canari-forensics 0.1.0__tar.gz

canari_forensics-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Canari
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

canari_forensics-0.1.0/PKG-INFO

@@ -0,0 +1,152 @@
+Metadata-Version: 2.1
+Name: canari-forensics
+Version: 0.1.0
+Summary: Scan historical LLM traces for credential leaks and prompt-injection evidence
+Author: Canari
+License: MIT License
+        
+        Copyright (c) 2026 Canari
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+        
+Project-URL: Homepage, https://github.com/cholmess/canari-forensics
+Project-URL: Repository, https://github.com/cholmess/canari-forensics
+Project-URL: Issues, https://github.com/cholmess/canari-forensics/issues
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+
+# canari-forensics
+
+[![PyPI package](https://img.shields.io/badge/pypi-package%20pending-lightgrey)](docs/PYPI_RELEASE.md)
+[![CI](https://github.com/cholmess/canari-forensics/actions/workflows/ci.yml/badge.svg)](https://github.com/cholmess/canari-forensics/actions/workflows/ci.yml)
+[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+
+Scan your LLM logs for breaches that already happened.
+
+LLM applications can leak internal context through prompt injection
+attacks. Your firewall never flags it because the exfiltration looks
+exactly like a legitimate API response. Most teams find out weeks
+later - if ever.
+
+Canari Forensics scans your existing LLM conversation logs and tells
+you definitively whether you have had any successful prompt injection
+or credential leakage before you were monitoring. Exact pattern
+matching, no classifiers, no false positives. Runs locally in under
+a minute. No data leaves your environment.
+
+## Install
+
+```bash
+pip install canari-forensics
+```
+
+If your environment blocks package installs, you can run directly with `python3 -m canari_forensics ...`.
+After install, run `canari ...` directly.
+
+## Quick start
+
+```bash
+# 1) Scan OTEL JSON exports (generic/datadog/honeycomb via --provider)
+canari forensics scan \
+  --source otel \
+  --provider generic \
+  --logs ./otel-traces \
+  --file-pattern '*.json' \
+  --out ./forensics-scan.json
+
+# 2) Generate enterprise audit outputs
+canari forensics report \
+  --scan-report ./forensics-scan.json \
+  --client "Acme Corp" \
+  --application "AI Gateway" \
+  --out-pdf ./audit-report.pdf \
+  --out-evidence ./canari-evidence.json \
+  --bp-dir ./tests/attacks
+```
+
+## Staged audit workflow
+
+```bash
+# initialize audit workspace
+canari forensics audit init \
+  --name "Q1 2026 AI Gateway Audit" \
+  --source otel \
+  --provider generic \
+  --logs ./otel-traces \
+  --client "Acme Corp" \
+  --application "AI Gateway"
+
+# run scan and report using stored metadata
+canari forensics audit scan --audit-id q1-2026-ai-gateway-audit
+canari forensics audit report --audit-id q1-2026-ai-gateway-audit
+```
+
+## One-command audit from config
+
+```bash
+cp .canari.yml.example .canari.yml
+canari forensics audit run --config .canari.yml
+```
+
+## Custom pattern packs
+
+```bash
+canari forensics report \
+  --scan-report ./forensics-scan.json \
+  --client "Acme Corp" \
+  --application "AI Gateway" \
+  --out-pdf ./audit-report.pdf \
+  --out-evidence ./canari-evidence.json \
+  --bp-dir ./tests/attacks \
+  --patterns-file ./custom_patterns.json
+```
+
+The JSON file should contain either `{"patterns": [...]}` or a top-level array,
+where each pattern has: `pattern_id`, `name`, `severity`, `confidence`, `kind`, `regex`.
+
+## Local demo checkpoint
+
+```bash
+./scripts/demo_local_audit.sh
+```
+
+## Real-time OTLP receiver
+
+```bash
+canari forensics receive \
+  --host 0.0.0.0 \
+  --port 4318 \
+  --db ./canari-forensics.db
+```
+
+Outputs:
+- Scan JSON with normalized conversation turns
+- Evidence JSON with findings and metadata
+- PDF audit report for executive review
+- `.bp.json` snapshots for BreakPoint CI workflows

