Deterministic guardrails for AI agents. Your agent follows your rules. Always.
Project description
savants-guard
Deterministic guardrails for AI agents. Block dangerous actions, suggest alternatives, rewrite commands, enforce spend limits.
pip install savants-guard
Quick start
from savants_guard import create_guard
guard = create_guard([
"when action contains 'delete' and env eq 'production' then block",
"when spend gt 100 then require_approval",
])
result = guard.check({"action": "delete_database", "env": "production"})
print(result.blocked) # True
print(result.rule) # "when action contains 'delete'..."
Action types
Rules end with an action. Four actions available, from soft to hard:
guard = create_guard([
"when command contains 'chmod 777' then suggest 'Use chmod 755 for directories'",
"when command contains 'git push --force' then rewrite 'git push --force-with-lease'",
"when command contains 'npm publish' then ask 'Publishing is permanent'",
"when command contains 'rm -rf /' then block",
])
| Action | result.blocked |
result.allowed |
result.suggestion |
|---|---|---|---|
suggest 'msg' |
False |
False |
The alternative suggestion |
rewrite 'cmd' |
False |
False |
The replacement command |
ask 'reason' |
False |
False |
The reason for approval |
block |
True |
False |
None |
| (no match) | False |
True |
None |
GuardResult fields
guard.check() returns a GuardResult with:
blocked—Trueforblockandrequire_approvalallowed—Trueonly when no rule matchedaction—"block","suggest","rewrite","ask","require_approval", orNonesuggestion— message fromsuggest, replacement fromrewrite, or reason fromaskrule— the DSL rule that matched, orNonecontext— the context dict you passed in
Presets
from savants_guard import production_safety, spend_limit, business_hours, deploy_safety
guard = production_safety() # blocks delete/terminate/drop in production
guard = spend_limit(100) # blocks amount/spend/cost over 100
guard = business_hours() # blocks actions on Saturday/Sunday
guard = deploy_safety() # blocks risky Friday deploys
Wrap decorator
Protect functions with @guard.wrap — raises GuardError when blocked:
from savants_guard import create_guard, GuardError
guard = create_guard(["when action contains 'delete' then block"])
@guard.wrap
def dangerous_action(**kwargs):
return "executed"
try:
dangerous_action(action="delete_db")
except GuardError as e:
print(e.rule) # "when action contains 'delete' then block"
print(e.guard_action) # "block"
Runtime rule management
guard = create_guard([])
guard.add_rule("when action contains 'delete' then block")
print(guard.list_rules()) # ["when action contains 'delete' then block"]
guard.check({"action": "delete"})
guard.check({"action": "read"})
print(guard.get_log()) # [{timestamp, context, result}, ...]
Rule evaluation
First match wins. Rules evaluate in order. Put softer rules before harder ones:
guard = create_guard([
"when action eq 'deploy' then suggest 'Use staging first'", # fires first
"when action eq 'deploy' then block", # never reached
])
DSL operators
eq, neq, gt, gte, lt, lte, contains, not_contains, starts_with, ends_with, matches, in, not_in, is_true, is_false, is_empty, is_not_empty
Combine with and / or:
"when action contains 'delete' and env eq 'production' then block"
"when env eq 'staging' or env eq 'development' then allow"
Links
License
MIT
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file savants_guard-0.3.0.tar.gz.
File metadata
- Download URL: savants_guard-0.3.0.tar.gz
- Upload date:
- Size: 17.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d4ce7691e2770584a0fc9f7621cc0b751f13680343412d0dec08f3636d640b4f
|
|
| MD5 |
82b314f83c8a65bbfcc8c0c4cce6fa59
|
|
| BLAKE2b-256 |
f4f9e101c73e2e8102b4abf119cbb5de077e709bb4fce5e727d0762a5530b972
|
File details
Details for the file savants_guard-0.3.0-py3-none-any.whl.
File metadata
- Download URL: savants_guard-0.3.0-py3-none-any.whl
- Upload date:
- Size: 12.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0bd610f923363dfb430c858b12a28c6ec43807419c3aff8c7dbbed5c08f67afd
|
|
| MD5 |
1f1e63635ca678517249de26a293e693
|
|
| BLAKE2b-256 |
d95fd8de946b751a76263c1483d5760a6fedbd9e02b824689913f9becd5f07e4
|