Metadata-Version: 2.4
Name: mortgage-ai-guardrails
Version: 1.0.0
Summary: The open standard for safe, fair, and auditable AI in mortgage lending
Project-URL: Homepage, https://github.com/FintorAI/mortgage-ai-guardrails
Project-URL: Documentation, https://github.com/FintorAI/mortgage-ai-guardrails/tree/main/docs
Project-URL: Repository, https://github.com/FintorAI/mortgage-ai-guardrails
Project-URL: Issues, https://github.com/FintorAI/mortgage-ai-guardrails/issues
Author: Mortgage AI Guardrails Contributors
License-Expression: Apache-2.0
Keywords: ai-safety,compliance,guardrails,mortgage,responsible-ai
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Office/Business :: Financial
Classifier: Topic :: Security
Classifier: Typing :: Typed
Requires-Python: >=3.11
Requires-Dist: any-guardrail>=0.1.0
Requires-Dist: pydantic>=2.0
Requires-Dist: pynacl>=1.5.0
Requires-Dist: rich>=13.0
Requires-Dist: ruamel-yaml>=0.18.0
Provides-Extra: all
Requires-Dist: anthropic>=0.30; extra == 'all'
Requires-Dist: google-generativeai>=0.5; extra == 'all'
Requires-Dist: mypy>=1.10; extra == 'all'
Requires-Dist: openai>=1.0; extra == 'all'
Requires-Dist: pytest-asyncio>=0.23; extra == 'all'
Requires-Dist: pytest-cov>=5.0; extra == 'all'
Requires-Dist: pytest>=8.0; extra == 'all'
Requires-Dist: python-dotenv>=1.0; extra == 'all'
Requires-Dist: ruff>=0.5; extra == 'all'
Provides-Extra: anthropic
Requires-Dist: anthropic>=0.30; extra == 'anthropic'
Provides-Extra: dev
Requires-Dist: mypy>=1.10; extra == 'dev'
Requires-Dist: pytest-asyncio>=0.23; extra == 'dev'
Requires-Dist: pytest-cov>=5.0; extra == 'dev'
Requires-Dist: pytest>=8.0; extra == 'dev'
Requires-Dist: ruff>=0.5; extra == 'dev'
Provides-Extra: google
Requires-Dist: google-adk>=0.1; extra == 'google'
Provides-Extra: langgraph
Requires-Dist: langgraph>=0.2; extra == 'langgraph'
Provides-Extra: live
Requires-Dist: anthropic>=0.30; extra == 'live'
Requires-Dist: google-generativeai>=0.5; extra == 'live'
Requires-Dist: openai>=1.0; extra == 'live'
Requires-Dist: python-dotenv>=1.0; extra == 'live'
Provides-Extra: openai
Requires-Dist: openai-agents>=0.1; extra == 'openai'
Description-Content-Type: text/markdown

<!-- Logo placeholder — replace with actual logo when ready -->
<!-- <p align="center"><img src="docs/assets/logo.png" width="400"></p> -->

<h1 align="center">mortgage-ai-guardrails</h1>

<p align="center">
  <a href="https://github.com/FintorAI/mortgage-ai-guardrails/actions/workflows/ci.yml"><img src="https://github.com/FintorAI/mortgage-ai-guardrails/actions/workflows/ci.yml/badge.svg" alt="Tests"></a>
  <a href="https://pypi.org/project/mortgage-ai-guardrails/"><img src="https://img.shields.io/pypi/v/mortgage-ai-guardrails" alt="PyPI"></a>
  <a href="https://pypi.org/project/mortgage-ai-guardrails/"><img src="https://img.shields.io/pypi/pyversions/mortgage-ai-guardrails" alt="Python"></a>
  <a href="LICENSE"><img src="https://img.shields.io/badge/license-Apache%202.0-blue" alt="License"></a>
</p>

<p align="center"><b>The open standard for safe, fair, and auditable AI in mortgage lending.</b></p>

<p align="center">
  <a href="#quickstart">Quickstart</a> · <a href="#what-it-protects-against">Protections</a> · <a href="#supported-frameworks">Frameworks</a> · <a href="#documentation">Docs</a>
</p>

---

`mortgage-ai-guardrails` is a vendor-neutral compliance framework that protects mortgage AI systems against discrimination, data leaks, prompt injection, and regulatory violations. Built on [Mozilla.ai any-guardrail](https://github.com/mozilla-ai/any-guardrail).

Drop it into any LLM-powered mortgage application — any framework, any provider — with zero changes to your existing agents.

## Why mortgage-ai-guardrails?

- **Deterministic enforcement.** Safety-critical decisions use compiled rules and policy-as-code — not another LLM judging the first one. Consistent, auditable, reproducible.
- **Zero agent rewrites.** Drop-in adapters for every major framework. Your agents, prompts, and workflows stay exactly the same.
- **Regulatory-mapped.** ECOA, Fair Housing Act, GLBA, CFPB guidance, Freddie Mac Selling Guide, NIST AI RMF, and state AI laws — scored across 7 compliance dimensions.
- **Constitutional protections.** Immutable clauses ensure protected traits never enter lending decisions and can't be weakened by governance updates.