canari_forensics-0.1.0/README.md

@@ -0,0 +1,109 @@
+# canari-forensics
+
+[![PyPI package](https://img.shields.io/badge/pypi-package%20pending-lightgrey)](docs/PYPI_RELEASE.md)
+[![CI](https://github.com/cholmess/canari-forensics/actions/workflows/ci.yml/badge.svg)](https://github.com/cholmess/canari-forensics/actions/workflows/ci.yml)
+[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+
+Scan your LLM logs for breaches that already happened.
+
+LLM applications can leak internal context through prompt injection
+attacks. Your firewall never flags it because the exfiltration looks
+exactly like a legitimate API response. Most teams find out weeks
+later - if ever.
+
+Canari Forensics scans your existing LLM conversation logs and tells
+you definitively whether you have had any successful prompt injection
+or credential leakage before you were monitoring. Exact pattern
+matching, no classifiers, no false positives. Runs locally in under
+a minute. No data leaves your environment.
+
+## Install
+
+```bash
+pip install canari-forensics
+```
+
+If your environment blocks package installs, you can run directly with `python3 -m canari_forensics ...`.
+After install, run `canari ...` directly.
+
+## Quick start
+
+```bash
+# 1) Scan OTEL JSON exports (generic/datadog/honeycomb via --provider)
+canari forensics scan \
+  --source otel \
+  --provider generic \
+  --logs ./otel-traces \
+  --file-pattern '*.json' \
+  --out ./forensics-scan.json
+
+# 2) Generate enterprise audit outputs
+canari forensics report \
+  --scan-report ./forensics-scan.json \
+  --client "Acme Corp" \
+  --application "AI Gateway" \
+  --out-pdf ./audit-report.pdf \
+  --out-evidence ./canari-evidence.json \
+  --bp-dir ./tests/attacks
+```
+
+## Staged audit workflow
+
+```bash
+# initialize audit workspace
+canari forensics audit init \
+  --name "Q1 2026 AI Gateway Audit" \
+  --source otel \
+  --provider generic \
+  --logs ./otel-traces \
+  --client "Acme Corp" \
+  --application "AI Gateway"
+
+# run scan and report using stored metadata
+canari forensics audit scan --audit-id q1-2026-ai-gateway-audit
+canari forensics audit report --audit-id q1-2026-ai-gateway-audit
+```
+
+## One-command audit from config
+
+```bash
+cp .canari.yml.example .canari.yml
+canari forensics audit run --config .canari.yml
+```
+
+## Custom pattern packs
+
+```bash
+canari forensics report \
+  --scan-report ./forensics-scan.json \
+  --client "Acme Corp" \
+  --application "AI Gateway" \
+  --out-pdf ./audit-report.pdf \
+  --out-evidence ./canari-evidence.json \
+  --bp-dir ./tests/attacks \
+  --patterns-file ./custom_patterns.json
+```
+
+The JSON file should contain either `{"patterns": [...]}` or a top-level array,
+where each pattern has: `pattern_id`, `name`, `severity`, `confidence`, `kind`, `regex`.
+
+## Local demo checkpoint
+
+```bash
+./scripts/demo_local_audit.sh
+```
+
+## Real-time OTLP receiver
+
+```bash
+canari forensics receive \
+  --host 0.0.0.0 \
+  --port 4318 \
+  --db ./canari-forensics.db
+```
+
+Outputs:
+- Scan JSON with normalized conversation turns
+- Evidence JSON with findings and metadata
+- PDF audit report for executive review
+- `.bp.json` snapshots for BreakPoint CI workflows

canari_forensics-0.1.0/canari_forensics/__init__.py

@@ -0,0 +1,19 @@
+"""Canari Forensics package."""
+
+from .models import ConversationTurn
+from .parsers import DatabricksAIGatewayParser, OTELParser
+from .receiver import OTLPReceiver
+from .reporting import Finding, detect_findings
+from .storage import SQLiteTurnStore
+from .version import __version__
+
+__all__ = [
+    "ConversationTurn",
+    "OTELParser",
+    "DatabricksAIGatewayParser",
+    "OTLPReceiver",
+    "SQLiteTurnStore",
+    "Finding",
+    "detect_findings",
+    "__version__",
+]

