proxilion 0.0.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- proxilion/__init__.py +136 -0
- proxilion/audit/__init__.py +133 -0
- proxilion/audit/base_exporters.py +527 -0
- proxilion/audit/compliance/__init__.py +130 -0
- proxilion/audit/compliance/base.py +457 -0
- proxilion/audit/compliance/eu_ai_act.py +603 -0
- proxilion/audit/compliance/iso27001.py +544 -0
- proxilion/audit/compliance/soc2.py +491 -0
- proxilion/audit/events.py +493 -0
- proxilion/audit/explainability.py +1173 -0
- proxilion/audit/exporters/__init__.py +58 -0
- proxilion/audit/exporters/aws_s3.py +636 -0
- proxilion/audit/exporters/azure_storage.py +608 -0
- proxilion/audit/exporters/cloud_base.py +468 -0
- proxilion/audit/exporters/gcp_storage.py +570 -0
- proxilion/audit/exporters/multi_exporter.py +498 -0
- proxilion/audit/hash_chain.py +652 -0
- proxilion/audit/logger.py +543 -0
- proxilion/caching/__init__.py +49 -0
- proxilion/caching/tool_cache.py +633 -0
- proxilion/context/__init__.py +73 -0
- proxilion/context/context_window.py +556 -0
- proxilion/context/message_history.py +505 -0
- proxilion/context/session.py +735 -0
- proxilion/contrib/__init__.py +51 -0
- proxilion/contrib/anthropic.py +609 -0
- proxilion/contrib/google.py +1012 -0
- proxilion/contrib/langchain.py +641 -0
- proxilion/contrib/mcp.py +893 -0
- proxilion/contrib/openai.py +646 -0
- proxilion/core.py +3058 -0
- proxilion/decorators.py +966 -0
- proxilion/engines/__init__.py +287 -0
- proxilion/engines/base.py +266 -0
- proxilion/engines/casbin_engine.py +412 -0
- proxilion/engines/opa_engine.py +493 -0
- proxilion/engines/simple.py +437 -0
- proxilion/exceptions.py +887 -0
- proxilion/guards/__init__.py +54 -0
- proxilion/guards/input_guard.py +522 -0
- proxilion/guards/output_guard.py +634 -0
- proxilion/observability/__init__.py +198 -0
- proxilion/observability/cost_tracker.py +866 -0
- proxilion/observability/hooks.py +683 -0
- proxilion/observability/metrics.py +798 -0
- proxilion/observability/session_cost_tracker.py +1063 -0
- proxilion/policies/__init__.py +67 -0
- proxilion/policies/base.py +304 -0
- proxilion/policies/builtin.py +486 -0
- proxilion/policies/registry.py +376 -0
- proxilion/providers/__init__.py +201 -0
- proxilion/providers/adapter.py +468 -0
- proxilion/providers/anthropic_adapter.py +330 -0
- proxilion/providers/gemini_adapter.py +391 -0
- proxilion/providers/openai_adapter.py +294 -0
- proxilion/py.typed +0 -0
- proxilion/resilience/__init__.py +81 -0
- proxilion/resilience/degradation.py +615 -0
- proxilion/resilience/fallback.py +555 -0
- proxilion/resilience/retry.py +554 -0
- proxilion/scheduling/__init__.py +57 -0
- proxilion/scheduling/priority_queue.py +419 -0
- proxilion/scheduling/scheduler.py +459 -0
- proxilion/security/__init__.py +244 -0
- proxilion/security/agent_trust.py +968 -0
- proxilion/security/behavioral_drift.py +794 -0
- proxilion/security/cascade_protection.py +869 -0
- proxilion/security/circuit_breaker.py +428 -0
- proxilion/security/cost_limiter.py +690 -0
- proxilion/security/idor_protection.py +460 -0
- proxilion/security/intent_capsule.py +849 -0
- proxilion/security/intent_validator.py +495 -0
- proxilion/security/memory_integrity.py +767 -0
- proxilion/security/rate_limiter.py +509 -0
- proxilion/security/scope_enforcer.py +680 -0
- proxilion/security/sequence_validator.py +636 -0
- proxilion/security/trust_boundaries.py +784 -0
- proxilion/streaming/__init__.py +70 -0
- proxilion/streaming/detector.py +761 -0
- proxilion/streaming/transformer.py +674 -0
- proxilion/timeouts/__init__.py +55 -0
- proxilion/timeouts/decorators.py +477 -0
- proxilion/timeouts/manager.py +545 -0
- proxilion/tools/__init__.py +69 -0
- proxilion/tools/decorators.py +493 -0
- proxilion/tools/registry.py +732 -0
- proxilion/types.py +339 -0
- proxilion/validation/__init__.py +93 -0
- proxilion/validation/pydantic_schema.py +351 -0
- proxilion/validation/schema.py +651 -0
- proxilion-0.0.1.dist-info/METADATA +872 -0
- proxilion-0.0.1.dist-info/RECORD +94 -0
- proxilion-0.0.1.dist-info/WHEEL +4 -0
- proxilion-0.0.1.dist-info/licenses/LICENSE +21 -0
proxilion/__init__.py
ADDED
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
"""
|
|
2
|
+
Proxilion: Application-layer security SDK for LLM tool call authorization.
