Skip to main content

Deterministic guardrails for AI agents. Your agent follows your rules. Always.

Project description

savants-guard

Deterministic guardrails for AI agents. Block dangerous actions, suggest alternatives, rewrite commands, enforce spend limits.

pip install savants-guard

Quick start

from savants_guard import create_guard

guard = create_guard([
    "when action contains 'delete' and env eq 'production' then block",
    "when spend gt 100 then require_approval",
])

result = guard.check({"action": "delete_database", "env": "production"})
print(result.blocked)  # True
print(result.rule)     # "when action contains 'delete'..."

Action types

Rules end with an action. Four actions available, from soft to hard:

guard = create_guard([
    "when command contains 'chmod 777' then suggest 'Use chmod 755 for directories'",
    "when command contains 'git push --force' then rewrite 'git push --force-with-lease'",
    "when command contains 'npm publish' then ask 'Publishing is permanent'",
    "when command contains 'rm -rf /' then block",
])
Action result.blocked result.allowed result.suggestion
suggest 'msg' False False The alternative suggestion
rewrite 'cmd' False False The replacement command
ask 'reason' False False The reason for approval
block True False None
(no match) False True None

GuardResult fields

guard.check() returns a GuardResult with:

  • blockedTrue for block and require_approval
  • allowedTrue only when no rule matched
  • action"block", "suggest", "rewrite", "ask", "require_approval", or None
  • suggestion — message from suggest, replacement from rewrite, or reason from ask
  • rule — the DSL rule that matched, or None
  • context — the context dict you passed in

Presets

from savants_guard import production_safety, spend_limit, business_hours, deploy_safety

guard = production_safety()       # blocks delete/terminate/drop in production
guard = spend_limit(100)          # blocks amount/spend/cost over 100
guard = business_hours()          # blocks actions on Saturday/Sunday
guard = deploy_safety()           # blocks risky Friday deploys

Wrap decorator

Protect functions with @guard.wrap — raises GuardError when blocked:

from savants_guard import create_guard, GuardError

guard = create_guard(["when action contains 'delete' then block"])

@guard.wrap
def dangerous_action(**kwargs):
    return "executed"

try:
    dangerous_action(action="delete_db")
except GuardError as e:
    print(e.rule)          # "when action contains 'delete' then block"
    print(e.guard_action)  # "block"

Runtime rule management

guard = create_guard([])

guard.add_rule("when action contains 'delete' then block")
print(guard.list_rules())  # ["when action contains 'delete' then block"]

guard.check({"action": "delete"})
guard.check({"action": "read"})
print(guard.get_log())     # [{timestamp, context, result}, ...]

Rule evaluation

First match wins. Rules evaluate in order. Put softer rules before harder ones:

guard = create_guard([
    "when action eq 'deploy' then suggest 'Use staging first'",  # fires first
    "when action eq 'deploy' then block",                        # never reached
])

DSL operators

eq, neq, gt, gte, lt, lte, contains, not_contains, starts_with, ends_with, matches, in, not_in, is_true, is_false, is_empty, is_not_empty

Combine with and / or:

"when action contains 'delete' and env eq 'production' then block"
"when env eq 'staging' or env eq 'development' then allow"

Links

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

savants_guard-0.3.0.tar.gz (17.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

savants_guard-0.3.0-py3-none-any.whl (12.0 kB view details)

Uploaded Python 3

File details

Details for the file savants_guard-0.3.0.tar.gz.

File metadata

  • Download URL: savants_guard-0.3.0.tar.gz
  • Upload date:
  • Size: 17.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for savants_guard-0.3.0.tar.gz
Algorithm Hash digest
SHA256 d4ce7691e2770584a0fc9f7621cc0b751f13680343412d0dec08f3636d640b4f
MD5 82b314f83c8a65bbfcc8c0c4cce6fa59
BLAKE2b-256 f4f9e101c73e2e8102b4abf119cbb5de077e709bb4fce5e727d0762a5530b972

See more details on using hashes here.

File details

Details for the file savants_guard-0.3.0-py3-none-any.whl.

File metadata

  • Download URL: savants_guard-0.3.0-py3-none-any.whl
  • Upload date:
  • Size: 12.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for savants_guard-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0bd610f923363dfb430c858b12a28c6ec43807419c3aff8c7dbbed5c08f67afd
MD5 1f1e63635ca678517249de26a293e693
BLAKE2b-256 d95fd8de946b751a76263c1483d5760a6fedbd9e02b824689913f9becd5f07e4

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page