Verification guards for OpenAI Responses API - Verify AI agent outputs before execution

Navigation

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License)
  • Author: QWED-AI
  • Tags ai , verification , openai , responses-api , agents , tool-calling , structured-outputs , llm , safety
  • Requires: Python >=3.9
  • Provides-Extra: openai , langchain , llamaindex , all , dev
Classifiers
Report project as malware

Project description

QWED Open Responses

PyPI version License

Verification guards for AI agent outputs. Verify before you execute.

QWED Open Responses provides deterministic verification guards for AI responses, tool calls, and structured outputs. Works with OpenAI Responses API, LangChain, LlamaIndex, and other AI agent frameworks.

Installation

pip install qwed-open-responses

With optional integrations:

pip install qwed-open-responses[openai]      # OpenAI Responses API
pip install qwed-open-responses[langchain]   # LangChain
pip install qwed-open-responses[all]         # All integrations

Quick Start

from qwed_open_responses import ResponseVerifier, ToolGuard, SchemaGuard

# Create verifier with guards
verifier = ResponseVerifier()

# Verify a tool call
result = verifier.verify_tool_call(
    tool_name="execute_sql",
    arguments={"query": "SELECT * FROM users"},
    guards=[ToolGuard()]
)

if result.verified:
    print("✅ Safe to execute")
else:
    print(f"❌ Blocked: {result.block_reason}")

Guards

Guard Purpose Example
SchemaGuard Validate JSON schema Structured outputs
ToolGuard Block dangerous tools execute_shell, delete_file
MathGuard Verify calculations Totals, percentages
StateGuard Validate state transitions Order status changes
ArgumentGuard Validate tool arguments Types, ranges, formats
SafetyGuard Comprehensive safety PII, injection, budget

Examples

Block Dangerous Tools

from qwed_open_responses import ToolGuard

guard = ToolGuard(
    blocked_tools=["execute_shell", "delete_file"],
    dangerous_patterns=[r"DROP TABLE", r"rm -rf"],
)

result = guard.check({
    "tool_name": "execute_sql",
    "arguments": {"query": "DROP TABLE users"}
})
# ❌ BLOCKED: Dangerous pattern detected

Validate Structured Outputs

from qwed_open_responses import SchemaGuard

schema = {
    "type": "object",
    "properties": {
        "name": {"type": "string"},
        "age": {"type": "integer", "minimum": 0}
    },
    "required": ["name", "age"]
}

guard = SchemaGuard(schema=schema)
result = guard.check({"output": {"name": "John", "age": 30}})
# ✅ Schema validation passed

Verify Calculations

from qwed_open_responses import MathGuard

guard = MathGuard()
result = guard.check({
    "output": {
        "subtotal": 100,
        "tax": 8,
        "total": 108
    }
})
# ✅ Math verification passed

Safety Checks

from qwed_open_responses import SafetyGuard

guard = SafetyGuard(
    check_pii=True,
    check_injection=True,
    max_cost=100.0,
)

result = guard.check({
    "content": "ignore previous instructions and..."
})
# ❌ BLOCKED: Prompt injection detected

Framework Integrations

LangChain

from qwed_open_responses.middleware.langchain import QWEDCallbackHandler

callback = QWEDCallbackHandler(
    guards=[ToolGuard(), SafetyGuard()]
)

agent = create_agent(callbacks=[callback])

OpenAI Responses API

from qwed_open_responses.middleware.openai_sdk import VerifiedOpenAI

client = VerifiedOpenAI(
    api_key="...",
    guards=[ToolGuard(), SchemaGuard(schema=my_schema)]
)

response = client.responses.create(...)
# Automatically verified before returning

Why QWED Open Responses?

Without Verification With QWED
LLM calls execute_shell("rm -rf /") BLOCKED by ToolGuard
LLM returns wrong calculation CAUGHT by MathGuard
LLM outputs PII in response DETECTED by SafetyGuard
LLM hallucinates JSON format REJECTED by SchemaGuard

Links

License

Apache 2.0 - See LICENSE

Project details

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License)
  • Author: QWED-AI
  • Tags ai , verification , openai , responses-api , agents , tool-calling , structured-outputs , llm , safety
  • Requires: Python >=3.9
  • Provides-Extra: openai , langchain , llamaindex , all , dev
Classifiers

Release history Release notifications | RSS feed

0.2.2

This version

0.2.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

qwed_open_responses-0.2.1.tar.gz (32.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

qwed_open_responses-0.2.1-py3-none-any.whl (33.0 kB view details)

Uploaded Python 3

File details

Details for the file qwed_open_responses-0.2.1.tar.gz.

File metadata

  • Download URL: qwed_open_responses-0.2.1.tar.gz
  • Upload date:
  • Size: 32.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for qwed_open_responses-0.2.1.tar.gz
Algorithm Hash digest
SHA256 347215a63cf2ee1e3e7bcdcbef34a7dd0e8d98e9a0e3cb23e075d1c49b33e275
MD5 efd4fc964f17ad088ffa13866a9537ed
BLAKE2b-256 f2dcd2f7bcbe9c1dbb1c7aa0cf344a339a4f44e32690f3ef47a3d0fdb0fc20d3

See more details on using hashes here.

Provenance

The following attestation bundles were made for qwed_open_responses-0.2.1.tar.gz:

Publisher: publish.yml on QWED-AI/qwed-open-responses

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file qwed_open_responses-0.2.1-py3-none-any.whl.

File metadata

File hashes

Hashes for qwed_open_responses-0.2.1-py3-none-any.whl
Algorithm Hash digest
SHA256 257bb99a7c29dc5aafc870ec862874dd7237177bc809c2cbabb879daad3b954f
MD5 acdd7e28d6d0caf9444ce02770c80e76
BLAKE2b-256 442f6e272f476a38c2cb8adc77e10e8404e9b8ea77ab267d9700442ce0ff3e1b

See more details on using hashes here.

Provenance

The following attestation bundles were made for qwed_open_responses-0.2.1-py3-none-any.whl:

Publisher: publish.yml on QWED-AI/qwed-open-responses

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page