safentic 1.0.4__py3-none-any.whl → 1.0.6__py3-none-any.whl

safentic-1.0.6.dist-info/RECORD

@@ -0,0 +1,29 @@
+safentic/__init__.py,sha256=_S_ZZOxnil8pAhm_6HwT0x1yZ4zzIJjeMzmDEknEHF8,141
+safentic/config.py,sha256=222VKyCkRYQ_WgoKTcXsIgHQJIgHGyCb0jmD305pOKM,88
+safentic/decorators.py,sha256=Tg-kmMJLCT_2sx9FMArIm7otvi1unNYfcX1zMkXwO14,1547
+safentic/layer.py,sha256=6VfY9OQYynRL0pYAS1heUNZz0zdwQ8Ot3p9mFMRvBjg,3120
+safentic/policy_enforcer.py,sha256=9lc4R5zu7VOKBEGp3paG5-iwHxU-_43UVuyFR0k1J1Y,4075
+safentic/policy_engine.py,sha256=t7eUdYuRtJKyibrjzSkNsBuswlLeMgjnIzT7CmNhZ2I,5326
+safentic/_internal/errors.py,sha256=NdP79QIqgqaiMD_iIlNNoYRHYXLTwwfEvWnKZ3qGDN4,717
+safentic/adapters/mcp_adapter.py,sha256=C4gUzUg9wv6ToNhCho2kNBlyPDHnlQhoQIASUfRc1Ks,1389
+safentic/cli/__init__.py,sha256=TxVn7Qjs3VBg36A_3dasco_AQPZtK4HebdViKMirE8U,49
+safentic/cli/main.py,sha256=G595Yv15Q22akVXUSCNNoAi7OwrslZ-26Wouq1lBJTQ,5041
+safentic/cli/utils.py,sha256=mmCaWwIcG5_IPxmaK9kuwWrSpYoHsJ4iofhyREhOfgQ,5686
+safentic/cli/commands/check_tool.py,sha256=yh8p_jPVPwifaiH0X6kBFJO7jxO_vB8333lctrAqLts,1446
+safentic/cli/commands/logs.py,sha256=t-dqCJ_wQz8XgF2sdamHxM2JEknCKQyYa3FkJE8xvlI,2015
+safentic/cli/commands/validate_policy.py,sha256=7khzBJkOMBOqRDHCSGfqrR_udo_RmZRdSlPih5oEtgg,2062
+safentic/helper/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+safentic/helper/helper.py,sha256=eLJE2GNc7-GSxotFClCUHugdTSgu0zS7EEXITWlVZd0,7030
+safentic/logger/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+safentic/logger/audit.py,sha256=KeV1UyIlxfThZUxN2dEYms62oCncxdeeomJRYeAJo1Y,6295
+safentic/verifiers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+safentic/verifiers/llm_verifier.py,sha256=y6C9UexB2jIqHeCD8uLlDYFMYdmbEU7C4BQdgB8WD0s,7887
+safentic-1.0.6.dist-info/licenses/LICENSE.txt,sha256=Gs_ZO2z7NQDNRexLzkWeWuqynX6MQ3-SbtT48VnvxqE,2294
+safentic_poc/backend/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+safentic_poc/backend/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+safentic_poc/backend/api/main.py,sha256=bSGR-A1I8uY52lDpZMuGwGIP2BRyspIo0MrpWofjo-I,5289
+safentic-1.0.6.dist-info/METADATA,sha256=OE7j17bbaqzVJkRjLjxcWTWL1zQ80PCLIfZgKbvEgjo,5723
+safentic-1.0.6.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+safentic-1.0.6.dist-info/entry_points.txt,sha256=yqTSD1j6ayKd6YH5olWoOuvbCjUWyClOKmHEtuWYARk,52
+safentic-1.0.6.dist-info/top_level.txt,sha256=Ft3UUfii2QowOYyn_wSVd28KH9U9hEg7WyqR8p2lY0s,22
+safentic-1.0.6.dist-info/RECORD,,

{safentic-1.0.4.dist-info → safentic-1.0.6.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (80.3.1)
+Generator: setuptools (80.9.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

safentic-1.0.6.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+safentic = safentic.cli.main:main

