ifixai 3.0.2__tar.gz

ifixai-3.0.2/LICENSE

@@ -0,0 +1,190 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to the Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by the Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding any notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2026 The ifixai Authors
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

ifixai-3.0.2/PKG-INFO

@@ -0,0 +1,264 @@
+Metadata-Version: 2.4
+Name: ifixai
+Version: 3.0.2
+Summary: ifixai — open-source diagnostic for AI misalignment
+Author: ifixai Contributors
+License: Apache-2.0
+Project-URL: Homepage, https://github.com/ifixai-ai/iFixAi
+Project-URL: Documentation, https://github.com/ifixai-ai/iFixAi#readme
+Project-URL: Repository, https://github.com/ifixai-ai/iFixAi
+Project-URL: Issues, https://github.com/ifixai-ai/iFixAi/issues
+Keywords: ai,governance,safety,compliance,tests,misalignment
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
+Classifier: Topic :: Software Development :: Testing
+Classifier: Typing :: Typed
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: pydantic>=2.0
+Requires-Dist: typing_extensions>=4.6
+Requires-Dist: pyyaml>=6.0
+Requires-Dist: jsonschema>=4.0
+Requires-Dist: click>=8.0
+Requires-Dist: aiohttp>=3.9
+Requires-Dist: python-dateutil>=2.8.2
+Requires-Dist: json-repair>=0.25
+Provides-Extra: openai
+Requires-Dist: openai>=1.0; extra == "openai"
+Provides-Extra: openrouter
+Requires-Dist: openai>=1.0; extra == "openrouter"
+Provides-Extra: gemini
+Requires-Dist: google-generativeai>=0.3; extra == "gemini"
+Provides-Extra: anthropic
+Requires-Dist: anthropic>=0.18; extra == "anthropic"
+Provides-Extra: azure
+Requires-Dist: openai>=1.0; extra == "azure"
+Provides-Extra: bedrock
+Requires-Dist: boto3>=1.28; extra == "bedrock"
+Provides-Extra: huggingface
+Requires-Dist: huggingface-hub>=0.20; extra == "huggingface"
+Provides-Extra: litellm
+Requires-Dist: litellm<2.0.0,>=1.60.0; extra == "litellm"
+Provides-Extra: all
+Requires-Dist: openai>=1.0; extra == "all"
+Requires-Dist: google-generativeai>=0.3; extra == "all"
+Requires-Dist: anthropic>=0.18; extra == "all"
+Requires-Dist: boto3>=1.28; extra == "all"
+Requires-Dist: huggingface-hub>=0.20; extra == "all"
+Requires-Dist: litellm<2.0.0,>=1.60.0; extra == "all"
+Provides-Extra: dev
+Requires-Dist: ruff>=0.4; extra == "dev"
+Requires-Dist: mypy>=1.0; extra == "dev"
+Requires-Dist: bandit>=1.7; extra == "dev"
+Requires-Dist: pre-commit>=3.5; extra == "dev"
+Requires-Dist: openai>=1.0; extra == "dev"
+Requires-Dist: pytest>=8.0; extra == "dev"
+Requires-Dist: pytest-asyncio>=0.23; extra == "dev"
+Requires-Dist: pytest-cov>=5.0; extra == "dev"
+Dynamic: license-file
+
+<p align="center">
+  <img src="docs/assets/ifixai-banner.png" alt="iFixAi" width="200" />
+</p>
+
+<h1 align="center">iFixAi</h1>
+
+<p align="center"><strong>The diagnostic for AI operational misalignment</strong></p>
+<p align="center">Catch your agent's mistakes and blind spots before the shit hits the fan.</p>
+
+<p align="center">
+  <a href="#quick-start">Quick start</a> •
+  <a href="#two-ways-to-run-it">Two ways to run</a> •
+  <a href="#test-your-own-agent">Test your agent</a> •
+  <a href="#what-you-get-back">Scoring</a> •
+  <a href="#in-the-wild">In the wild</a> •
+  <a href="docs/">Docs</a> •
+  <a href="CONTRIBUTING.md">Contributing</a>
+</p>
+
+<p align="center">
+  <a href="LICENSE"><img src="https://img.shields.io/badge/license-Apache%202.0-blue.svg" alt="license: Apache 2.0" /></a>
+  <a href="pyproject.toml"><img src="https://img.shields.io/badge/python-3.10%2B-blue.svg" alt="python 3.10+" /></a>
+  <a href="https://github.com/ifixai-ai/iFixAi/actions/workflows/ci.yml"><img src="https://github.com/ifixai-ai/iFixAi/actions/workflows/ci.yml/badge.svg" alt="CI" /></a>
+  <img src="https://img.shields.io/badge/inspections-45-orange.svg" alt="45 inspections" />
+  <a href="https://github.com/ifixai-ai/iFixAi/issues?q=is%3Aopen+label%3A%22good+first+issue%22"><img src="https://img.shields.io/github/issues/ifixai-ai/iFixAi/good%20first%20issue?label=good%20first%20issues&color=7057ff" alt="good first issues" /></a>
