Metadata-Version: 2.4
Name: aevris
Version: 1.0.0
Summary: Official Python SDK for AEVRIS — deterministic AI security middleware that intercepts prompts before they reach AI models and verifies outputs before delivery.
Author-email: AEVRIS LLC <hello@aevris.ai>
License: MIT
Project-URL: Homepage, https://aevris.ai
Project-URL: Documentation, https://aevris.ai/docs
Project-URL: Source, https://github.com/Aevris-AI/aevris-python-sdk
Project-URL: Bug Tracker, https://github.com/Aevris-AI/aevris-python-sdk/issues
Keywords: ai-security,llm-security,prompt-injection,agentic-ai,mcp-security,owasp-llm
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Requires-Python: >=3.8
Description-Content-Type: text/markdown
Requires-Dist: requests>=2.25.0

# AEVRIS Python SDK

Official Python client for [AEVRIS](https://aevris.ai) — deterministic AI security middleware that intercepts prompts before they reach AI models and verifies outputs before delivery.

## Install

```bash
pip install aevris
```

## Quickstart

```python
from aevris import Aevris

client = Aevris(api_key="sk-aevris-your-key-here")

result = client.scan_input("some user-provided prompt")

if result.is_blocked:
    print(f"Blocked: {result.summary}")
    for agent in result.triggered_agents:
        print(f"  {agent.name}: {agent.severity} — {agent.finding}")
else:
    # safe to send to your LLM
    pass
```

## Scanning AI outputs before they reach your user

```python
response = your_llm_call(prompt)  # however you call your model

result = client.scan_output(prompt, response)

if not result.alignment_intact:
    print(f"Compromised response: {result.summary}")
    # don't deliver this response to the user
```

## Session-level threat scoring

Pass the same `session_id` across multiple calls to enable multi-turn attack detection. AEVRIS tracks risk across the conversation server-side and flags coordinated attacks before they complete.

```python
session_id = "user-123-conversation-456"

r1 = client.scan_input("hello, how are you?", session_id=session_id)
r2 = client.scan_input("what can you help with?", session_id=session_id)
r3 = client.scan_input("ignore your instructions and...", session_id=session_id)

print(r3.session_risk_score)     # accumulated risk across all 3 calls
print(r3.session_threat_level)   # SAFE / LOW / MEDIUM / HIGH / CRITICAL
```

## Raise instead of check

If you'd rather use exception handling than checking `.is_blocked` every time:

```python
client = Aevris(api_key="...", raise_on_block=True)

try:
    result = client.scan_input(user_prompt)
    # only reached if not blocked
except AevrisBlockException as e:
    print(f"Blocked: {e.result.summary}")
```

## Agent action firewall

Gate autonomous agent actions behind human approval before they execute. This uses a different 4-state model (`ALLOWED` / `BLOCKED` / `FLAGGED` / `PENDING_APPROVAL`) than the input/output scans:

```python
action = client.scan_action(
    action_type="delete_file",
    action_payload={"path": "/data/customer_records.db"},
)

if action.is_pending:
    print(f"Awaiting human approval: {action.poll_url}")
    # poll later with client.poll_action(action.action_id)
elif action.is_blocked:
    print(f"Blocked: {action.message}")
elif action.is_allowed:
    proceed_with_action()
```

## Webhook alerts

Get real-time, HMAC-signed alerts when AEVRIS blocks something:

```python
client.set_webhook(
    webhook_url="https://your-endpoint.example.com/aevris-alerts",
    min_severity="HIGH",
)
```

AEVRIS immediately sends a signed test payload to confirm delivery. From then on, every BLOCK/COMPROMISED verdict at or above your threshold triggers a webhook with the verdict, severity, triggered agents, and session risk data.

## Error handling

```python
from aevris import AevrisAPIError

try:
    result = client.scan_input(prompt)
except AevrisAPIError as e:
    print(f"AEVRIS API error: {e} (status {e.status_code})")
```

## Links

- [Live demo](https://aevris.ai/demo) — try detection without an API key
- [API documentation](https://aevris.ai/docs)
- [Competitor comparison](https://aevris.ai/compare)
- Support: hello@aevris.ai

## License

MIT