{safentic → safentic-1.0.6.dist-info/licenses}/LICENSE.txt

@@ -1,36 +1,36 @@
-Safentic SDK Commercial License Agreement
-=========================================
-
-IMPORTANT – READ CAREFULLY:
-
-This license governs the use of the Safentic SDK (“Software”) developed and owned by Safentic. By installing or using this Software, you (“Licensee”) agree to the following terms and conditions:
-
-1. GRANT OF LICENSE  
-   Licensor grants Licensee a non-exclusive, non-transferable, non-sublicensable license to use the Software solely for internal business purposes and only in accordance with the terms of the commercial agreement executed between the parties. This license may include limited evaluation rights, subject to expiration or usage restrictions.
-
-2. RESTRICTIONS  
-   Licensee shall NOT:  
-   - Use the Software without a valid, active license key or subscription.  
-   - Reverse engineer, decompile, or disassemble the Software.  
-   - Modify, copy, or create derivative works based on the Software.  
-   - Distribute, sublicense, lease, or otherwise make the Software available to any third party.  
-   - Circumvent or attempt to disable any license verification, telemetry, or access control mechanisms.
-
-3. OWNERSHIP  
-   The Software is licensed, not sold. Safentic retains all rights, title, and interest in and to the Software, including all intellectual property rights.
-
-4. TERMINATION  
-   This license is effective until terminated. It will terminate automatically without notice if Licensee breaches any term of this agreement. Upon termination, Licensee must cease all use and destroy all copies of the Software.
-
-5. NO WARRANTY  
-   The Software is provided "as is" without warranty of any kind. Licensor disclaims all warranties, express or implied, including but not limited to warranties of merchantability and fitness for a particular purpose.
-
-6. LIMITATION OF LIABILITY  
-   In no event shall Licensor be liable for any damages arising out of the use or inability to use the Software, including but not limited to incidental, special, or consequential damages.
-
-7. GOVERNING LAW  
-   This agreement shall be governed by and construed in accordance with the laws of Ireland, without regard to its conflict of law principles.
-
-For licensing inquiries, please contact: contact@safentic.com
-
-Copyright © 2025, Safentic. All rights reserved.
+Safentic SDK Commercial License Agreement
+=========================================
+
+IMPORTANT – READ CAREFULLY:
+
+This license governs the use of the Safentic SDK (“Software”) developed and owned by Safentic. By installing or using this Software, you (“Licensee”) agree to the following terms and conditions:
+
+1. GRANT OF LICENSE  
+   Licensor grants Licensee a non-exclusive, non-transferable, non-sublicensable license to use the Software solely for internal business purposes and only in accordance with the terms of the commercial agreement executed between the parties. This license may include limited evaluation rights, subject to expiration or usage restrictions.
+
+2. RESTRICTIONS  
+   Licensee shall NOT:  
+   - Use the Software without a valid, active license key or subscription.  
+   - Reverse engineer, decompile, or disassemble the Software.  
+   - Modify, copy, or create derivative works based on the Software.  
+   - Distribute, sublicense, lease, or otherwise make the Software available to any third party.  
+   - Circumvent or attempt to disable any license verification, telemetry, or access control mechanisms.
+
+3. OWNERSHIP  
+   The Software is licensed, not sold. Safentic retains all rights, title, and interest in and to the Software, including all intellectual property rights.
+
+4. TERMINATION  
+   This license is effective until terminated. It will terminate automatically without notice if Licensee breaches any term of this agreement. Upon termination, Licensee must cease all use and destroy all copies of the Software.
+
+5. NO WARRANTY  
+   The Software is provided "as is" without warranty of any kind. Licensor disclaims all warranties, express or implied, including but not limited to warranties of merchantability and fitness for a particular purpose.
+
+6. LIMITATION OF LIABILITY  
+   In no event shall Licensor be liable for any damages arising out of the use or inability to use the Software, including but not limited to incidental, special, or consequential damages.
+
+7. GOVERNING LAW  
+   This agreement shall be governed by and construed in accordance with the laws of Ireland, without regard to its conflict of law principles.
+
+For licensing inquiries, please contact: contact@safentic.com
+
+Copyright © 2025, Safentic. All rights reserved.

