Skip to content

Releases: sinewaveai/prooflayer-rules

prooflayer-rules v0.2.0

13 Jun 03:52
@sinewaveai sinewaveai
v0.2.0
8ed36d4

Choose a tag to compare

View all tags
prooflayer-rules v0.2.0 Latest
Latest

prooflayer-rules v0.2.0

Adds first-class LangGraph runtime security, adversarial evals, compliance evidence, structured audit events, five LangGraph examples, documentation, benchmarks, and launch artifacts.

Highlights

  • LangGraph SecurityMiddleware with sync, async, streaming, tool, state, and audit paths
  • Detection for prompt injection, jailbreak, tool abuse, exfiltration, scope drift, state manipulation, and multi-turn attacks
  • Built-in LangGraph adversarial suite plus GARAK and PromptFoo Docker runners
  • Compliance evidence for NIST AI RMF, EU AI Act Articles 13-15, SOC 2 CC6/CC7, and HIPAA Security Rule
  • p99 32.72 ms secured LangGraph invocation benchmark

Verification

  • Full suite: 340 passed, 1 upstream LangGraph warning, 19 subtests passed
  • New-module coverage gate: 93%
  • All five LangGraph examples passed
  • twine check passed for wheel and sdist
  • Fresh wheel install with [langgraph] passed

PyPI upload is pending publish credentials in the release environment.

Assets 4
Loading

v0.1.0 — Initial OSS release

12 May 05:55
@sinewaveai sinewaveai
v0.1.0
0570d76

Choose a tag to compare

View all tags
v0.1.0 — Initial OSS release

Initial open-source release of ProofLayer's runtime rules layer.

Highlights

  • Detection engine — 45 YAML rules across command injection, prompt injection, jailbreaks, and data exfiltration, plus inline entropy and semantic-mismatch heuristics.
  • Runtime wrappingProofLayerRuntime intercepts MCP call_tool invocations and scores them on a 0-100 scale (ALLOW / WARN / BLOCK / KILL).
  • MCP Python SDK support via pip install -e ".[mcp]".
  • HTTP proxy modeprooflayer proxy inspects JSON-RPC tools/call traffic and rejects unsafe calls.
  • CLIprooflayer scan, prooflayer proxy, rule validation, report inspection.
  • Optional detector-assisted scoring — runtime can call a prooflayer-detector service over /v1/detect for model-backed scoring. Rules-only mode is the default; runtime degrades gracefully on detector failure.
  • Reporting — JSON and SARIF reports for blocked or high-risk calls.
  • Examplesexamples/basic/, examples/attack-scenarios/, examples/suse/ (SUSE Multi-Linux Manager integration).
  • 246 tests covering adversarial inputs, fuzz-like random inputs, end-to-end integration, and detector-client behavior.
  • OSS project hygiene — Apache-2.0 LICENSE, SECURITY.md, CODE_OF_CONDUCT.md (Contributor Covenant v2.1), CONTRIBUTING.md.

Notes

  • Public API is alpha — minor versions may introduce breaking changes until 1.0.
  • The commercial ML scoring tier (prooflayer-detector) is a separate offering; this repo is the open rules-only layer plus optional client.

Install

pip install -e .
# with MCP SDK support
pip install -e ".[mcp]"

Links

Loading