|
|
3
|
+
|
|
4
|
+
Proxilion provides user-context authorization for agentic AI systems,
|
|
5
|
+
ensuring that LLM tool calls are validated against user identity and
|
|
6
|
+
business rules before execution.
|
|
7
|
+
|
|
8
|
+
Basic Usage:
|
|
9
|
+
>>> from proxilion import Proxilion, Policy, UserContext
|
|
10
|
+
>>>
|
|
11
|
+
>>> # Initialize SDK
|
|
12
|
+
>>> auth = Proxilion(
|
|
13
|
+
... policy_engine="simple",
|
|
14
|
+
... audit_log_path="./logs/audit.jsonl"
|
|
15
|
+
... )
|
|
16
|
+
>>>
|
|
17
|
+
>>> # Define a policy
|
|
18
|
+
>>> @auth.policy("database_query")
|
|
19
|
+
... class DatabaseQueryPolicy(Policy):
|
|
20
|
+
... def can_execute(self, context):
|
|
21
|
+
... return "analyst" in self.user.roles
|
|
22
|
+
>>>
|
|
23
|
+
>>> # Protect a tool
|
|
24
|
+
>>> @auth.authorize("execute", resource="database_query")
|
|
25
|
+
... async def database_query_tool(query: str, user: UserContext = None):
|
|
26
|
+
... return await execute_query(query)
|
|
27
|
+
>>>
|
|
28
|
+
>>> # Use it
|
|
29
|
+
>>> user = UserContext(user_id="alice", roles=["analyst"])
|
|
30
|
+
>>> result = await database_query_tool("SELECT * FROM data", user=user)
|
|
31
|
+
|
|
32
|
+
For more information, see the documentation at:
|
|
33
|
+
https://proxilion.com
|
|
34
|
+
|
|
35
|
+
Source code: https://github.com/clay-good/proxilion-sdk
|
|
36
|
+
"""
|
|
37
|
+
|
|
38
|
+
__version__ = "0.1.0"
|
|
39
|
+
|
|
40
|
+
# Core types - always available
|
|
41
|
+
# Main Proxilion class
|
|
42
|
+
from proxilion.core import (
|
|
43
|
+
Proxilion,
|
|
44
|
+
get_current_agent,
|
|
45
|
+
get_current_user,
|
|
46
|
+
)
|
|
47
|
+
|
|
48
|
+
# Decorators
|
|
49
|
+
from proxilion.decorators import (
|
|
50
|
+
AlwaysApproveStrategy,
|
|
51
|
+
AlwaysDenyStrategy,
|
|
52
|
+
ApprovalStrategy,
|
|
53
|
+
CallbackApprovalStrategy,
|
|
54
|
+
QueueApprovalStrategy,
|
|
55
|
+
authorize_tool_call,
|
|
56
|
+
circuit_protected,
|
|
57
|
+
rate_limited,
|
|
58
|
+
require_approval,
|
|
59
|
+
)
|
|
60
|
+
|
|
61
|
+
# Exceptions - always available
|
|
62
|
+
from proxilion.exceptions import (
|
|
63
|
+
AgentTrustError,
|
|
64
|
+
AuthorizationError,
|
|
65
|
+
BehavioralDriftError,
|
|
66
|
+
CircuitOpenError,
|
|
67
|
+
ConfigurationError,
|
|
68
|
+
ContextIntegrityError,
|
|
69
|
+
EmergencyHaltError,
|
|
70
|
+
IDORViolationError,
|
|
71
|
+
IntentHijackError,
|
|
72
|
+
PolicyNotFoundError,
|
|
73
|
+
PolicyViolation,
|
|
74
|
+
ProxilionError,
|
|
75
|
+
RateLimitExceeded,
|
|
76
|
+
SchemaValidationError,
|
|
77
|
+
)
|
|
78
|
+
|
|
79
|
+
# Policy base class
|
|
80
|
+
from proxilion.policies.base import Policy
|
|
81
|
+
from proxilion.types import (
|
|
82
|
+
AgentContext,
|
|
83
|
+
AuditEvent,
|
|
84
|
+
AuthorizationResult,
|
|
85
|
+
ToolCallRequest,
|
|
86
|
+
UserContext,
|
|
87
|
+
)
|
|
88
|
+
|