safentic-1.0.6.dist-info/top_level.txt

@@ -0,0 +1,2 @@
+safentic
+safentic_poc

safentic_poc/backend/api/main.py

@@ -0,0 +1,164 @@
+from fastapi import FastAPI, HTTPException
+from fastapi.middleware.cors import CORSMiddleware
+from pydantic import BaseModel, Field
+from typing import Any, Optional, List
+import os, json
+from time import perf_counter
+from pathlib import Path
+from dotenv import load_dotenv  # make sure python-dotenv is installed
+
+# Internal SDK imports (OK for first-party POC)
+from safentic.policy_engine import PolicyEngine
+from safentic.policy_enforcer import PolicyEnforcer
+from safentic.logger.audit import AuditLogger
+from safentic._internal.errors import SafenticError
+
+# -------- Load .env --------
+# backend/api/main.py → go up 2 levels to reach safentic_poc/backend/.env
+BACKEND_ROOT = Path(__file__).resolve().parents[1]
+REPO_ROOT = Path(__file__).resolve().parents[3]
+load_dotenv(BACKEND_ROOT / ".env")
+
+def resolve_path(env_var: str, default_rel: str) -> str:
+    """
+    Resolve a path from an env var or fall back to a repo-relative default.
+    If env var is absolute, return as-is.
+    """
+    val = os.getenv(env_var)
+    if val:
+        return str((REPO_ROOT / val).resolve()) if not os.path.isabs(val) else val
+    return str((REPO_ROOT / default_rel).resolve())
+
+# -------- Config --------
+FE_ORIGIN = os.getenv("FE_ORIGIN", "http://localhost:3000")
+POLICY_PATH = resolve_path("SAFENTIC_POLICY_PATH", "config/policy.yaml")
+
+# Default: use JSON logs under safentic_poc/safentic/logs/json_logs
+AUDIT_LOG_PATH = resolve_path(
+    "SAFENTIC_AUDIT_LOG",
+    "safentic_poc/backend/safentic/logs/json_logs/safentic_audit.jsonl",
+)
+
+print("ENV says:", os.getenv("SAFENTIC_AUDIT_LOG"))
+print("Resolved AUDIT_LOG_PATH:", AUDIT_LOG_PATH)
+
+# -------- App & CORS --------
+app = FastAPI(title="Safentic POC API")
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=[FE_ORIGIN],
+    allow_credentials=False,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+# -------- Instantiate engine/enforcer/logger --------
+engine = PolicyEngine(policy_path=POLICY_PATH)
+enforcer = PolicyEnforcer(policy_engine=engine)
+logger = AuditLogger()
+
+# -------- Schemas --------
+class Options(BaseModel):
+    dry_run: bool = False
+    no_llm: bool = False
+
+class EnforceRequest(BaseModel):
+    tool_name: str
+    agent_id: str = Field(default="fe-demo")
+    input: dict[str, Any] = Field(default_factory=dict)
+    options: Options = Options()
+
+class EnforceResponse(BaseModel):
+    allowed: bool
+    reason: str
+    violation: Optional[dict] = None
+    agent_state: Optional[dict] = None
+    rule_id: Optional[str] = None
+    took_ms: int
+
+class LogEntry(BaseModel):
+    ts: str
+    agent_id: str
+    tool: str
+    allowed: bool
+    reason: Optional[str] = None
+    rule_id: Optional[str] = None
+
+class LogTailResponse(BaseModel):
+    items: List[LogEntry]
+
+# -------- Routes --------
+@app.get("/api/health")
+def health():
+    return {"status": "ok"}
+
+@app.post("/api/enforce", response_model=EnforceResponse)
+def enforce(req: EnforceRequest):
+    if hasattr(enforcer, "reset"):
+        try:
+            enforcer.reset(req.agent_id)
+        except Exception:
+            pass
+
+    t0 = perf_counter()
+    try:
+        result = enforcer.enforce(req.agent_id, req.tool_name, req.input)
+    except SafenticError as e:
+        raise HTTPException(status_code=400, detail=str(e))
+    except ValueError as e:
+        raise HTTPException(status_code=400, detail=str(e))
+
+    took_ms = int((perf_counter() - t0) * 1000)
+
+    try:
+        logger.log(
+            agent_id=req.agent_id,
+            tool=req.tool_name,
+            allowed=bool(result.get("allowed", False)),
+            reason=result.get("reason"),
+            rule_id=result.get("rule_id"),
+        )
+    except Exception:
+        pass
+
+    return {
+        "allowed": bool(result.get("allowed")),
+        "reason": result.get("reason", ""),
+        "violation": result.get("violation"),
+        "agent_state": result.get("agent_state"),
+        "rule_id": result.get("rule_id"),
+        "took_ms": took_ms,
+    }
+
+@app.get("/api/logs/tail", response_model=LogTailResponse)
+def logs_tail(limit: int = 100):
+    items: List[LogEntry] = []
+    try:
+        print(f"Audit log path: {AUDIT_LOG_PATH}")
+        if os.path.exists(AUDIT_LOG_PATH):
+            with open(AUDIT_LOG_PATH, "r") as f:
+                lines = f.readlines()[-limit:]
+            print(f"Read {len(lines)} lines from {AUDIT_LOG_PATH}")
+            for ln in lines:
+                ln = ln.strip()
+                if not ln:
+                    continue
+                try:
+                    j = json.loads(ln)
+                    items.append(LogEntry(
+                        ts=j.get("timestamp") or j.get("ts") or "",
+                        agent_id=j.get("agent_id") or "",
+                        tool=j.get("tool") or "",
+                        allowed=bool(j.get("allowed", False)),
+                        reason=j.get("reason"),
+                        rule_id=j.get("rule_id") or j.get("extra", {}).get("rule"),
+                    ))
+                except Exception:
+                    print(f"Failed to parse log line: {ln}")
+                    continue
+        else:
+            print(f"Audit log file does not exist: {AUDIT_LOG_PATH}")
+    except Exception as e:
+        print(f"Failed to read audit log: {e}")
+        items = []
+    return {"items": items}

