Skip to main content

Official Python SDK for the Rogue Security AppSec evaluation API.

Project description

rogue-security

Official Python SDK for the Rogue Security AppSec evaluation API.

Wraps the two public AppSec methods, evaluate (inline checks) and invoke (saved guardrail), with typed params and responses (Pydantic v2), typed errors, automatic retries, and debug logging. Ships sync and async clients.

Install

pip install rogue-security

Quickstart

from rogue_security import RogueClient

with RogueClient(api_key="rsk_...") as rogue:
    result = rogue.evaluate(
        messages=[
            {"role": "user", "content": "What is the patient's SSN?"},
            {"role": "assistant", "content": "It is 123-45-6789."},
        ],
        pii_check=True,
        prompt_injections=True,
    )

print(result.status, result.score)
for group in result.evaluation_results:
    for r in group.results:
        if r.flagged:
            print(group.type, r.label, r.reason)

api_key falls back to the ROGUE_API_KEY environment variable if omitted.

Async

from rogue_security import AsyncRogueClient

async with AsyncRogueClient() as rogue:        # reads ROGUE_API_KEY
    result = await rogue.evaluate(
        messages=[{"role": "user", "content": "..."}],
        content_moderation_check=True,
    )

Invoke a saved guardrail

result = rogue.invoke(
    guardrail_id="gr_abc123",
    messages=[
        {"role": "user", "content": user_prompt},
        {"role": "assistant", "content": model_response},
    ],
)
if result.blocked:
    ...  # the guardrail's workspace is set to block and the evaluation failed

You can also pass a typed params object instead of keyword arguments:

from rogue_security import EvaluateParams

rogue.evaluate(
    EvaluateParams(
        messages=[{"role": "user", "content": "..."}],
        pii_check=True,
        hallucinations_mode="quality",
    )
)

Error handling

from rogue_security import RogueAuthError, RogueValidationError, RogueError

try:
    rogue.evaluate(pii_check=True)
except RogueAuthError:
    ...  # bad / missing key
except RogueValidationError:
    ...  # 422, e.g. no checks enabled
except RogueError as err:
    print(err.status, err)

RogueServerError (5xx), rate limits (429), and network/timeout failures are retried automatically (default 2 retries, exponential backoff with jitter).

Options

RogueClient(
    api_key="rsk_...",
    base_url="http://localhost:8006",  # local dev; defaults to production (or ROGUE_BASE_URL)
    timeout=30.0,
    max_retries=2,                     # retries via tenacity, exponential backoff + jitter
    debug=True,                        # logs via the "rogue_security" logger; key is masked
)

Corporate networks / custom TLS (e.g. Zscaler)

Pass a verify value (CA bundle path or ssl.SSLContext) or your own configured httpx client. A client you pass in is yours to close; the SDK won't close it.

import httpx
from rogue_security import RogueClient

# Option A: custom CA bundle
RogueClient(api_key="rsk_...", verify="/path/to/corp-ca.pem")

# Option B: bring your own httpx client (proxies, mTLS, etc.)
RogueClient(api_key="rsk_...", http_client=httpx.Client(verify="/path/to/corp-ca.pem"))

Local development

uv sync
uv run pytest

More: see ../docs for the full API reference, check descriptions, and examples.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rogue_security-1.0.0.tar.gz (51.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

rogue_security-1.0.0-py3-none-any.whl (9.9 kB view details)

Uploaded Python 3

File details

Details for the file rogue_security-1.0.0.tar.gz.

File metadata

  • Download URL: rogue_security-1.0.0.tar.gz
  • Upload date:
  • Size: 51.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for rogue_security-1.0.0.tar.gz
Algorithm Hash digest
SHA256 6a98b7fd7099ed6728f3af414cf5848517cd93c11ec6f3561c0da4cf709680ee
MD5 709c4d2ba5d0a74b37130c72de3c3a06
BLAKE2b-256 ebaf56969afd1f2d463af623a01b82a056ea56c91e52d060a8144df97372cff8

See more details on using hashes here.

Provenance

The following attestation bundles were made for rogue_security-1.0.0.tar.gz:

Publisher: sdk-python-publish.yml on qualifire-dev/qualifire

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file rogue_security-1.0.0-py3-none-any.whl.

File metadata

  • Download URL: rogue_security-1.0.0-py3-none-any.whl
  • Upload date:
  • Size: 9.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for rogue_security-1.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 d6f0c102a5989a41d03e883b599ae3aefa0ad7dd12e9584acf5beb8e859be49b
MD5 e3fb57a02c91b9a1afbacc59246631a5
BLAKE2b-256 df1a188200307571b97914cb52958f2247830308daf475d628946ec7d2c5cd70

See more details on using hashes here.

Provenance

The following attestation bundles were made for rogue_security-1.0.0-py3-none-any.whl:

Publisher: sdk-python-publish.yml on qualifire-dev/qualifire

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page