groundguard 0.1.0__tar.gz

groundguard-0.1.0/.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

groundguard-0.1.0/.github/workflows/ci.yml

@@ -0,0 +1,63 @@
+name: CI
+
+on:
+  push:
+    branches: ["**"]
+  pull_request:
+    branches: ["main"]
+
+jobs:
+  fast-suite:
+    name: Fast Suite (no LLM)
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.10", "3.11", "3.12"]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install core deps
+        run: pip install -e ".[dev]"
+      - name: Run fast suite
+        run: pytest -m "not llm and not loaders and not langchain and not compat" -x -q --tb=short
+
+  loaders-suite:
+    name: Optional Loaders Tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - run: pip install -e ".[loaders,dev]"
+      - run: pytest -m loaders -x -q
+
+  langchain-suite:
+    name: Optional LangChain Tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - run: pip install -e ".[langchain,dev]"
+      - run: pytest -m langchain -x -q
+
+  real-suite:
+    name: Real Suite (LLM endpoints)
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - run: pip install -e ".[dev]"
+      - name: Run real suite
+        run: pytest -m llm --tb=short --timeout=120 -q
+        env:
+          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}

groundguard-0.1.0/.github/workflows/release.yml

@@ -0,0 +1,68 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build:
+    name: Build distribution
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Install pypa/build
+        run: python -m pip install build --user
+      - name: Build wheel and source tarball
+        run: python -m build
+      - name: Store distribution packages
+        uses: actions/upload-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+
+  publish-to-testpypi:
+    name: Publish to TestPyPI (pre-release only)
+    # Runs only on pre-release tags: v0.1.0a1, v0.2.0b2, v1.0.0rc1, etc.
+    if: contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc')
+    needs: build
+    runs-on: ubuntu-latest
+    environment:
+      name: testpypi
+      url: https://test.pypi.org/p/groundguard
+    permissions:
+      id-token: write
+    steps:
+      - name: Download dists
+        uses: actions/download-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+      - name: Publish to TestPyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          repository-url: https://test.pypi.org/legacy/
+
+  publish-to-pypi:
+    name: Publish to PyPI (stable release only)
+    # Runs only on stable tags: v0.1.0, v1.0.0 — not on pre-releases
+    if: "!contains(github.ref_name, 'a') && !contains(github.ref_name, 'b') && !contains(github.ref_name, 'rc')"
+    needs: build
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/groundguard
+    permissions:
+      id-token: write
+    steps:
+      - name: Download dists
+        uses: actions/download-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

groundguard-0.1.0/.gitignore

@@ -0,0 +1,8 @@
+# Python virtual environments
+.venv/
+venv/
+ENV/
+env/
+__pycache__/
+*.py[cod]
+*$py.class

groundguard-0.1.0/CLAUDE.md

@@ -0,0 +1,276 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+---
+
+## What This Project Is
+
+**groundguard** is a Python middleware library (MIT, LLM-agnostic) that verifies AI-generated text is factually grounded in developer-provided source documents. It is not a RAG pipeline, web scraper, or agentic framework — it is a deterministic assert layer for document-intensive workflows.
+
+---
+
+## Execution Process Rules
+
+These rules were established after a code review in session 5 found bugs caused by skipping them. **Do not shortcut these.**
+
+### Strict Role Separation (ORCHESTRATOR.md §3)
+
+Every implementation task requires **separate agent calls** for each role. Never combine into one:
+
+```text
+1. Test Writer Agent   → writes RED test file, commits to main (isolation: none)
+2. Coder Agent         → implements in worktree until GREEN (isolation: "worktree")
+3. Code Reviewer Agent → reviews diff against spec (subagent_type: "Explore")
+4. Fix Agent           → applies reviewer fixes if needed (isolation: "worktree")
+5. Test Runner         → confirms GREEN after fixes
+6. Git Commit Agent    → merges worktree to main
+```
+
+**Why:** Session 5 collapsed all 6 roles into 1 combined agent per module. The Code Reviewer was skipped entirely. This allowed 5 bugs to reach main undetected (wrong default values, incorrect routing logic, missing exception types, hardcoded field values).
+
+### Code Reviewer Is Mandatory
+
+After every Coder Agent, dispatch a Code Reviewer (`subagent_type: "Explore"`) with:
+
+- The `git diff` of the branch
+- The relevant spec section from `plan/engineering_design_update.md`
+- The critical constraints checklist from CLAUDE.md
+
+Do not proceed to the next task if the reviewer returns `approved: false`.
+
+### Code Reviewer Prompt — Required Elements (session 6 correction)
+
+The reviewer prompt **must** include all four of these or the review is invalid:
+
+1. **Verbatim `git diff`** — run `git diff HEAD~1` (or `git diff main...<branch>`) and paste the full output inline. Do not ask the reviewer to read files instead.
+2. **Verbatim spec section** — paste the exact section from `plan/engineering_design_v4.md` for the module. Do not paraphrase or summarise it.
+3. **Role 4 output format exactly** — the reviewer must return:
+
+   ```json
+   {
+     "approved": true,
+     "issues": [
+       {"severity": "blocking"|"advisory", "file": "...", "line_hint": "...", "description": "...", "fix": "..."}
+     ]
+   }
+   ```
+
+   Do not use alternate schemas (`findings`, `constraint_checks`, etc.) — the `severity` field is load-bearing: `"blocking"` triggers a Fix Agent, `"advisory"` does not.
+4. **No test execution** — the reviewer is read-only (`Explore`). Do not ask it to run `pytest`. That is the Test Runner's job (Role 5).
+
+**Why:** In Phase 21 the reviewer prompt omitted the git diff, paraphrased the spec instead of pasting it verbatim, used a non-standard output schema, and asked the reviewer to run tests. The review still passed because the implementation happened to be correct — but the process was non-compliant and would have failed to catch spec deviations reliably.
+
+### Worktree Isolation for Coders
+
+Every Coder Agent call must use `isolation: "worktree"`. The Test Writer commits to `main` first; the Coder's worktree branches from that commit automatically.
+
+### Parallel Dispatch — Count Before Sending
+
+Before sending a message with multiple parallel `Agent` calls, count the expected agents and verify all are present. Session 5 missed Worker F (Result Builder) in the first parallel wave, causing it to run solo later instead of in parallel.
+
+### Context Injection — No Placeholder Left Behind
+
+Every agent prompt must have all `[paste ...]` markers replaced with verbatim spec content before dispatching. An unresolved placeholder causes the agent to hallucinate silently (ORCHESTRATOR.md §9).
+
+---
+
+## Token Efficiency Protocols
+
+### Before reading any file
+
+Check `CODEBASE_ANALYSIS.md` (same directory as this file) first.
+It contains the full dependency graph, module contracts, implementation
+status, and red flags. Read it instead of source files to orient yourself.
+Only read a source file when you are about to act on it.
+
+### Native tool rules
+
+- **Read tool:** State which file and which section before reading.
+  Use line ranges when the section is known. If already read this
+  session, use what is in context — do not re-read.
+- **Grep tool:** Use `output_mode: "files_with_matches"` first.
+  Only switch to content mode when you need the actual lines.
+- **Agent tool:** Only spawn agents when: single named role, all
+  context injected inline, mutually exclusive file scope.
+
+### Bash command rules
+
+Always use the quiet flags below. Never use the verbose form.
+
+```
+pytest (fast suite)  →  pytest -m "not llm and not loaders and not langchain and not compat" -x -q --tb=short --no-header
+pytest (single test) →  pytest <test_path> -x -q --tb=short
+pytest (compat)      →  pytest -m compat -v --timeout=300 -p no:cov
+pytest (llm)         →  pytest -m llm --timeout=120 -q
+pip install          →  pip install -q -e ".[dev,loaders,langchain]"
+git log              →  git log --oneline -10
+git diff             →  git diff --stat
+git status           →  git status -s
+grep                 →  grep -rn "term" . | head -20
+find                 →  find . -name "*.py" | grep -v __pycache__ | head -20
+```
+
+### Document updates after a discussion
+
+Do NOT immediately read all plan documents.
+
+1. Extract decisions from the conversation (they are already in context)
+2. Run `grep -n "^#" <filename>` to get section headings cheaply
+3. Read only the specific sections that need updating
+4. Edit targeted sections — never rewrite whole documents
+
+---
+
+## Commands
+
+```bash
+# Install for development (all optional extras)
+pip install -e ".[dev,loaders,langchain]"
+
+# Run fast suite (zero LLM calls — default for all dev work)
+pytest -m "not llm and not loaders and not langchain and not compat" -x -q
+
+# Run a single test
+pytest tests/test_tier2.py::test_all_zero_scores_triggers_escalate_all_low_score -x -q
+
+# Run real LLM integration tests (requires OPENAI_API_KEY or GOOGLE_API_KEY)
+pytest -m llm --timeout=120 -q
+
+# Run loaders tests (requires pip install -e ".[loaders]")
+pytest -m loaders -q
+
+# Run with coverage report
+pytest -m "not llm and not loaders and not langchain and not compat" --cov=groundguard --cov-report=term-missing
+```
+
+---
+
+## Pipeline Architecture
+
+The pipeline is a sequential 4-tier chain. `core/verifier.py` (stub only — Phase 9 implements it) is the orchestrator.
+
+```text
+verify(claim, sources)
+    │
+    ├── Tier 0  core/classifier.py          parse_and_classify(claim)
+    │           → list[ClassifiedAtom]      zero-cost rules, decimal-safe regex
+    │
+    ├── chunker loaders/chunker.py          chunk_sources(ctx)
+    │           → list[Chunk]               sliding window if source > max_source_tokens
+    │
+    ├── Tier 1  tiers/tier1_authenticity.py check_fuzzy(evidence, chunks, threshold)
+    │           gate only — raises or passes  rapidfuzz partial_token_set_ratio
+    │           NEVER produces a terminal result
+    │
+    ├── Tier 2  tiers/tier2_semantic.py     route_claim(ctx, chunks)
+    │           → Tier2Result               BM25Okapi — 3 routing branches (see below)
+    │
+    └── Tier 3  tiers/tier3_evaluation.py   evaluate(ctx, chunks)
+                → adapters/registry.py      get_adapter(model) → pre_call_kwargs + post_process
+                → Tier3ResponseModel        litellm.completion, 2-attempt retry
+                → ResultBuilder             → VerificationResult (public output)
+```
+
+### Tier 2 Routing Branches
+
+| Condition | Branch | Action |
+| --- | --- | --- |
+| `score >= 0.85` | A — `SKIP_LLM_HIGH_CONFIDENCE` | Return VERIFIED, no LLM call |
+| `0.01 < score < 0.85` | B — `ESCALATE_TO_LLM` | Send top-k chunks to Tier 3 |
+| `score <= 0.01` and `raw_score >= 0` | C — `ESCALATE_ALL_LOW_SCORE` | Send all chunks (capped at `top_k * 3`, document order) |
+
+The `raw_score >= 0` guard in Branch C is intentional: BM25Okapi returns negative scores on very small corpora (IDF artefact) — those fall through to Branch B instead.
+
+### Key Mapping Rules (ResultBuilder)
+
+- `Tier3ResponseModel.factual_consistency_score` is **0–100**; `VerificationResult.factual_consistency_score` is **0.0–1.0**. `ResultBuilder` divides by 100.
+- `Neutral` entailment → **always** `"UNVERIFIABLE"`, `is_valid=False`. Never promoted regardless of coverage %.
+- `sources_used` is filtered against `ctx.original_sources` — hallucinated `source_id`s are scrubbed.
+
+---
+
+## Module Ownership Rules
+
+These prevent circular imports and are load-bearing:
+
+| Rule | Detail |
+| --- | --- |
+| `Chunk` defined in `loaders/chunker.py` | NOT in `models/internal.py` — would create circular import |
+| `models/internal.py` imports `Chunk` only under `TYPE_CHECKING` | Use string annotations at runtime |
+| All tier modules import `Chunk` under `TYPE_CHECKING` | Same pattern throughout |
+
+---
+
+## Data Model Hierarchy
+
+```text
+Public (models/result.py):       Source, AtomicClaimResult, VerificationResult
+Internal (models/internal.py):   VerificationContext, SharedCostTracker, ClassifiedAtom,
+                                  RoutingDecision, Tier2Result, ClaimInput
+Tier 3 (models/tier3.py):        Tier3ResponseModel + sub-models (Pydantic v2 BaseModel)
+Chunker (loaders/chunker.py):    Chunk  ← defined here, not in models/
+```
+
+`VerificationContext` is the per-call state bag passed through all tiers, constructed once per `verify()` call.
+
+---
+
+## Critical Implementation Details
+
+**`SharedCostTracker`** — soft cap enforced *after* LLM call completes; triggering call is already billed. Cap check runs inside `threading.Lock`. Default `max_spend=float('inf')` — **do not change to a numeric default**.
+
+**`_boundary_id`** — `secrets.token_hex(6)`, 12 hex chars, 48-bit entropy. Set at `VerificationContext` construction. `render_prompt` reads `ctx._boundary_id` — it never generates a new one.
+
+**Tier 1 algorithm** — uses `rapidfuzz.fuzz.partial_token_set_ratio` (deliberate deviation from spec's `partial_ratio`). This is a known, preserved decision: `partial_ratio` scored too low on dropped-filler-word cases. Do not revert to `partial_ratio` without re-running the calibration benchmark (Phase 14).
+
+**`parse_response(response, model)`** — routes via `get_adapter(model).post_process()`. OLLAMA_ADAPTER strips `<think>` tags (rfind-based; regex fallback), falls back to `reasoning_content` if content is empty. DEFAULT adapter strips markdown fences. Retry catches `pydantic.ValidationError`, `ValueError`, and `IndexError` (the last covers `choices=[]` edge case).
+
+**`auto_chunk=False`** — recommended for large-context models (Gemini 1.5 Pro, Claude 3.5+). BM25 can silently drop low-scoring chunks that contain negating context ("Lost Context Problem").
+
+**Exception contract** — `verify()` / `averify()` are fail-loud (all exceptions propagate except `ParseError` → returned as `status="PARSE_ERROR"`). `verify_batch_async()` is fail-contained (all exceptions absorbed per item). This asymmetry is intentional — see `plan/engineering_design_update.md` §8.
+
+---
+
+## Test Structure
+
+```text
+tests/
+├── test_exceptions.py      # Phase 1
+├── test_log.py             # Phase 1
+├── test_models.py          # Phase 2 — TDD #15 (VerificationContext defaults) + Phase 21 (profile fields)
+├── test_classifier.py      # Phase 3 — decimal-safe split, inferential signals
+├── test_chunker.py         # Phase 4 — char offsets, overlap guard, sliding window
+├── test_helpers.py         # Phase 4 — @pytest.mark.loaders (skipped by default)
+├── test_tier1.py           # Phase 5 — fuzzy match boundaries
+├── test_tier2.py           # Phase 6 — BM25 routing branches, Branch C cap
+├── test_evaluation.py      # Phase 7 — render_prompt, parse_response, retry loop
+├── test_builder.py         # Phase 8 — score division, Neutral mapping, page_hint
+├── test_adapters.py        # Phase 16 (T-60) — adapter prefix routing, post_process, pre_call_kwargs
+├── fixtures/               # Phase 16 (T-65) — sample.pdf, sample.docx (generated, gitignored)
+│   └── scaffold_fixtures.py  # Run once to generate fixture files
+└── integration/            # Phase 12+ — @pytest.mark.llm (requires real API keys)
+```
+
+Fast Suite runs in ~5 seconds. `litellm.completion` and `litellm.acompletion` are always mocked in Fast Suite tests via `pytest-mock`.
+
+---
+
+## Using a Local LLM
+
+The library uses `litellm` which supports Ollama natively. No code changes needed:
+
+```bash
+ollama pull qwen3:14b    # ~9GB Q4_K_M, fits in 15GB RAM — recommended for integration tests
+ollama serve             # starts on http://localhost:11434
+```
+
+```python
+result = verify(claim="...", sources=[...], model="ollama/qwen3:14b", max_spend=0.0)
+```
+
+**Ollama thinking mode (Phase 16 complete)** — Thinking-capable Ollama models (qwen3, DeepSeek-R1, Gemma 4, Kimi K2, LFM2.5, GPT-OSS, etc.) emit `<think>...</think>` tags or drop `content` when thinking is active. `OLLAMA_ADAPTER` in `adapters/registry.py` handles this automatically: strips `<think>` tags (rfind-based, regex fallback), falls back to `reasoning_content` if content is empty. Models reason freely — `think=False` was removed in T-62.
+
+Ollama supports `response_format` (structured output via JSON schema grammar). `parse_response()` uses the fence-stripping + `<think>` tag stripping fallback for any remaining edge cases.
+
+For the Real Suite integration tests, use `--timeout=300` (qwen3:30b takes 30–90s per call).

groundguard-0.1.0/GROUNDGUARD_CONTRACT.md

@@ -0,0 +1,87 @@
+# GROUNDGUARD_CONTRACT.md
+
+This document defines the execution contract for the `groundguard` library. It describes what the library guarantees unconditionally, what callers can configure, how invariants hold under composition, and what is explicitly out of scope.
+
+---
+
+## 1. Guarantees
+
+These invariants always hold. If any of them would be violated, an exception is raised instead of returning a result.
+
+**Citation on VERIFIED results**
+Every `AtomicClaimResult` with `status="VERIFIED"` has a non-null `citation`. This is enforced by `_assert_citation_invariant` in `ResultBuilder` — a `VERIFIED` result with a null citation raises `InvariantError` before it can be returned.
+
+**Non-negative cost**
+`cost_usd` is never negative on any result. The `max_spend` cap is a *soft* cap: the triggering LLM call is allowed to complete and is billed before the cap fires. Subsequent calls in the same context are blocked.
+
+**Per-call boundary ID**
+Every `verify()` and `averify()` call generates a unique `boundary_id` of exactly 12 hex characters (48-bit entropy via `secrets.token_hex(6)`). The boundary ID is embedded in the prompt to prevent prompt-injection attacks that splice content across the boundary. It is never reused across calls.
+
+**Majority vote call count**
+When majority vote is active (triggered by a profile with `majority_vote=True` and a result score below `majority_vote_confidence_threshold`), exactly 3 LLM calls are made — never 1 or 2. The vote cannot complete with fewer.
+
+**Tie-break conservatism**
+A 1-1-1 split across 3 majority vote calls always yields `is_grounded=False` and `status="NOT_GROUNDED"`. Ties are never silently promoted to a positive verdict.
+
+---
+
+## 2. Configurables
+
+These parameters are caller-controlled. They change behaviour but do not affect the invariants above.
+
+**`profile`** — a `VerificationProfile` dataclass (preset: `GENERAL_PROFILE`, `STRICT_PROFILE`, or `RESEARCH_PROFILE`). Sets defaults for `faithfulness_threshold`, `tier2_lexical_threshold`, `bm25_top_k`, `majority_vote`, and `audit`. Explicit per-call parameters always override profile defaults.
+
+**`faithfulness_threshold`** — float, 0.0–1.0. Minimum score for a result to be considered grounded. Explicit value beats `majority_vote_on_borderline` which beats the profile default (precedence enforced in `VerificationContext.__post_init__`).
+
+**`max_spend`** — soft USD cap. Default `float('inf')` (no cap). The triggering call is billed; subsequent calls in the batch or context are blocked with `status="SKIPPED_DUE_TO_COST"`.
+
+**`model`** — any litellm model string (e.g. `"gpt-4o-mini"`, `"ollama/qwen3:14b"`, `"gemini/gemini-2.0-flash"`). Passed through to litellm without transformation.
+
+**`api_base`** — passed to litellm for custom endpoints (e.g. local Ollama, Azure deployments).
+
+**`auto_chunk`** — default `True`. When `True`, long sources are split by a sliding-window chunker and BM25 retrieves the top-k chunks for Tier 3. When `False`, full source content is forwarded to Tier 3 without chunking — recommended for large-context models to avoid the Lost Context Problem (negating clauses in low-scoring chunks not reaching the LLM).
+
+---
+
+## 3. Invariants Under Composition
+
+These invariants hold when combining multiple groundguard APIs in a single workflow.
+
+**`SourceAccumulator` is opt-in**
+`SourceAccumulator` is not wired into the pipeline. No verification function accepts a `SourceAccumulator` directly — callers always call `.sources()` explicitly and pass the resulting `list[Source]`:
+
+```python
+acc = SourceAccumulator()
+acc.add(db_source, provenance="database_lookup", agent_id="agent_1")
+acc.add(llm_source, provenance="llm_generated", is_llm_derived=True, agent_id="agent_2")
+result = verify_analysis(agent_output, sources=acc.sources(), model="gpt-4o-mini")
+```
+
+This keeps the public API stable and lets callers inspect, filter, or log the source list before verification runs.
+
+**`verify_clause` + `TermRegistry`**
+When a `TermRegistry` is provided to `verify_clause`, term definitions are injected as pinned `Source` objects into the sources list *before* `verify()` is called. Term resolution runs before Tier 0, so pinned definitions affect the atom count and can alter routing decisions.
+
+**`averify_batch` failure isolation**
+`averify_batch` is fail-contained per item. An exception in one item (including `VerificationCostExceededError`) does not abort the batch. Items that hit the spend cap return `status="SKIPPED_DUE_TO_COST"`. All other per-item exceptions return `status="ERROR"`. The shared `SharedCostTracker` applies across the entire batch.
+
+**Parameter precedence**
+`explicit call params > ctx.majority_vote_on_borderline > profile defaults`. This precedence is enforced in `VerificationContext.__post_init__` and cannot be overridden by downstream tiers.
+
+**`verify()` / `averify()` vs. `averify_batch`**
+`verify()` and `averify()` are fail-loud: all exceptions propagate to the caller except `ParseError`, which is returned as `status="PARSE_ERROR"`. `averify_batch` is fail-contained. This asymmetry is intentional — single-call users get explicit error signals; batch callers get partial results without a full abort.
+
+---
+
+## 4. Undefined Behaviour
+
+The following scenarios are not guaranteed to work correctly and may change across versions without a deprecation notice.
+
+**Models that ignore `response_format`**
+Groundguard requests structured JSON output via `response_format`. If a model ignores the schema (returning free text instead), the retry loop attempts to parse the output using fence-stripping and Pydantic validation. This is a best-effort fallback — it is not guaranteed to succeed on all model/prompt combinations.
+
+**Tier 2.5 on non-English text**
+The numerical conflict detector (`tier25_preprocessing`) uses regex patterns calibrated on English-language text (digits, `%`, `$`, metric suffixes `M/B/K`). Behaviour on non-English numerals or currency formats is undefined.
+
+**BM25 on single-sentence sources**
+BM25Okapi can return negative scores on very small corpora due to IDF artefacts. On single-sentence sources, routing may fall through to Branch B (`ESCALATE_TO_LLM`) even when Branch C (`ESCALATE_ALL_LOW_SCORE`) would be more appropriate. Use `auto_chunk=False` on very short sources to avoid this edge case.

groundguard-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Pulkit Jain
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.