EnforceCore
The runtime enforcement layer for agentic AI systems.
EnforceCore provides mandatory, policy-driven enforcement at every external call boundary for any Python-based agentic system. It ensures that AI agents operate within defined safety constraints โ tool access, PII redaction, cost budgets, rate limits, content rules, and network controls โ with cryptographically verifiable audit trails.
Quick Start
pip install enforcecorefrom enforcecore import enforce
@enforce(policy="policies/strict.yaml")
async def search_web(query: str) -> str:
return await api.search(query)Key Features
| Feature | Description |
|---|---|
| ๐ Policy Enforcement | YAML-defined policies with allow/deny lists, tool gating |
| ๐ต๏ธ PII Redaction | Regex-based detection of emails, phones, SSNs, credit cards, secrets |
| ๐ Merkle Audit Trail | SHA-256 chained, tamper-proof audit logs |
| ๐ฐ Cost & Resource Guard | Budget tracking, time limits, memory limits, kill switch |
| ๐ Network Control | Domain allow/deny lists with wildcard support |
| โก Rate Limiting | Sliding-window per-tool and global rate limits |
| ๐ Framework Integrations | LangChain callback handler, LangGraph, CrewAI, AutoGen adapters |
| ๐ OpenTelemetry | Traces, metrics, and spans for observability |
| ๐งช Evaluation Suite | 26 adversarial scenarios across 11 threat categories + benchmarks |
| ๐ Plugin Ecosystem | Custom guards, redactors, and audit backends via PyPI entry-points |
| ๐ Compliance Reporting | EU AI Act, SOC2, GDPR compliance exports |
| ๐๏ธ Multi-Tenant | Hierarchical policies with tenant-level isolation |
Navigation
- Getting Started โ Installation, first policy, first enforcement
- Architecture โ How EnforceCore works under the hood
- API Reference โ All 58 public API symbols documented
- Plugin System โ Build custom guards and redactors
- Compliance โ Regulatory export guides
- Research โ Vision, related work, and roadmap