SYSTEM ONLINE
FREE & OPEN SOURCE
v1.0.0
USERS: 0
★ GITHUB STARS: 0
⬡ LOCAL-FIRST · ZERO DATA EXPOSURE · OPEN SOURCE

GUARDIAN RUNTIME

A Python SDK that sits between your AI app and any LLM intercepting every prompt and response to enforce security policies, block data leaks, and detect threats. Everything runs locally.

pip install guardian-runtime VIEW QUICKSTART
$ python -c "from guardian_runtime import GuardianRuntime; gr = GuardianRuntime()"
✓ Guardian Runtime initialized — local-only mode

# Input guard fires automatically
⚠ [PII_DETECTED] Aadhaar number found in prompt — BLOCKED
⚠ [SECRET_DETECTED] OpenAI key sk-proj-... found — BLOCKED
⚠ [JAILBREAK] Instruction override attempt — BLOCKED

# Output guard fires on LLM response
✓ Response clean. Cost: $0.0012 | Tokens: 847 in / 203 out
$
// THE WHY, WHAT & HOW

THE PROBLEM & THE SOLUTION

THE PROBLEM

Data Privacy Black Boxes & Runaway Costs

Developers are building incredible AI applications, but they are often blindly passing raw user data to external APIs. If a user pastes a credit card into a chat, or if a developer accidentally leaves an AWS Key in a prompt, that data is instantly logged in a cloud provider's database.

Worse yet, unrestricted employee access to AI tools is causing massive budgeting crises. Companies are blowing through their annual LLM token budgets in mere months due to developers sending unoptimized, massive context windows and infinite loops to expensive models without oversight.

THE SOLUTION

A Zero-Latency FinOps Firewall

Guardian acts as an invisible shield sitting directly on your own infrastructure. Before a single byte of data reaches OpenAI or Anthropic, Guardian scans, cleans, and optimizes it locally.

Data Security: It uses lightning-fast pattern matching to block PII, secrets, and jailbreaks in milliseconds.

Cost Control: The built-in Token Optimizer actively strips redundant whitespace and bloat from prompts, and strict FinOps rules instantly block requests that exceed your maximum token budgets—stopping runaway spend in its tracks.

// ARCHITECTURE

THE SECURITY PIPELINE

👤
SOURCE
User Input
──▶
🛡
GUARDIAN
Input Guard
──▶
OPTIMIZER
Token Trim
──▶
🤖
TARGET
LLM API
──▶
🔍
GUARDIAN
Output Guard
──▶
CLEAN
Safe Response
EVERY PROMPT IS SCANNED BEFORE IT LEAVES YOUR MACHINE.
EVERY RESPONSE IS VALIDATED BEFORE IT REACHES YOUR USER.
ZERO DATA LEAVES YOUR INFRASTRUCTURE.
// CAPABILITIES

PLATFORM FEATURES

01
🆔
PII Detection
Scans every prompt and response for sensitive personal data before it moves. Native India DPDP Act support — Aadhaar, PAN, UPI IDs. Plus SSN, credit cards, passports, emails, phone numbers.
DPDP Act GDPR HIPAA CCPA
02
🔑
Secret Detection
Two-tier confidence engine catches exposed API keys with high accuracy. Blocks AWS, OpenAI, GitHub, Stripe, and generic KEY=value patterns. Never leaks credentials to an LLM.
OpenAI AWS GitHub
03
🏴‍☠️
Jailbreak Defense
Pattern-matched detection for DAN variants, instruction overrides, role-play injections, encoding tricks, and system prompt extraction attempts. Zero latency validation.
DAN Injection Role-play
04
💸
Token Optimizer
Automatically trims redundant tokens, conversational filler, and excessive whitespace from prompts before they hit the LLM. Reduces your API bills by 30-70% with zero semantic loss.
Token Reduction Cost Savings
05
📄
Document Converter
Safely extracts text from massive PDFs and Docx files. Strips out token-heavy layout junk and invisible formatting, converting heavy documents into pure, LLM-friendly Markdown for RAG pipelines.
PDF Extraction RAG Prep
06
🌍
FinOps & Local Proxy
Real-time token counting and cost estimation per session. A built-in proxy server lets you intercept traffic from any tool (Cursor, Claude Code) without modifying their source code.
Cost Tracking HTTP Proxy
// DEPLOY IN MINUTES