|
89
|
+
# Convenient type aliases
|
|
90
|
+
authorize = authorize_tool_call # Alias for backwards compatibility
|
|
91
|
+
|
|
92
|
+
__all__ = [
|
|
93
|
+
# Version
|
|
94
|
+
"__version__",
|
|
95
|
+
# Main class
|
|
96
|
+
"Proxilion",
|
|
97
|
+
# Policy
|
|
98
|
+
"Policy",
|
|
99
|
+
# Core types
|
|
100
|
+
"UserContext",
|
|
101
|
+
"AgentContext",
|
|
102
|
+
"ToolCallRequest",
|
|
103
|
+
"AuthorizationResult",
|
|
104
|
+
"AuditEvent",
|
|
105
|
+
# Exceptions
|
|
106
|
+
"ProxilionError",
|
|
107
|
+
"AuthorizationError",
|
|
108
|
+
"PolicyViolation",
|
|
109
|
+
"SchemaValidationError",
|
|
110
|
+
"RateLimitExceeded",
|
|
111
|
+
"CircuitOpenError",
|
|
112
|
+
"ConfigurationError",
|
|
113
|
+
"PolicyNotFoundError",
|
|
114
|
+
"IDORViolationError",
|
|
115
|
+
# ASI Top 10 exceptions
|
|
116
|
+
"ContextIntegrityError",
|
|
117
|
+
"IntentHijackError",
|
|
118
|
+
"AgentTrustError",
|
|
119
|
+
"BehavioralDriftError",
|
|
120
|
+
"EmergencyHaltError",
|
|
121
|
+
# Decorators
|
|
122
|
+
"authorize_tool_call",
|
|
123
|
+
"authorize",
|
|
124
|
+
"require_approval",
|
|
125
|
+
"rate_limited",
|
|
126
|
+
"circuit_protected",
|
|
127
|
+
# Approval strategies
|
|
128
|
+
"ApprovalStrategy",
|
|
129
|
+
"AlwaysApproveStrategy",
|
|
130
|
+
"AlwaysDenyStrategy",
|
|
131
|
+
"CallbackApprovalStrategy",
|
|
132
|
+
"QueueApprovalStrategy",
|
|
133
|
+
# Context helpers
|
|
134
|
+
"get_current_user",
|
|
135
|
+
"get_current_agent",
|
|
136
|
+
]
|
|
@@ -0,0 +1,133 @@
|
|
|
1
|
+
"""
|
|
2
|
+
Audit logging module for Proxilion.
|
|
3
|
+
|
|
4
|
+
This module provides tamper-evident audit logging with hash chains
|
|
5
|
+
and Merkle trees for cryptographic integrity verification.
|
|
6
|
+
|
|
7
|
+
Features:
|
|
8
|
+
- Hash-chained audit events for tamper detection
|
|
9
|
+
- Merkle tree batching for efficient verification
|
|
10
|
+
- Multiple export formats (JSON Lines, console, streams)
|
|
11
|
+
- Sensitive data redaction
|
|
12
|
+
- Log rotation support
|
|
13
|
+
|
|
14
|
+
Quick Start:
|
|
15
|
+
>>> from proxilion.audit import (
|
|
16
|
+
... AuditLogger,
|
|
17
|
+
... LoggerConfig,
|
|
18
|
+
... ConsoleExporter,
|
|
19
|
+
... )
|
|
20
|
+
>>>
|
|
21
|
+
>>> # Create a logger
|
|
22
|
+
>>> config = LoggerConfig.default("./audit/events.jsonl")
|
|
23
|
+
>>> logger = AuditLogger(config)
|
|
24
|
+
>>>
|
|
25
|
+
>>> # Log an authorization decision
|
|
26
|
+
>>> event = logger.log_authorization(
|
|
27
|
+
... user_id="user_123",
|
|
28
|
+
... user_roles=["analyst"],
|
|
29
|
+
... tool_name="database_query",
|
|
30
|
+
... tool_arguments={"query": "SELECT *"},
|
|
31
|
+
... allowed=True,
|
|
32
|
+
... reason="User has analyst role",
|
|
33
|
+
... )
|
|
34
|
+
>>>
|
|
35
|
+
>>> # Verify log integrity
|
|
36
|
+
>>> result = logger.verify()
|
|
37
|
+
