Governance Engine by zeb labs

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for zeb-labs from gravatar.com zeb-labs

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT License)
  • Author: Samrat Damodaran
  • Maintainer: Samrat Damodaran
  • Tags governance , llm , quota , policy , telemetry , observability
  • Requires: Python >=3.13
Classifiers
Report project as malware

Project description

Z-GRC

Governance, Risk, and Control Engine for LLMs

Built by Zeb Labs

PyPI Python Version Code Style: Ruff Built by Zeb Labs

Enterprise-grade governance engine for Large Language Model applications. Provides automatic interception, policy enforcement, quota management, and comprehensive observability across multiple LLM providers with zero code changes.

Installation

uv add z-grc

Or with auto-instrumentation:

uv add z-grc[auto-instrument]

Quick Start

import zgrc
import boto3
import json

# Initialize GRC
zgrc.init(api_key="your-zgrc-api-key")

# Use your LLM SDK normally - GRC handles everything
client = boto3.client("bedrock-runtime", region_name="us-east-1")

response = client.invoke_model(
    modelId="us.anthropic.claude-sonnet-4-5-20250929-v1:0",
    body=json.dumps({
        "anthropic_version": "bedrock-2023-05-31",
        "max_tokens": 1024,
        "messages": [{"role": "user", "content": "Hello!"}]
    })
)

# Z-GRC automatically:
# - Validates quota before requests
# - Tracks token usage
# - Enforces policies
# - Sends telemetry (traces, metrics, logs)

Features

Zero-Code Integration

Drop-in solution requiring only zgrc.init(). Works with existing code without modifications.

Auto-Discovery

Automatically detects and intercepts installed LLM SDKs:

  • AWS Bedrock (boto3)
  • Anthropic (coming soon)
  • OpenAI (coming soon)
  • Azure OpenAI (coming soon)

Policy Enforcement

Real-time quota validation and cost limit enforcement. Blocks requests when quota is exceeded.

from zgrc.utils import QuotaExceededException

try:
    response = client.invoke_model(...)
except QuotaExceededException as e:
    print(f"Quota exceeded: ${e.used:.4f} used, ${e.remaining:.4f} remaining")

Auto-Instrumentation

Optional automatic instrumentation for HTTP clients, web frameworks, databases, and more:

zgrc.init(
    api_key="your-zgrc-api-key",
    auto_instrument=True,
    app_name="my-app",
    environment="production"
)

Framework Agnostic

Works with vanilla SDKs and popular frameworks:

# PydanticAI
from pydantic_ai import Agent
agent = Agent("bedrock")
result = await agent.run("Your prompt")

# LangChain
from langchain_aws import ChatBedrock
llm = ChatBedrock(model_id="...")
response = llm.invoke("Your prompt")

# Strands Agents
from strands_agents import Agent
agent = Agent(provider="bedrock")
response = agent.execute("Your prompt")

Streaming Support

Fully supports streaming responses with automatic token tracking:

response = client.converse_stream(
    modelId="...",
    messages=[{"role": "user", "content": [{"text": "Tell me a story"}]}]
)

for event in response["stream"]:
    if "contentBlockDelta" in event:
        print(event["contentBlockDelta"]["delta"]["text"], end="")

Configuration

zgrc.init(
    api_key: str,                  # Your Z-GRC API key (required)
    auto_instrument: bool = False, # Enable auto-instrumentation
    app_name: str = None,          # Application name for telemetry
    environment: str = None,       # Environment (dev/staging/prod)
    log_level: int = logging.ERROR # Z-GRC internal log level
)

Proxy Mode (Claude Code CLI)

For environments where code modification isn't possible (like Claude Code CLI), use the standalone proxy:

Quick Start

Background Mode (Recommended):

# Set proxy environment variables automatically
eval $(z-grc-proxy --api-key=your-key -d)

# Now run Claude Code - it will use the proxy
claude

Foreground Mode:

