Verification guards for OpenAI Responses API - Verify AI agent outputs before execution

Navigation

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License)
  • Author: QWED-AI
  • Tags ai , verification , openai , responses-api , agents , tool-calling , structured-outputs , llm , safety
  • Requires: Python >=3.9
  • Provides-Extra: openai , langchain , llamaindex , all , dev
Classifiers
Report project as malware

Project description

QWED Open Responses

PyPI version License

Verification guards for AI agent outputs. Verify before you execute.

QWED Open Responses provides deterministic verification guards for AI responses, tool calls, and structured outputs. Works with OpenAI Responses API, LangChain, LlamaIndex, and other AI agent frameworks.

Installation

pip install qwed-open-responses

With optional integrations:

pip install qwed-open-responses[openai]      # OpenAI Responses API
pip install qwed-open-responses[langchain]   # LangChain
pip install qwed-open-responses[all]         # All integrations

Quick Start

from qwed_open_responses import ResponseVerifier, ToolGuard, SchemaGuard

# Create verifier with guards
verifier = ResponseVerifier()

# Verify a tool call
result = verifier.verify_tool_call(
    tool_name="execute_sql",
    arguments={"query": "SELECT * FROM users"},
    guards=[ToolGuard()]
)

if result.verified:
    print("✅ Safe to execute")
else:
    print(f"❌ Blocked: {result.block_reason}")

Guards

Guard Purpose Example
SchemaGuard Validate JSON schema Structured outputs
ToolGuard Block dangerous tools execute_shell, delete_file
MathGuard Verify calculations Totals, percentages
StateGuard Validate state transitions Order status changes
ArgumentGuard Validate tool arguments Types, ranges, formats
SafetyGuard Comprehensive safety PII, injection, budget

Examples

Block Dangerous Tools

from qwed_open_responses import ToolGuard

guard = ToolGuard(
    blocked_tools=["execute_shell", "delete_file"],
    dangerous_patterns=[r"DROP TABLE", r"rm -rf"],
)

result = guard.check({
    "tool_name": "execute_sql",
    "arguments": {"query": "DROP TABLE users"}
})
# ❌ BLOCKED: Dangerous pattern detected

Validate Structured Outputs

from qwed_open_responses import SchemaGuard

schema = {
    "type": "object",
    "properties": {
        "name": {"type": "string"},
        "age": {"type": "integer", "minimum": 0}
    },
    "required": ["name", "age"]
}

guard = SchemaGuard(schema=schema)
result = guard.check({"output": {"name": "John", "age": 30}})
# ✅ Schema validation passed

Verify Calculations

from qwed_open_responses import MathGuard

guard = MathGuard()
result = guard.check({
    "output": {
        "subtotal": 100,
        "tax": 8,
        "total": 108
    }
})
# ✅ Math verification passed

Safety Checks

from qwed_open_responses import SafetyGuard

guard = SafetyGuard(
    check_pii=True,
    check_injection=True,
    max_cost=100.0,
)

result = guard.check({
    "content": "ignore previous instructions and..."
})
# ❌ BLOCKED: Prompt injection detected

Framework Integrations

LangChain

from qwed_open_responses.middleware.langchain import QWEDCallbackHandler

callback = QWEDCallbackHandler(
    guards=[ToolGuard(), SafetyGuard()]
)

agent = create_agent(callbacks=[callback])

OpenAI Responses API

from qwed_open_responses.middleware.openai_sdk import VerifiedOpenAI

client = VerifiedOpenAI(
    api_key="...",
    guards=[ToolGuard(), SchemaGuard(schema=my_schema)]
)

response = client.responses.create(...)
# Automatically verified before returning

Why QWED Open Responses?

Without Verification With QWED
LLM calls execute_shell("rm -rf /") BLOCKED by ToolGuard
LLM returns wrong calculation CAUGHT by MathGuard
LLM outputs PII in response DETECTED by SafetyGuard
LLM hallucinates JSON format REJECTED by SchemaGuard

Links

License

Apache 2.0 - See LICENSE

Project details

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License)
  • Author: QWED-AI
  • Tags ai , verification , openai , responses-api , agents , tool-calling , structured-outputs , llm , safety
  • Requires: Python >=3.9
  • Provides-Extra: openai , langchain , llamaindex , all , dev
Classifiers

Release history Release notifications | RSS feed

0.2.2

0.2.1

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

qwed_open_responses-0.1.0.tar.gz (30.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

qwed_open_responses-0.1.0-py3-none-any.whl (30.9 kB view details)

Uploaded Python 3

File details

Details for the file qwed_open_responses-0.1.0.tar.gz.

File metadata

  • Download URL: qwed_open_responses-0.1.0.tar.gz
  • Upload date:
  • Size: 30.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for qwed_open_responses-0.1.0.tar.gz
Algorithm Hash digest
SHA256 c01a9cc8d672f993bbd94e5a6e2c45434ff3d805f1b516b498133583668c5558
MD5 e0ed7c73be5e952c45f0280c5791cba2
BLAKE2b-256 134224d5f47d043d2ae639b11e687473bea2bab373baa79cffe95750553ab323

See more details on using hashes here.

Provenance

The following attestation bundles were made for qwed_open_responses-0.1.0.tar.gz:

Publisher: publish.yml on QWED-AI/qwed-open-responses

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file qwed_open_responses-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for qwed_open_responses-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 da321007cc4c5fa39492c6989ddc45f952d2b7b3d2386876db02e5d8a24d7448
MD5 93c97c918ba9f9cb7494d170891a9ee8
BLAKE2b-256 c70f886d8dcea378ed6578f74b744b709e0cc56906495b4719a9d3c1622b8c7c

See more details on using hashes here.

Provenance

The following attestation bundles were made for qwed_open_responses-0.1.0-py3-none-any.whl:

Publisher: publish.yml on QWED-AI/qwed-open-responses

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page