Governance Engine by zeb labs

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for zeb-labs from gravatar.com zeb-labs

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT License)
  • Author: Samrat Damodaran
  • Maintainer: Samrat Damodaran
  • Tags governance , llm , quota , policy , telemetry , observability
  • Requires: Python >=3.13
Classifiers
Report project as malware

Project description

Z-GRC

Governance, Risk, and Control Engine for LLMs

Built by Zeb Labs

PyPI Python Version Code Style: Ruff Built by Zeb Labs

Enterprise-grade governance engine for Large Language Model applications. Provides automatic interception, policy enforcement, quota management, and comprehensive observability across multiple LLM providers with zero code changes.

Installation

uv add z-grc

Or with auto-instrumentation:

uv add z-grc[auto-instrument]

Quick Start

import zgrc
import boto3
import json

# Initialize GRC
zgrc.init(api_key="your-zgrc-api-key")

# Use your LLM SDK normally - GRC handles everything
client = boto3.client("bedrock-runtime", region_name="us-east-1")

response = client.invoke_model(
    modelId="us.anthropic.claude-sonnet-4-5-20250929-v1:0",
    body=json.dumps({
        "anthropic_version": "bedrock-2023-05-31",
        "max_tokens": 1024,
        "messages": [{"role": "user", "content": "Hello!"}]
    })
)

# Z-GRC automatically:
# - Validates quota before requests
# - Tracks token usage
# - Enforces policies
# - Sends telemetry (traces, metrics, logs)

Features

Zero-Code Integration

Drop-in solution requiring only zgrc.init(). Works with existing code without modifications.

Auto-Discovery

Automatically detects and intercepts installed LLM SDKs:

  • AWS Bedrock (boto3)
  • Anthropic (coming soon)
  • OpenAI (coming soon)
  • Azure OpenAI (coming soon)

Policy Enforcement

Real-time quota validation and cost limit enforcement. Blocks requests when quota is exceeded.

from zgrc.utils import QuotaExceededException

try:
    response = client.invoke_model(...)
except QuotaExceededException as e:
    print(f"Quota exceeded: ${e.used:.4f} used, ${e.remaining:.4f} remaining")

Auto-Instrumentation

Optional automatic instrumentation for HTTP clients, web frameworks, databases, and more:

zgrc.init(
    api_key="your-zgrc-api-key",
    auto_instrument=True,
    app_name="my-app",
    environment="production"
)

Framework Agnostic

Works with vanilla SDKs and popular frameworks:

# PydanticAI
from pydantic_ai import Agent
agent = Agent("bedrock")
result = await agent.run("Your prompt")

# LangChain
from langchain_aws import ChatBedrock
llm = ChatBedrock(model_id="...")
response = llm.invoke("Your prompt")

# Strands Agents
from strands_agents import Agent
agent = Agent(provider="bedrock")
response = agent.execute("Your prompt")

Streaming Support

Fully supports streaming responses with automatic token tracking:

response = client.converse_stream(
    modelId="...",
    messages=[{"role": "user", "content": [{"text": "Tell me a story"}]}]
)

for event in response["stream"]:
    if "contentBlockDelta" in event:
        print(event["contentBlockDelta"]["delta"]["text"], end="")

Configuration

zgrc.init(
    api_key: str,                  # Your Z-GRC API key (required)
    auto_instrument: bool = False, # Enable auto-instrumentation
    app_name: str = None,          # Application name for telemetry
    environment: str = None,       # Environment (dev/staging/prod)
    log_level: int = logging.ERROR # Z-GRC internal log level
)

Proxy Mode (Claude Code CLI)

For environments where code modification isn't possible (like Claude Code CLI), use the standalone proxy:

Quick Start

Background Mode (Recommended):

# Set proxy environment variables automatically
eval $(z-grc-proxy --api-key=your-key -d)

# Now run Claude Code - it will use the proxy
claude

Foreground Mode:

# Run proxy in foreground (shows logs, blocks terminal)
z-grc-proxy --api-key=your-key

# In another terminal, set env vars manually:
export HTTPS_PROXY=http://127.0.0.1:8080
export NODE_EXTRA_CA_CERTS=~/.mitmproxy/mitmproxy-ca-cert.pem

claude

Proxy Commands

# Start in background (auto port detection)
eval $(z-grc-proxy --api-key=your-key -d)

# Start on specific port
eval $(z-grc-proxy --api-key=your-key --port=8085 -d)

# Check active proxy sessions
z-grc-proxy --status

# Kill all proxy servers
z-grc-proxy --kill-all

# Verbose logging
eval $(z-grc-proxy --api-key=your-key -d --verbose)

How It Works

  1. Automatic Port Detection: Finds available port (8080-8090)
  2. Session Management: Reuses existing proxy for same API key
  3. mitmproxy Certificates: Auto-generated in ~/.mitmproxy/ on first run
  4. Platform Independent: Works on macOS, Linux, Windows

Building Executables

Build standalone proxy binary with PyInstaller:

# Current platform only
make grpc-proxy-build

Output: dist/z-grc-proxy

Test Binary

# Background mode
eval $(./dist/z-grc-proxy --api-key=your-key -d)

# Foreground mode
./dist/z-grc-proxy --api-key=your-key

Installing Executor

macOS / Linux

curl -fsSL https://raw.githubusercontent.com/zeb-ai/z-grc/main/install.sh | bash

Windows (PowerShell)

irm https://raw.githubusercontent.com/zeb-ai/z-grc/main/install.ps1 | iex

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for zeb-labs from gravatar.com zeb-labs

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT License)
  • Author: Samrat Damodaran
  • Maintainer: Samrat Damodaran
  • Tags governance , llm , quota , policy , telemetry , observability
  • Requires: Python >=3.13
Classifiers

Release history Release notifications | RSS feed

0.0.29

0.0.28

0.0.27

0.0.26

0.0.25

0.0.24

0.0.23

0.0.22

0.0.21

This version

0.0.20

0.0.19

0.0.17

0.0.16

0.0.14

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

z_grc-0.0.20.tar.gz (32.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

z_grc-0.0.20-py3-none-any.whl (44.2 kB view details)

Uploaded Python 3

File details

Details for the file z_grc-0.0.20.tar.gz.

File metadata

  • Download URL: z_grc-0.0.20.tar.gz
  • Upload date:
  • Size: 32.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for z_grc-0.0.20.tar.gz
Algorithm Hash digest
SHA256 87d9b0eaff6499ee109e4cd9c36293538bc7bd996d9168aba88a312a26c95032
MD5 c7154a84388ef0980be47d56a0678329
BLAKE2b-256 fa319243e75140e526910655839e9e8bdb0d0f0795f39666fb92788b2ba7294f

See more details on using hashes here.

Provenance

The following attestation bundles were made for z_grc-0.0.20.tar.gz:

Publisher: publish.yml on zeb-ai/z-grc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file z_grc-0.0.20-py3-none-any.whl.

File metadata

  • Download URL: z_grc-0.0.20-py3-none-any.whl
  • Upload date:
  • Size: 44.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for z_grc-0.0.20-py3-none-any.whl
Algorithm Hash digest
SHA256 fac898181f9abfff4f240ad5c65bcd168085edbd9b6f3ab274523e690841e99b
MD5 719df1c452d3f63b5005e3012e5f2204
BLAKE2b-256 f7a4bff17145bfb245c5758b2425ed6ffe3392db13c24fa9f53f84e3a8b3d453

See more details on using hashes here.

Provenance

The following attestation bundles were made for z_grc-0.0.20-py3-none-any.whl:

Publisher: publish.yml on zeb-ai/z-grc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page