safentic/engine.py

@@ -1,80 +0,0 @@
-from .policy import PolicyEngine
-from .logger.audit import AuditLogger
-
-class PolicyEnforcer():
-    """
-    Runtime wrapper to evaluate and enforce tool usage policies.
-    Tracks agent-specific violations and supports audit logging.
-    """
-
-    def __init__(self, policy_engine: PolicyEngine = None):
-        self.policy_engine = policy_engine or PolicyEngine()
-        self.agent_states = {}
-        self.audit_logger = AuditLogger()
-
-    def enforce(self, agent_id: str, tool_name: str, tool_args: dict) -> dict:
-        """
-        Evaluates a tool action for a given agent.
-        Returns a dict with 'allowed', 'reason', and agent state metadata.
-        """
-        state = self.agent_states.setdefault(agent_id, {
-            "blocked_tools": set(),
-            "violation_count": 0,
-            "last_violation": None
-        })
-
-        # Block repeat attempts to use already-denied tool
-        if tool_name in state["blocked_tools"]:
-            reason = "Tool previously blocked for this agent."
-            self.audit_logger.log(
-                agent_id=agent_id,
-                tool=tool_name,
-                allowed=False,
-                reason=reason
-            )
-            return self._deny(tool_name, state, reason)
-
-        # Run policy evaluation
-        violation = self.policy_engine.evaluate_policy(tool_name, tool_args)
-
-        if violation:
-            state["blocked_tools"].add(tool_name)
-            state["violation_count"] += 1
-            state["last_violation"] = violation
-            self.audit_logger.log(
-                agent_id=agent_id,
-                tool=tool_name,
-                allowed=False,
-                reason=violation
-            )
-            return self._deny(tool_name, state, violation)
-
-        # Log allowed action
-        self.audit_logger.log(
-            agent_id=agent_id,
-            tool=tool_name,
-            allowed=True
-        )
-
-        return {
-            "allowed": True,
-            "reason": "Action permitted",
-            "agent_state": state
-        }
-
-    def reset(self, agent_id: str = None):
-        """
-        Clears violation state for one agent or all agents.
-        """
-        if agent_id:
-            self.agent_states.pop(agent_id, None)
-        else:
-            self.agent_states.clear()
-
-    def _deny(self, tool_name: str, state: dict, reason: str) -> dict:
-        return {
-            "allowed": False,
-            "reason": reason,
-            "tool": tool_name,
-            "agent_state": state
-        }

safentic/helper/auth.py

@@ -1,12 +0,0 @@
-import requests
-from ..config import *
-
-def validate_api_key(key: str) -> dict:
-    try:
-        response = requests.post(BASE_API_PATH + API_KEY_ENDPOINT, json={"api_key": key})
-        if response.status_code != 200:
-            return {"valid": False}
-        data = response.json()
-        return {"valid": True, **data}
-    except Exception:
-        return {"valid": False}

safentic/policies/__init__.py

@@ -1,3 +0,0 @@
-from ..layer import SafetyLayer, SafenticError
-
-__version__ = "0.1"