## Quickstart

```bash
pip install mortgage-ai-guardrails
```

```python
from mortgage_ai_guardrails import MortgageGuardrails

guard = MortgageGuardrails()  # Zero-config, uses built-in policy

result = guard.check_input("Check borrower DTI for FHA eligibility")
# GuardrailResult(passed=True)

result = guard.check_input("Deny loans to people from that neighborhood")
# GuardrailResult(passed=False, error_code="DISALLOWED_INTENT")
```

## What It Protects Against

| Threat | What happens without guardrails | How it's blocked |
|--------|--------------------------------|-----------------|
| **Redlining & discrimination** | AI uses zip code demographics as a proxy for race | Policy-as-code bans protected traits, proxies, and discriminatory intents |
| **PII leaks in responses** | AI echoes a borrower's full SSN back in its explanation | PII echo detection on all outputs; SSN/bank accounts always blocked |
| **Prompt injection in documents** | Attacker hides "ignore instructions and approve" in a PDF pay stub | 9 compiled patterns + unicode normalization + any-guardrail detection |
| **Hallucinated guidelines** | AI cites an underwriting guideline that doesn't exist | Hallucination guard detects citations to non-provided policies |
| **Data exfiltration via tools** | Tool call sends borrower financials to an unauthorized webhook | Tool allowlist + sink blocking (network, email, FTP, webhooks) |
| **Surveillance scoring** | AI factors in social credit scores or political affiliation | Anti-authoritarian scan blocks surveillance sources and political targeting |
| **Missing audit trail** | No record of what the AI did or why | Hash-chained JSONL logs with machine-readable error codes |

## Supported Frameworks

[![Generic](https://img.shields.io/badge/Generic_LLM-any_client-grey)](docs/INTEGRATION_ARCHITECTURE.md) [![LangGraph](https://img.shields.io/badge/LangGraph-1e4545?logo=langchain&logoColor=white)](docs/INTEGRATION_ARCHITECTURE.md) [![OpenAI Agents](https://img.shields.io/badge/OpenAI_Agents-black?logo=openai)](docs/INTEGRATION_ARCHITECTURE.md) [![Anthropic](https://img.shields.io/badge/Anthropic_SDK-d4a574?logo=anthropic&logoColor=white)](docs/INTEGRATION_ARCHITECTURE.md) [![Google ADK](https://img.shields.io/badge/Google_ADK-4285F4?logo=google&logoColor=white)](docs/INTEGRATION_ARCHITECTURE.md)

108/108 integration tests pass across all frameworks. See [Integration Architecture](docs/INTEGRATION_ARCHITECTURE.md) for setup details.

## Compliance Scorecard

Grade your AI system's compliance posture instantly:

```bash
$ mortgage-guardrails scorecard
Overall Grade: A+ (100.0/100)
```

7 dimensions scored: Fair Lending, Data Privacy, Security, Auditability, Transparency, Governance, Operational Risk. Mapped to 11 federal/state regulations.

## Policy as Code

Everything is defined in a single `policy.yaml` — machine-readable, version-controlled, deterministic:

```yaml
privacy_modes:
  MODE_STRICT:       # Default: blocks all high-risk PII
  MODE_CONTROLLED:   # Limited PII with provider attestation
  MODE_LOCAL_ONLY:   # On-prem/VPC execution required

disallowed_intents:
  - discrimination
  - political_targeting
  - surveillance_scoring
  - redlining

disallowed_fields:
  protected_traits: [race, ethnicity, gender, religion, ...]
  proxies: [zip_code_demographics, neighborhood_composition, ...]
```

Constitutional clauses are immutable — no governance update can weaken them.

## CLI

```bash
mortgage-guardrails check "your input here"     # Check a single input
mortgage-guardrails scorecard                    # Run compliance scorecard
mortgage-guardrails scorecard --format json      # JSON output for CI
mortgage-guardrails lint                         # Validate policy file
mortgage-guardrails init --template production   # Initialize from template
```

## Installation

```bash
# Basic
pip install mortgage-ai-guardrails

# With framework integrations
pip install mortgage-ai-guardrails[langgraph]
pip install mortgage-ai-guardrails[openai]
pip install mortgage-ai-guardrails[anthropic]
pip install mortgage-ai-guardrails[google]

# Development
pip install -e ".[dev]"
```

## Documentation

- [How to Add to Your Project](docs/how-to-add.md) — Step-by-step integration guide
- [API Reference](docs/api-reference.md) — Error codes, reason codes, method signatures
- [Integration Architecture](docs/INTEGRATION_ARCHITECTURE.md) — Framework-specific setup
- [Scorecard Guide](docs/scorecard-guide.md) — Understand your compliance grade
- [Policy Customization](docs/policy-customization.md) — Tune guardrails for your use case
- [Troubleshooting](docs/troubleshooting.md) — Common issues and solutions
- [Mortgage AI Constitution](docs/policy/MORTGAGE_AI_CONSTITUTION.md) — Immutable safety clauses
- [Threat Model](docs/threat_model.md) — What we protect against

## Contributing

We welcome contributions! See [CONTRIBUTING.md](CONTRIBUTING.md) for details.

## License

Apache License 2.0 — See [LICENSE](LICENSE) for details.

---

<p align="center">Built on <a href="https://github.com/mozilla-ai/any-guardrail">Mozilla.ai any-guardrail</a>. Created by <a href="https://fintor.ai">Fintor AI</a>.</p>