canari_forensics-0.1.0/canari_forensics/__main__.py

@@ -0,0 +1,4 @@
+from canari_forensics.cli import main
+
+if __name__ == "__main__":
+    raise SystemExit(main())

canari_forensics-0.1.0/canari_forensics/attest.py

@@ -0,0 +1,38 @@
+from __future__ import annotations
+
+import hashlib
+import json
+from pathlib import Path
+from typing import Any
+
+
+def file_sha256(path: str | Path) -> str:
+    p = Path(path)
+    h = hashlib.sha256()
+    with p.open("rb") as f:
+        for chunk in iter(lambda: f.read(65536), b""):
+            h.update(chunk)
+    return h.hexdigest()
+
+
+def create_attestation(evidence_path: str | Path, out_path: str | Path) -> dict[str, Any]:
+    evidence = Path(evidence_path)
+    digest = file_sha256(evidence)
+    payload = {
+        "artifact": str(evidence),
+        "sha256": digest,
+        "type": "canari-evidence-attestation",
+    }
+
+    out = Path(out_path)
+    out.parent.mkdir(parents=True, exist_ok=True)
+    out.write_text(json.dumps(payload, indent=2), encoding="utf-8")
+    return payload
+
+
+def verify_attestation(attestation_path: str | Path) -> bool:
+    data = json.loads(Path(attestation_path).read_text(encoding="utf-8"))
+    artifact = data["artifact"]
+    expected = data["sha256"]
+    actual = file_sha256(artifact)
+    return actual == expected

canari_forensics-0.1.0/canari_forensics/audit.py

@@ -0,0 +1,82 @@
+from __future__ import annotations
+
+import json
+import re
+from dataclasses import dataclass
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any
+
+
+def _slug(value: str) -> str:
+    text = re.sub(r"[^a-zA-Z0-9]+", "-", value.strip().lower()).strip("-")
+    return text or "audit"
+
+
+@dataclass(frozen=True)
+class AuditPaths:
+    root: Path
+    metadata: Path
+    scan_report: Path
+    evidence: Path
+    pdf: Path
+    bp_dir: Path
+
+
+class AuditManager:
+    def __init__(self, base_dir: str | Path = ".canari/audits") -> None:
+        self.base_dir = Path(base_dir)
+
+    def init_audit(
+        self,
+        name: str,
+        source: str,
+        provider: str,
+        logs: str | None,
+        experiment_id: str | None,
+        tracking_uri: str,
+        client: str,
+        application: str,
+        patterns_file: str | None = None,
+    ) -> AuditPaths:
+        audit_id = _slug(name)
+        root = self.base_dir / audit_id
+        root.mkdir(parents=True, exist_ok=True)
+        paths = self._paths(root)
+
+        payload: dict[str, Any] = {
+            "audit_id": audit_id,
+            "name": name,
+            "created_at": datetime.now(timezone.utc).isoformat(),
+            "source": source,
+            "provider": provider,
+            "logs": logs,
+            "experiment_id": experiment_id,
+            "tracking_uri": tracking_uri,
+            "client": client,
+            "application": application,
+            "patterns_file": patterns_file,
+            "scan_report": str(paths.scan_report),
+            "evidence": str(paths.evidence),
+            "pdf": str(paths.pdf),
+            "bp_dir": str(paths.bp_dir),
+        }
+        paths.metadata.write_text(json.dumps(payload, indent=2), encoding="utf-8")
+        return paths
+
+    def load_metadata(self, audit_id: str) -> dict[str, Any]:
+        root = self.base_dir / audit_id
+        paths = self._paths(root)
+        if not paths.metadata.exists():
+            raise FileNotFoundError(f"Audit not found: {audit_id}")
+        return json.loads(paths.metadata.read_text(encoding="utf-8"))
+
+    def _paths(self, root: Path) -> AuditPaths:
+        return AuditPaths(
+            root=root,
+            metadata=root / "audit.json",
+            scan_report=root / "scan-report.json",
+            evidence=root / "evidence.json",
+            pdf=root / "audit-report.pdf",
+            bp_dir=root / "bp-snapshots",
+        )