safentic/policies/example_policy.txt

@@ -1,33 +0,0 @@
-Standard Refund Policy
-
-Last Updated: February 1, 2025
-
-1. Overview
-At XYZ, we strive to ensure your complete satisfaction with our platform. If you are not entirely happy with your purchase, you may be eligible for a refund as described below.
-
-2. Eligibility
-- Monthly Subscriptions: You may request a full refund within 30 days of your initial subscription charge.
-- Annual Subscriptions: You may request a pro-rated refund (the remaining unused portion of your term) within 30 days of your initial annual subscription charge.
-- One-Time Purchases and Credits: Refunds on one-time feature purchases or in-app credits are handled on a case-by-case basis and must be requested within 14 days of purchase.
-
-3. How to Request a Refund
-1. Log in to your XYZ account at https://app.XYZ.ai.
-2. Go to Settings -> Billing -> Refunds.
-3. Select the transaction you wish to refund and click Request Refund.
-4. In the "Reason" field, briefly describe why you are requesting a refund.
-5. Submit your request. You will receive an email confirmation within one business day.
-
-4. Processing Time
-- Refunds for credit-card or PayPal payments will be credited back to your original payment method within 5-7 business days after approval.
-- In-app credits or wallet balances will be restored within 24 hours of approval.
-
-5. Exceptions and Limitations
-- No refunds will be issued for subscription renewals after the initial 30-day period.
-- Promotional, gift, or trial subscriptions are non-refundable.
-- Refund requests made more than 30 days after the initial charge are subject to review and may be denied.
-- We reserve the right to refuse a refund if we suspect abuse of the refund policy.
-
-6. Contact Us
-If you have any questions or need assistance, please contact our Support Team at support@XYZ.ai or via the in-app chat.
-
-Thank you for choosing XYZ! We appreciate your business and are committed to delivering a great experience.

safentic/policies/policy.yaml

@@ -1,49 +0,0 @@
-tools:
-  send_email:
-    checks:
-      - type: deny_phrase
-        phrases:
-          - "one device per subscription"
-          - "24 hours"
-          - "apology"
-          - "apologize"
-          - "sorry"
-          - "refund"
-          - "refund delay"
-      - type: semantic
-        trigger_phrases:
-          - "refund policy"
-          - "guarantee"
-          - "our policy"
-        reference_file: "example_policy.txt"
-
-  issue_refund:
-    checks:
-      - type: deny_phrase
-        phrases:
-          - "refund"
-          - "refunding"
-          - "issue refund"
-          - "send refund"
-          - "credit customer"
-          - "reverse charge"
-          - "double charge"
-          - "processed refund"
-          - "grant compensation"
-          - "money back"
-      - type: semantic
-        trigger_phrases:
-          - "we've sent your refund"
-          - "your money is on the way"
-        reference_file: "refund_statement.txt"
-
-  update_ticket:
-    checks: []  # Explicitly allow all
-
-  log_to_crm:
-    checks: []  # Explicitly allow all
-
-logging:
-  level: INFO
-  destination: "safentic/logs/txt_logs/safentic_audit.log"
-  jsonl: "safentic/logs/json_logs/safentic_audit.jsonl"

