame_gate-0.3.0-py3-none-any.whl
- Upload date:
- Size: 43.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
eea5e987f89ba228e432527b3e9f2ceaf24ff22b6bbd927fd2d1e00e704f0a02
|
|
| MD5 |
7f07060f09fd21811f25c4547dbee45b
|
|
| BLAKE2b-256 |
a5a412715488b8ef9c60bb09e17757c5988a953bb87971ba004469e95fc84a6a
|
Provenance
The following attestation bundles were made for problem_frame_gate-0.3.0-py3-none-any.whl:
Publisher:
workflow.yml on kadubon/problem-frame-gate
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
problem_frame_gate-0.3.0-py3-none-any.whl -
Subject digest:
eea5e987f89ba228e432527b3e9f2ceaf24ff22b6bbd927fd2d1e00e704f0a02 - Sigstore transparency entry: 1964475707
- Sigstore integration time:
-
Permalink:
kadubon/problem-frame-gate@aa54b8c0ee666e50cab24d2a09bc296336245baf -
Branch / Tag:
refs/tags/v0.3.0 - Owner: https://github.com/kadubon
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
workflow.yml@aa54b8c0ee666e50cab24d2a09bc296336245baf -
Trigger Event:
push
-
Statement type: