Introduction
The runtime enforcement layer for agentic AI systems.
EnforceCore provides mandatory, policy-driven enforcement at every external call boundary for any Python-based agentic system. It ensures that AI agents operate within defined safety constraints โ tool access, PII redaction, cost budgets, rate limits, content rules, and network controls โ with cryptographically verifiable audit trails.
Info: Unlike traditional guardrails that operate on inputs/outputs (LLM-as-a-judge), EnforceCore operates at the runtime level, intercepting function calls and network requests to enforce deterministic policies.
Why EnforceCore?
Agentic systems are non-deterministic by nature. They can hallucinate, call tools with incorrect parameters, or attempt to access restricted resources. EnforceCore mitigates these risks by providing a hard boundary that the agent cannot cross.
- Deterministic Security: Policies are defined in YAML and enforced strictly. No "vibes-based" safety.
- Runtime Protection: Blocks malicious actions before they execute, not after.
- Auditability: Every action is logged in a tamper-proof Merkle chain for compliance.
Key Features
| Feature | Description |
|---|---|
| ๐ Policy Enforcement | YAML-defined policies with allow/deny lists, tool gating, and argument validation. |
| ๐ต๏ธ PII Redaction | Regex-based detection and redaction of sensitive data (emails, phones, SSNs, secrets) before it leaves the boundary. |
| ๐ Merkle Audit Trail | SHA-256 chained logs ensure that audit trails cannot be tampered with, providing a verifiable history of agent actions. |
| ๐ฐ Cost & Resource Guard | Enforce strict budgets on token usage, execution time, and memory consumption. Includes a kill switch for runaway agents. |
| ๐ Network Control | Restrict agent network access to specific domains (allow/deny lists) with wildcard support. |
| โก Rate Limiting | Prevent API abuse with sliding-window rate limits per tool and globally. |
| ๐ Framework Integrations | Native adapters for LangGraph, CrewAI, and AutoGen. |
| ๐ OpenTelemetry | Built-in support for traces, metrics, and spans to integrate with your existing observability stack. |
Next Steps
Ready to secure your agents?
- Quickstart Guide: Install EnforceCore and write your first policy in under 5 minutes.
- Core Concepts: Understand the architecture and security model.
- API Reference: Deep dive into the Python API.