QUICKSTART

01
Install
Zero external dependencies for core detection. Optional extras for proxy and dashboard.
pip install guardian-runtime
02
Wrap your LLM call
Drop Guardian between your app and any LLM. One import, one object, fully governed calls.
from guardian_runtime import GuardianRuntime

gr = GuardianRuntime()

# Your normal LLM call — now governed
response = gr.complete(
  model="gpt-4o",
  messages=[{"role": "user", "content": user_input}]
)

# response.blocked → True if threat detected
# response.violations → list of what was caught
# response.estimated_cost_usd → spend this call
03
Configure your policy (optional)
Declarative YAML. Per-agent rules. Enable only what you need.
version: "1.0"
agents:
  default:
    input_guard:
      pii_detection: true
      secret_detection: true
      jailbreak_detection: true
    output_guard:
      pii_detection: true
    cost:
      max_input_tokens: 4000
      session_budget_usd: 1.00
04
Use the CLI Tools
Guardian comes with built-in terminal tools for management and local logging.
# Initialize local log directories (~/.guardian_runtime/logs)
guardian_runtime init

# Check system status and token usage stats
guardian_runtime status

# Tail live security threat logs
guardian_runtime logs --tail

# Start the local interception proxy
guardian_runtime proxy --port 8080
05
Or use the scan API directly
For simpler use-cases — scan text without the full engine.
from guardian_runtime import scan_pii, scan_secrets

result = scan_pii("My Aadhaar is 0123 xxxx xxxx")
# result.blocked → True
# result.type → AADHAAR
# result.severity → HIGH

result = scan_secrets("key = sk-proj-abc123...")
# result.blocked → True
# result.type → OPENAI_KEY
// INTEGRATION GUIDES

HOW TO USE GUARDIAN

01
Custom Python Apps (Chatbots, RAG)
If you are building your own AI application in Python, use the SDK directly. This gives you full programmatic control over policies and error handling.
# 1. Install the package
pip install guardian-runtime

# 2. In your code, wrap your LLM calls
from guardian_runtime import GuardianRuntime
gr = GuardianRuntime.from_policy("policy.yaml")

# Instead of calling OpenAI/Anthropic directly:
response = gr.complete(
  messages=[{"role": "user", "content": "My SSN is 123-45-6789"}]
)

# Guardian intercepts and blocks the PII locally!
02
Claude Code & CLI Assistants
For CLI tools like Anthropic's Claude Code or Aider, you can't edit their source code. Instead, use Guardian's built-in Local Proxy to intercept their network requests.
# 1. Install Guardian and start the Proxy
pip install guardian-runtime
guardian_runtime proxy --port 8080

# 2. Open a new terminal and tell Claude to use the proxy
export ANTHROPIC_BASE_URL=http://localhost:8080
claude

# Now, if Claude tries to read a .env file and send your AWS keys,
# the local proxy blocks the HTTP request instantly!
03
Cursor IDE & Code Editors
Prevent accidental leaks of proprietary company secrets or customer PII when using Cursor's AI Chat and Composer features.
# 1. Start the proxy in your background terminal
pip install guardian-runtime
guardian_runtime proxy --port 8080

# 2. Configure Cursor Settings
- Open Cursor Settings (Cmd+,)
- Go to Models > Override Base URL
- Set it to: http://localhost:8080

# Every Cmd+K or chat prompt is now scanned locally.
# If you paste a customer's credit card, Cursor will show a
# local error instead of sending it to the cloud.
04
Document Analysis (RAG Pipelines)
If you process large PDFs or Word documents for RAG, they often contain massive amounts of formatting bloat and hidden PII. Use the Document Converter to clean and compress them before the LLM sees them.
# Convert heavy files into clean, token-efficient Markdown
from guardian_runtime import convert_document

doc = convert_document("financial_report.pdf")

# You get pure Markdown with all layout junk removed:
print(doc.token_count) # See exactly how much context it uses
print(doc.content) # Feed this clean text directly to your RAG
05
Agentic Frameworks (LangChain / AutoGen)
Building autonomous agents? Guardian acts as a security middleware for any standard LLM client. Simply override the base URL or wrap your chain's LLM node.
# LangChain Example
from langchain_openai import ChatOpenAI

# Start Guardian Proxy on port 8080, then point LangChain to it:
llm = ChatOpenAI(
  model="gpt-4o",
  base_url="http://localhost:8080"
)

# The agent's chain will now be intercepted locally at every step.
DEPLOY IN 60 SECONDS
// FREE · OPEN SOURCE · LOCAL-FIRST · MIT LICENSE
⬡ GITHUB REPO READ THE DOCS