safentic/policy.py

@@ -1,106 +0,0 @@
-import os
-import yaml
-from typing import Optional
-from .verifiers.sentence_verifier import SentenceTransformerVerifier
-from .logger.audit import AuditLogger
-
-
-class PolicyEngine:
-    """
-    Evaluates whether a given tool action complies with safety policies.
-    Uses rule types such as deny_phrase and semantic checks.
-    """
-
-    VALID_RULE_TYPES = {"deny_phrase", "semantic"}
-
-    def __init__(
-        self,
-        policy_path: Optional[str] = None,
-        policy_base_dir: Optional[str] = None
-    ):
-        self.base_dir = policy_base_dir or os.path.dirname(__file__)
-        policy_path = policy_path or os.path.join(self.base_dir, "policies", "policy.yaml")
-
-        with open(policy_path, encoding="utf-8") as f:
-            self.policy_cfg = yaml.safe_load(f)
-
-        self.verifier = SentenceTransformerVerifier(
-            model_name="all-MiniLM-L6-v2",
-            low_threshold=0.50,
-            high_threshold=0.75,
-        )
-
-        self.audit_logger = AuditLogger()
-
-    def _load_reference_text(self, filename: str) -> str:
-        path = os.path.join(self.base_dir, "policies", filename)
-        with open(path, encoding="utf-8") as f:
-            return f.read().strip().lower()
-
-    def evaluate_policy(self, tool_name: str, args: dict, agent_id: str = "unknown") -> Optional[str]:
-        """
-        Returns None if allowed, or a string reason if blocked.
-        Supports modular rule types per tool.
-        """
-        tool_rules = self.policy_cfg.get("tools", {}).get(tool_name)
-        if not tool_rules:
-            return None  # No policy = allow
-
-        text = (args.get("body") or args.get("note") or "").strip().lower()
-        if not text:
-            return None  # Empty input = allow
-
-        for check in tool_rules.get("checks", []):
-            rule_type = check.get("type")
-
-            if rule_type not in self.VALID_RULE_TYPES:
-                warning = f"Unknown rule type in policy: '{rule_type}' for tool: '{tool_name}'"
-                self.audit_logger.log(
-                    agent_id=agent_id,
-                    tool=tool_name,
-                    allowed=True,
-                    reason=warning
-                )
-                continue
-
-            if rule_type == "deny_phrase":
-                for phrase in check.get("phrases", []):
-                    if phrase.lower() in text:
-                        reason = f"Blocked: matched deny phrase “{phrase}”"
-                        self.audit_logger.log(
-                            agent_id=agent_id,
-                            tool=tool_name,
-                            allowed=False,
-                            reason=reason
-                        )
-                        return reason
-
-            elif rule_type == "semantic":
-                trigger_phrases = [p.lower() for p in check.get("trigger_phrases", [])]
-                if any(p in text for p in trigger_phrases):
-                    reference_file = check.get("reference_file")
-                    if not reference_file:
-                        continue
-
-                    reference_text = self._load_reference_text(reference_file)
-                    decision = self.verifier.decision(candidate=text, official=reference_text)
-
-                    if decision == "block":
-                        explanation = self.verifier.explain(candidate=text, official=reference_text)
-                        reason = f"Blocked by semantic check: {explanation}"
-                        self.audit_logger.log(
-                            agent_id=agent_id,
-                            tool=tool_name,
-                            allowed=False,
-                            reason=reason
-                        )
-                        return reason
-
-                    self.audit_logger.log(
-                        agent_id=agent_id,
-                        tool=tool_name,
-                        allowed=True,
-                        reason=f"Semantic decision: {decision}"
-                    )
-
-        return None

safentic/verifiers/sentence_verifier.py

@@ -1,69 +0,0 @@
-from sentence_transformers import SentenceTransformer, util
-from ..logger.audit import AuditLogger
-
-
-class SentenceTransformerVerifier:
-    """
-    Verifies whether a candidate text is semantically aligned with an official policy text.
-    Uses cosine similarity thresholds to decide: allow, verify, or block.
-    """
-
-    def __init__(
-        self,
-        model_name: str = "all-MiniLM-L6-v2",
-        low_threshold: float = 0.50,
-        high_threshold: float = 0.75,
-    ):
-        self.embedder = SentenceTransformer(model_name)
-        self.low = low_threshold
-        self.high = high_threshold
-        self.logger = AuditLogger()
-
-    def similarity(self, a: str, b: str) -> float:
-        """
-        Computes cosine similarity between two strings.
-        """
-        vecs = self.embedder.encode([a, b], convert_to_tensor=True)
-        return util.cos_sim(vecs[0], vecs[1]).item()
-
-    def decision(self, candidate: str, official: str, agent_id: str = "semantic-check") -> str:
-        """
-        Returns one of: "allow", "verify", or "block"
-        based on similarity thresholds.
-        Also logs the similarity score and decision.
-        """
-        score = self.similarity(candidate, official)
-
-        if score >= self.high:
-            result = "allow"
-        elif score <= self.low:
-            result = "block"
-        else:
-            result = "verify"
-
-        self.logger.log(
-            agent_id=agent_id,
-            tool="semantic_policy_check",
-            allowed=(result != "block"),
-            reason=f"Semantic decision: {result} (score={score:.2f})"
-        )
-
-        return result
-
-    def explain(self, candidate: str, official: str, agent_id: str = "semantic-check") -> str:
-        """
-        Returns a debug-friendly explanation string including the similarity score.
-        Also logs it to structured audit log for traceability.
-        """
-        score = self.similarity(candidate, official)
-        explanation = f"Semantic similarity = {score:.2f} (low={self.low}, high={self.high})"
-
-        # Structured debug logging (allowed=True since it’s informational)
-        self.logger.log(
-            agent_id=agent_id,
-            tool="semantic_policy_check",
-            allowed=True,
-            reason=explanation
-        )
-
-        return explanation