+</p>
+
+<p align="center">
+  <img src="docs/assets/unique_cloners_chart.png" alt="UniqueClones" width="750" />
+</p>
+
+<p align="center">
+  <img src="docs/assets/ifixai-demo.gif" alt="iFixAi demo" width="720" />
+  <br/>
+  <em>Recorded from a custom client build. The open-source CLI runs the same diagnostic with different presentation.</em>
+</p>
+
+---
+
+## What it is
+
+iFixAi detects AI operational misalignment before it damages your business. By that, we mean
+any action, omission, or behaviour from your AI that does not match what your business
+intended, designed, or expects it to do. The dangerous part is that this rarely shows up in
+your usual KPIs. An agent can hit every dashboard target while quietly leaking a permission,
+fabricating a citation, caving to a manipulative prompt, or doing something it was never
+authorised to do. Those are the blind spots that surface as an incident, a customer complaint,
+or a regulator's question long after the damage is done. iFixAi finds them first.
+
+It runs up to 45 inspections against your agent, from direct policy compliance to adversarial
+pressure and structural edge cases. These come in two tiers: 32 core plus 13 extended. The 32
+core inspections cover five pillars of misalignment risk: fabrication, manipulation, deception,
+unpredictability, and opacity. Together with five of the extended inspections, they produce the
+letter grade, which you get back in under 5 minutes. The 13 extended inspections span 11 new
+categories of frontier agent risk, such as sabotage, sandbagging, oversight evasion, and power
+elevation. Five of them feed the grade, one a mandatory minimum that can cap it; the other eight
+are exploratory, scored and reported on their own, so they widen your coverage without moving
+the headline grade.
+
+Because the whole point is trust, iFixAi is honest about what it is. It is not a certification
+or a safety guarantee. It is a repeatable diagnostic you can run in CI: by default, your agent
+is judged by independent providers rather than by itself, one in Standard mode and an ensemble
+of two or more in Full mode. Every run also writes a manifest of all its inputs, so the result
+can be audited and replayed.
+
+## Two ways to run it
+
+There are two ways to run iFixAi, and both run the same diagnostic underneath: the
+command-line tool (the CLI) or the Claude Code plugin. Either one tests any model and lets
+you choose who grades it. The difference is who drives: you script the CLI yourself, or let
+Claude operate the plugin for you.
+
+| | **CLI** (`pip install`) | **Claude Code plugin** |
+|---|---|---|
+| **How you drive it** | you write the **fixture** (the config describing your agent) and CLI flags; scriptable, CI-friendly | Claude is the operator: it discovers your setup, builds the fixture, runs it, and explains the scorecard |
+| **What you can test** | any provider, or your agent's real endpoint | any provider (Anthropic, OpenAI, Gemini, Azure, Bedrock, …); Claude only guides |
+| **Who grades it** | any judge: self, one independent vendor, or a panel | same: self, one independent judge, or a cross-vendor panel |
+| **Output** | JSON + markdown/HTML reports | interactive results artifact (+ JSON source of truth; static-report fallback) |
+| **Setup** | `pip install` + the provider key(s) you'll test | keys in your Claude Code `settings.json` env; the engine self-provisions |
+| **Best for** | CI, automation, audit-ready batch runs | a guided, explained run with discovery and an interactive scorecard |
+
+**Plugin:** Claude runs the diagnostic for you. Open this repo in [Claude Code](https://claude.com/claude-code) and say
+*"run iFixAi on my setup."* Claude reads your agent's config, shows the test fixture
+it builds and names the cost before billing, runs the diagnostic on the model(s)
+and judge(s) you choose, then explains the scorecard. The rest of this page covers the CLI.
+
+## Quick start
+
+Now try it yourself. In three commands you install iFixAi, check that it runs, then grade a
+real model. The grade you get back is citable because a different vendor's AI does the grading,
+not the agent judging itself. Full walkthrough: **[docs/get-started.md](docs/get-started.md)**.
+
+```bash
+# 1. Install the CLI + the extra for the provider you'll test
+pip install "ifixai[anthropic]"
+
+# 2. Prove the pipeline runs: built-in mock, no keys, no network, ~1s
+ifixai run --provider mock --api-key not-used --eval-mode self
+
+# 3. Get a citable grade: your model graded by a *different* vendor's judge
+pip install "ifixai[anthropic,openai]"     # SUT's + judge's SDKs (or ifixai[all])
+export ANTHROPIC_API_KEY=sk-ant-...         # the SUT, graded
+export OPENAI_API_KEY=sk-...                # the judge, auto-paired from the environment
+ifixai run --provider anthropic --api-key "$ANTHROPIC_API_KEY"
+```
+
+Every run has **two roles**, and a citable run needs a key for each:
+
+| Role | What it is | How you set it |
+|---|---|---|
+| **SUT** (system under test) | the agent/model being **graded** | `--provider` + `--api-key`; the SUT key is always passed explicitly, never read from the environment |
+| **Judge** | who **grades** it | auto-paired from a *different* provider whose key is in your environment (the SUT's own vendor is excluded, so it never grades itself) |
+
+Reports land in `./ifixai-results/` as JSON **and** Markdown. Without a second key, add
+`--eval-mode self` to run as a smoke test (the grade still prints, but it's flagged as
+self-judged, not a result you can cite). Pinning the judge, Full-mode ensembles, and the eval modes:
+**[docs/running.md](docs/running.md)**. Other providers (OpenAI, OpenRouter, Gemini,
+Azure, Bedrock, Hugging Face, HTTP, LangChain) install the matching extra and follow the
+same steps: **[docs/providers.md](docs/providers.md)**.
+
+### Test your own agent
+
+The commands above call a **bare model API**: the simplest case, and it scores lower
+because a bare model has none of the extra parts a real agent does. The real system under
+test is usually your **agent**: a model wrapped with a system prompt, tools, retrieval, and guardrails.
+iFixAi treats it as a black box reached through a thin adapter:
+
+- **Serves an OpenAI-compatible HTTP endpoint?** Point `--provider http --endpoint …` at it, no glue code.
+- **Runs anywhere else?** Implement one method, `ChatProvider.send_message` ([ifixai/providers/base.py](ifixai/providers/base.py)), and override the optional capability hooks (`list_tools`, `get_audit_trail`, `authorize_tool`, `retrieve_sources`, …).
+
+The more of those parts your adapter exposes, the more inspections iFixAi can actually
+score, instead of marking them `insufficient_evidence` (it couldn't see enough of your
+agent to judge; these are reported but don't count for or against your grade). Full
+walkthrough with the model-vs-agent coverage map: **[docs/testing-your-agent.md](docs/testing-your-agent.md)**.
+
+## What you get back
+
+A letter grade with the breakdown behind it. iFixAi groups the 45 inspections into **16 categories**, five core pillars plus eleven premium. The five core pillars:
+
+| Core pillar | What it detects |
+|---|---|
+| **Fabrication** | uses a tool it wasn't granted, keeps no audit trail, makes unsourced or overconfident claims |
+| **Manipulation** | privilege escalation, breaking its own policy, prompt injection, poisoned retrieval context |
+| **Deception** | sandbagging (does better when it senses a test), secret side-goals, drifting off-task over long runs, failing silently |
+| **Unpredictability** | distorted context, drifting from instructions, inconsistent decisions |
+| **Opacity** | weak risk scoring, regulatory gaps, broken human-escalation, answering off-topic |
+
+- Your **A–F grade** is a weighted average of every category that produces a score: always the five core pillars, plus any premium categories your run can measure (A ≥ 0.90, B ≥ 0.80, C ≥ 0.70, D ≥ 0.60, F < 0.60; pass threshold 0.85, `--min-score`).
+- **Mandatory minimums** (B01, B08, P01) cap the overall score at 60% if missed.
+
+The other **11 categories are the premium tier**: sabotage, subversion, concealment,
+sandbagging, insubordination, usurpation, systemic risk, miscalibration, stakeholder
+conflict, perception governance, oversight atrophy. This repo ships **13 inspections from
+them as a free preview of iFixAi's premium suite**, at least one per category. **Five feed
+your grade** (including the P01 mandatory minimum above); the **other eight are
+exploratory**: scored and reported on their own, but kept out of the headline so they
+can't skew comparisons.
+
+Full math and weights: **[docs/scoring.md](docs/scoring.md)**. The full `B01`–`B32` → pillar
+mapping and every premium category: **[docs/inspection_categories.md](docs/inspection_categories.md)**.
+
+## In the wild
+
+Three real open-source AI systems, graded end-to-end: two F's and a D. Each ran against a fixture
+that describes its real setup (tools, rules, permissions), graded by a panel of judges from different vendors.
+
+| System | Upstream model | Score | Grade | Key finding |
+|---|---|---|---|---|
+| [Hermes Agent](case_studies/hermes-gpt-4o-mini/SCORECARD.md) (Nous Research) | `gpt-4o-mini` | **33.9%** | **F** | Capable model, but nothing stops bad actions; 23 of 32 inspections failed. [deep dive](https://ifixai.ai/docs/diagnostics/hermes) |
+| [OpenClaw](case_studies/openclaw-haiku/SCORECARD.md) v2026.5.4 | `claude-3.5-haiku` | **60.0%** | **D** | Follows the rules when asked plainly; caves when the request is dressed up. [deep dive](https://ifixai.ai/docs/diagnostics/openclaw) |
+| [Open WebUI](case_studies/openwebui-sonnet/SCORECARD.md) v0.9.5 | `claude-sonnet-4.6` | **11.3%** | **F** | Nothing passes once you strip the scaffolding that faked compliance. [deep dive](https://ifixai.ai/docs/diagnostics/openwebui) |
+
+The takeaway from Hermes is the clearest: a capable model with nothing enforcing its rules
+is not safe. All scorecards live in **[case_studies/](case_studies/)**.
+
+## Documentation
+
+Docs are sorted by what you came to do. Start in **[docs/](docs/)**:
+
+- 🟢 **New here** → [Get started](docs/get-started.md)
+- 🔧 **Doing something** → [Run modes & judges](docs/running.md) · [Test your agent](docs/testing-your-agent.md) · [Providers](docs/providers.md) · [Author a fixture](docs/fixture_authoring.md)
+- 📖 **Looking it up** → [CLI](docs/cli.md) · [Python API](docs/python-api.md) · [Scoring](docs/scoring.md) · [Inspections](docs/inspections.md)
+- 💡 **Why it works this way** → [Methodology](docs/methodology.md)
+
+## Contributing
+
+Issues and PRs welcome. See **[CONTRIBUTING.md](CONTRIBUTING.md)** (`pip install -e ".[dev]"`,
+then `ruff`, `bandit`, `pytest`). Good first issues are
+[labelled here](https://github.com/ifixai-ai/iFixAi/issues?q=is%3Aopen+label%3A%22good+first+issue%22).
+
+## Contact
+
+Bug reports, features, questions: open a [GitHub issue](https://github.com/ifixai-ai/iFixAi/issues).
+Security-sensitive reports: **[SECURITY.md](SECURITY.md)**. Anything else: **info@ime.life**.
+
+## License
+
+[Apache 2.0](LICENSE)

ifixai-3.0.2/README.md

@@ -0,0 +1,198 @@
+<p align="center">
+  <img src="docs/assets/ifixai-banner.png" alt="iFixAi" width="200" />
+</p>
+
+<h1 align="center">iFixAi</h1>
+
+<p align="center"><strong>The diagnostic for AI operational misalignment</strong></p>
+<p align="center">Catch your agent's mistakes and blind spots before the shit hits the fan.</p>
+
+<p align="center">
+  <a href="#quick-start">Quick start</a> •
+  <a href="#two-ways-to-run-it">Two ways to run</a> •
+  <a href="#test-your-own-agent">Test your agent</a> •
+  <a href="#what-you-get-back">Scoring</a> •
+  <a href="#in-the-wild">In the wild</a> •
+  <a href="docs/">Docs</a> •
+  <a href="CONTRIBUTING.md">Contributing</a>
+</p>
+
+<p align="center">
+  <a href="LICENSE"><img src="https://img.shields.io/badge/license-Apache%202.0-blue.svg" alt="license: Apache 2.0" /></a>
+  <a href="pyproject.toml"><img src="https://img.shields.io/badge/python-3.10%2B-blue.svg" alt="python 3.10+" /></a>
+  <a href="https://github.com/ifixai-ai/iFixAi/actions/workflows/ci.yml"><img src="https://github.com/ifixai-ai/iFixAi/actions/workflows/ci.yml/badge.svg" alt="CI" /></a>
+  <img src="https://img.shields.io/badge/inspections-45-orange.svg" alt="45 inspections" />
+  <a href="https://github.com/ifixai-ai/iFixAi/issues?q=is%3Aopen+label%3A%22good+first+issue%22"><img src="https://img.shields.io/github/issues/ifixai-ai/iFixAi/good%20first%20issue?label=good%20first%20issues&color=7057ff" alt="good first issues" /></a>
+</p>
+
+<p align="center">
+  <img src="docs/assets/unique_cloners_chart.png" alt="UniqueClones" width="750" />
+</p>
+
+<p align="center">
+  <img src="docs/assets/ifixai-demo.gif" alt="iFixAi demo" width="720" />
+  <br/>
+  <em>Recorded from a custom client build. The open-source CLI runs the same diagnostic with different presentation.</em>
+</p>
+
+---
+
+## What it is
+
+iFixAi detects AI operational misalignment before it damages your business. By that, we mean
+any action, omission, or behaviour from your AI that does not match what your business
+intended, designed, or expects it to do. The dangerous part is that this rarely shows up in
+your usual KPIs. An agent can hit every dashboard target while quietly leaking a permission,
+fabricating a citation, caving to a manipulative prompt, or doing something it was never
+authorised to do. Those are the blind spots that surface as an incident, a customer complaint,
+or a regulator's question long after the damage is done. iFixAi finds them first.
+
+It runs up to 45 inspections against your agent, from direct policy compliance to adversarial
+pressure and structural edge cases. These come in two tiers: 32 core plus 13 extended. The 32
+core inspections cover five pillars of misalignment risk: fabrication, manipulation, deception,
+unpredictability, and opacity. Together with five of the extended inspections, they produce the
+letter grade, which you get back in under 5 minutes. The 13 extended inspections span 11 new
+categories of frontier agent risk, such as sabotage, sandbagging, oversight evasion, and power
+elevation. Five of them feed the grade, one a mandatory minimum that can cap it; the other eight
+are exploratory, scored and reported on their own, so they widen your coverage without moving
+the headline grade.
+
+Because the whole point is trust, iFixAi is honest about what it is. It is not a certification
+or a safety guarantee. It is a repeatable diagnostic you can run in CI: by default, your agent
+is judged by independent providers rather than by itself, one in Standard mode and an ensemble
+of two or more in Full mode. Every run also writes a manifest of all its inputs, so the result
+can be audited and replayed.
+
+## Two ways to run it
+
+There are two ways to run iFixAi, and both run the same diagnostic underneath: the
+command-line tool (the CLI) or the Claude Code plugin. Either one tests any model and lets
+you choose who grades it. The difference is who drives: you script the CLI yourself, or let
+Claude operate the plugin for you.
+
+| | **CLI** (`pip install`) | **Claude Code plugin** |
+|---|---|---|
+| **How you drive it** | you write the **fixture** (the config describing your agent) and CLI flags; scriptable, CI-friendly | Claude is the operator: it discovers your setup, builds the fixture, runs it, and explains the scorecard |
+| **What you can test** | any provider, or your agent's real endpoint | any provider (Anthropic, OpenAI, Gemini, Azure, Bedrock, …); Claude only guides |
+| **Who grades it** | any judge: self, one independent vendor, or a panel | same: self, one independent judge, or a cross-vendor panel |
+| **Output** | JSON + markdown/HTML reports | interactive results artifact (+ JSON source of truth; static-report fallback) |
+| **Setup** | `pip install` + the provider key(s) you'll test | keys in your Claude Code `settings.json` env; the engine self-provisions |
+| **Best for** | CI, automation, audit-ready batch runs | a guided, explained run with discovery and an interactive scorecard |
+
+**Plugin:** Claude runs the diagnostic for you. Open this repo in [Claude Code](https://claude.com/claude-code) and say
+*"run iFixAi on my setup."* Claude reads your agent's config, shows the test fixture
+it builds and names the cost before billing, runs the diagnostic on the model(s)
+and judge(s) you choose, then explains the scorecard. The rest of this page covers the CLI.
+
+## Quick start
+
+Now try it yourself. In three commands you install iFixAi, check that it runs, then grade a
+real model. The grade you get back is citable because a different vendor's AI does the grading,
+not the agent judging itself. Full walkthrough: **[docs/get-started.md](docs/get-started.md)**.
+
+```bash
+# 1. Install the CLI + the extra for the provider you'll test
+pip install "ifixai[anthropic]"
+
+# 2. Prove the pipeline runs: built-in mock, no keys, no network, ~1s
+ifixai run --provider mock --api-key not-used --eval-mode self
+
+# 3. Get a citable grade: your model graded by a *different* vendor's judge
+pip install "ifixai[anthropic,openai]"     # SUT's + judge's SDKs (or ifixai[all])
+export ANTHROPIC_API_KEY=sk-ant-...         # the SUT, graded
+export OPENAI_API_KEY=sk-...                # the judge, auto-paired from the environment
+ifixai run --provider anthropic --api-key "$ANTHROPIC_API_KEY"
+```
+
+Every run has **two roles**, and a citable run needs a key for each:
+
+| Role | What it is | How you set it |
+|---|---|---|
+| **SUT** (system under test) | the agent/model being **graded** | `--provider` + `--api-key`; the SUT key is always passed explicitly, never read from the environment |
+| **Judge** | who **grades** it | auto-paired from a *different* provider whose key is in your environment (the SUT's own vendor is excluded, so it never grades itself) |
+
+Reports land in `./ifixai-results/` as JSON **and** Markdown. Without a second key, add
+`--eval-mode self` to run as a smoke test (the grade still prints, but it's flagged as
+self-judged, not a result you can cite). Pinning the judge, Full-mode ensembles, and the eval modes:
+**[docs/running.md](docs/running.md)**. Other providers (OpenAI, OpenRouter, Gemini,
+Azure, Bedrock, Hugging Face, HTTP, LangChain) install the matching extra and follow the
+same steps: **[docs/providers.md](docs/providers.md)**.
+
+### Test your own agent
+
+The commands above call a **bare model API**: the simplest case, and it scores lower
+because a bare model has none of the extra parts a real agent does. The real system under
+test is usually your **agent**: a model wrapped with a system prompt, tools, retrieval, and guardrails.
+iFixAi treats it as a black box reached through a thin adapter:
+
+- **Serves an OpenAI-compatible HTTP endpoint?** Point `--provider http --endpoint …` at it, no glue code.
+- **Runs anywhere else?** Implement one method, `ChatProvider.send_message` ([ifixai/providers/base.py](ifixai/providers/base.py)), and override the optional capability hooks (`list_tools`, `get_audit_trail`, `authorize_tool`, `retrieve_sources`, …).
+
+The more of those parts your adapter exposes, the more inspections iFixAi can actually
+score, instead of marking them `insufficient_evidence` (it couldn't see enough of your
+agent to judge; these are reported but don't count for or against your grade). Full
+walkthrough with the model-vs-agent coverage map: **[docs/testing-your-agent.md](docs/testing-your-agent.md)**.
+
+## What you get back
+
+A letter grade with the breakdown behind it. iFixAi groups the 45 inspections into **16 categories**, five core pillars plus eleven premium. The five core pillars:
+
+| Core pillar | What it detects |
+|---|---|
+| **Fabrication** | uses a tool it wasn't granted, keeps no audit trail, makes unsourced or overconfident claims |
+| **Manipulation** | privilege escalation, breaking its own policy, prompt injection, poisoned retrieval context |
+| **Deception** | sandbagging (does better when it senses a test), secret side-goals, drifting off-task over long runs, failing silently |
+| **Unpredictability** | distorted context, drifting from instructions, inconsistent decisions |
+| **Opacity** | weak risk scoring, regulatory gaps, broken human-escalation, answering off-topic |
+
+- Your **A–F grade** is a weighted average of every category that produces a score: always the five core pillars, plus any premium categories your run can measure (A ≥ 0.90, B ≥ 0.80, C ≥ 0.70, D ≥ 0.60, F < 0.60; pass threshold 0.85, `--min-score`).
+- **Mandatory minimums** (B01, B08, P01) cap the overall score at 60% if missed.
+
+The other **11 categories are the premium tier**: sabotage, subversion, concealment,
+sandbagging, insubordination, usurpation, systemic risk, miscalibration, stakeholder
+conflict, perception governance, oversight atrophy. This repo ships **13 inspections from
+them as a free preview of iFixAi's premium suite**, at least one per category. **Five feed
+your grade** (including the P01 mandatory minimum above); the **other eight are
+exploratory**: scored and reported on their own, but kept out of the headline so they
+can't skew comparisons.
+
+Full math and weights: **[docs/scoring.md](docs/scoring.md)**. The full `B01`–`B32` → pillar
+mapping and every premium category: **[docs/inspection_categories.md](docs/inspection_categories.md)**.
+
+## In the wild
+
+Three real open-source AI systems, graded end-to-end: two F's and a D. Each ran against a fixture
+that describes its real setup (tools, rules, permissions), graded by a panel of judges from different vendors.
+
+| System | Upstream model | Score | Grade | Key finding |
+|---|---|---|---|---|
+| [Hermes Agent](case_studies/hermes-gpt-4o-mini/SCORECARD.md) (Nous Research) | `gpt-4o-mini` | **33.9%** | **F** | Capable model, but nothing stops bad actions; 23 of 32 inspections failed. [deep dive](https://ifixai.ai/docs/diagnostics/hermes) |
+| [OpenClaw](case_studies/openclaw-haiku/SCORECARD.md) v2026.5.4 | `claude-3.5-haiku` | **60.0%** | **D** | Follows the rules when asked plainly; caves when the request is dressed up. [deep dive](https://ifixai.ai/docs/diagnostics/openclaw) |
+| [Open WebUI](case_studies/openwebui-sonnet/SCORECARD.md) v0.9.5 | `claude-sonnet-4.6` | **11.3%** | **F** | Nothing passes once you strip the scaffolding that faked compliance. [deep dive](https://ifixai.ai/docs/diagnostics/openwebui) |
+
+The takeaway from Hermes is the clearest: a capable model with nothing enforcing its rules
+is not safe. All scorecards live in **[case_studies/](case_studies/)**.
+
+## Documentation
+
+Docs are sorted by what you came to do. Start in **[docs/](docs/)**:
+
+- 🟢 **New here** → [Get started](docs/get-started.md)
+- 🔧 **Doing something** → [Run modes & judges](docs/running.md) · [Test your agent](docs/testing-your-agent.md) · [Providers](docs/providers.md) · [Author a fixture](docs/fixture_authoring.md)
+- 📖 **Looking it up** → [CLI](docs/cli.md) · [Python API](docs/python-api.md) · [Scoring](docs/scoring.md) · [Inspections](docs/inspections.md)
+- 💡 **Why it works this way** → [Methodology](docs/methodology.md)
+
+## Contributing
+
+Issues and PRs welcome. See **[CONTRIBUTING.md](CONTRIBUTING.md)** (`pip install -e ".[dev]"`,
+then `ruff`, `bandit`, `pytest`). Good first issues are
+[labelled here](https://github.com/ifixai-ai/iFixAi/issues?q=is%3Aopen+label%3A%22good+first+issue%22).
+
+## Contact
+
+Bug reports, features, questions: open a [GitHub issue](https://github.com/ifixai-ai/iFixAi/issues).
+Security-sensitive reports: **[SECURITY.md](SECURITY.md)**. Anything else: **info@ime.life**.
+
+## License
+
+[Apache 2.0](LICENSE)

ifixai-3.0.2/ifixai/__init__.py

@@ -0,0 +1,3 @@
+from ifixai._version import VERSION as __version__
+
+__all__ = ["__version__"]