>>> print(result.valid) # True if chain is intact
|
|
38
|
+
"""
|
|
39
|
+
|
|
40
|
+
from proxilion.audit.base_exporters import (
|
|
41
|
+
CallbackExporter,
|
|
42
|
+
ConsoleExporter,
|
|
43
|
+
Exporter,
|
|
44
|
+
FileExporter,
|
|
45
|
+
MultiExporter,
|
|
46
|
+
StreamExporter,
|
|
47
|
+
read_jsonl_events,
|
|
48
|
+
verify_jsonl_chain,
|
|
49
|
+
)
|
|
50
|
+
from proxilion.audit.events import (
|
|
51
|
+
AuditEventData,
|
|
52
|
+
AuditEventV2,
|
|
53
|
+
EventType,
|
|
54
|
+
RedactionConfig,
|
|
55
|
+
create_authorization_event,
|
|
56
|
+
redact_sensitive_data,
|
|
57
|
+
reset_sequence,
|
|
58
|
+
)
|
|
59
|
+
from proxilion.audit.hash_chain import (
|
|
60
|
+
GENESIS_HASH,
|
|
61
|
+
BatchedHashChain,
|
|
62
|
+
ChainVerificationResult,
|
|
63
|
+
HashChain,
|
|
64
|
+
MerkleBatch,
|
|
65
|
+
MerkleTree,
|
|
66
|
+
)
|
|
67
|
+
from proxilion.audit.logger import (
|
|
68
|
+
AuditLogger,
|
|
69
|
+
InMemoryAuditLogger,
|
|
70
|
+
LoggerConfig,
|
|
71
|
+
RotationPolicy,
|
|
72
|
+
)
|
|
73
|
+
|
|
74
|
+
# Explainability (CA SB 53 compliance)
|
|
75
|
+
from proxilion.audit.explainability import (
|
|
76
|
+
DecisionExplainer,
|
|
77
|
+
DecisionFactor,
|
|
78
|
+
DecisionType,
|
|
79
|
+
ExplainableDecision,
|
|
80
|
+
ExplainabilityLogger,
|
|
81
|
+
Explanation,
|
|
82
|
+
ExplanationFormat,
|
|
83
|
+
Outcome,
|
|
84
|
+
create_authorization_decision,
|
|
85
|
+
create_budget_decision,
|
|
86
|
+
create_guard_decision,
|
|
87
|
+
create_rate_limit_decision,
|
|
88
|
+
)
|
|
89
|
+
|
|
90
|
+
__all__ = [
|
|
91
|
+
# Events
|
|
92
|
+
"AuditEventData",
|
|
93
|
+
"AuditEventV2",
|
|
94
|
+
"EventType",
|
|
95
|
+
"RedactionConfig",
|
|
96
|
+
"create_authorization_event",
|
|
97
|
+
"redact_sensitive_data",
|
|
98
|
+
"reset_sequence",
|
|
99
|
+
# Hash chain
|
|
100
|
+
"BatchedHashChain",
|
|
101
|
+
"ChainVerificationResult",
|
|
102
|
+
"GENESIS_HASH",
|
|
103
|
+
"HashChain",
|
|
104
|
+
"MerkleBatch",
|
|
105
|
+
"MerkleTree",
|
|
106
|
+
# Logger
|
|
107
|
+
"AuditLogger",
|
|
108
|
+
"InMemoryAuditLogger",
|
|
109
|
+
"LoggerConfig",
|
|
110
|
+
"RotationPolicy",
|
|
111
|
+
# Exporters
|
|
112
|
+
"CallbackExporter",
|
|
113
|
+
"ConsoleExporter",
|
|
114
|
+
"Exporter",
|
|
115
|
+
"FileExporter",
|
|
116
|
+
"MultiExporter",
|
|
117
|
+
"StreamExporter",
|
|
118
|
+
"read_jsonl_events",
|
|
119
|
+
"verify_jsonl_chain",
|
|
120
|
+
# Explainability (CA SB 53 compliance)
|
|
121
|
+
"DecisionExplainer",
|
|
122
|
+
"DecisionFactor",
|
|
123
|
+
"DecisionType",
|
|
124
|
+
"ExplainableDecision",
|
|
125
|
+
"ExplainabilityLogger",
|
|
126
|
+
"Explanation",
|
|
127
|
+
"ExplanationFormat",
|
|
128
|
+
"Outcome",
|
|
129
|
+
"create_authorization_decision",
|
|
130
|
+
"create_budget_decision",
|
|
131
|
+
"create_guard_decision",
|
|
132
|
+
"create_rate_limit_decision",
|
|
133
|
+
]
|