# Run proxy in foreground (shows logs, blocks terminal)
z-grc-proxy --api-key=your-key

# In another terminal, set env vars manually:
export HTTPS_PROXY=http://127.0.0.1:8080
export NODE_EXTRA_CA_CERTS=~/.mitmproxy/mitmproxy-ca-cert.pem

claude

Proxy Commands

# Start in background (auto port detection)
eval $(z-grc-proxy --api-key=your-key -d)

# Start on specific port
eval $(z-grc-proxy --api-key=your-key --port=8085 -d)

# Check active proxy sessions
z-grc-proxy --status

# Kill all proxy servers
z-grc-proxy --kill-all

# Verbose logging
eval $(z-grc-proxy --api-key=your-key -d --verbose)

How It Works

  1. Automatic Port Detection: Finds available port (8080-8090)
  2. Session Management: Reuses existing proxy for same API key
  3. mitmproxy Certificates: Auto-generated in ~/.mitmproxy/ on first run
  4. Platform Independent: Works on macOS, Linux, Windows

Building Executables

Build standalone proxy binary with PyInstaller:

# Current platform only
make grpc-proxy-build

Output: dist/z-grc-proxy

Test Binary

# Background mode
eval $(./dist/z-grc-proxy --api-key=your-key -d)

# Foreground mode
./dist/z-grc-proxy --api-key=your-key

Installing Executor

macOS / Linux

curl -fsSL https://raw.githubusercontent.com/zeb-ai/z-grc/main/install.sh | bash

Windows (PowerShell)

irm https://raw.githubusercontent.com/zeb-ai/z-grc/main/install.ps1 | iex

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for zeb-labs from gravatar.com zeb-labs

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT License)
  • Author: Samrat Damodaran
  • Maintainer: Samrat Damodaran
  • Tags governance , llm , quota , policy , telemetry , observability
  • Requires: Python >=3.13
Classifiers

Release history Release notifications | RSS feed

0.0.29

0.0.28

0.0.27

0.0.26

0.0.25

0.0.24

0.0.23

This version

0.0.22

0.0.21

0.0.20

0.0.19

0.0.17

0.0.16

0.0.14

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

z_grc-0.0.22.tar.gz (33.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

z_grc-0.0.22-py3-none-any.whl (44.4 kB view details)

Uploaded Python 3

File details

Details for the file z_grc-0.0.22.tar.gz.

File metadata

  • Download URL: z_grc-0.0.22.tar.gz
  • Upload date:
  • Size: 33.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for z_grc-0.0.22.tar.gz
Algorithm Hash digest
SHA256 afb71c4cf13ab2ec102e1ee9e699baf52f8f0d5b72c2cf651ad938518e1f9e39
MD5 89f81aee80216720fe96e66a6d329128
BLAKE2b-256 f5d053d425f4df236b67d778fd41a3617791b98e7804f5b114a3c0f37a6ce7af

See more details on using hashes here.

Provenance

The following attestation bundles were made for z_grc-0.0.22.tar.gz:

Publisher: publish.yml on zeb-ai/z-grc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file z_grc-0.0.22-py3-none-any.whl.

File metadata

  • Download URL: z_grc-0.0.22-py3-none-any.whl
  • Upload date:
  • Size: 44.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for z_grc-0.0.22-py3-none-any.whl
Algorithm Hash digest
SHA256 49e3ce7ea80a041a9a6caeef0abdfa7dfc4ec654026e8105b39bce9f3b4fbe72
MD5 20f862f9cf671cd55b5a820753e21b52
BLAKE2b-256 db4932add4b71f507f83d67a58a5fc343484aa1d5da4cb89f39a0f1a51613e6f

See more details on using hashes here.

Provenance

The following attestation bundles were made for z_grc-0.0.22-py3-none-any.whl:

Publisher: publish.yml on zeb-ai/z-grc

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page