Download
PIC (Provenance & Intent Contracts) serves as an action firewall for agentic AI.
Lightweight, it adds machine-verifiable contracts to agent calls and actions and it is particularly efective at shielding the agent from propmpt-injection.
Before any high-impact tool call, the agent must submit an Action Proposal (schema + verifier):
- explicit intent
- impact classification (read / write / money / irreversible / privacy / etc.)
- provenance sources with trust levels (untrusted → trusted via verification)
- claims backed by verifiable evidence (SHA-256 file hashes or Ed25519 signatures)
If trust/evidence is insufficient, it fails closed and blocks the action.
Current version features:
- Deterministic Hash Evidence verification (SHA-256)
- Signature evidence (Ed25519)
- Keyring expiry + revocation
- CLI keys
- MCP and LangGraph integrations
- Comprehensive tests, examples, and documentation
Features
- Structured Action Proposal (PIC/1.0 JSON)
- Fail-Closed Verifier
- Deterministic Hash Evidence Verification (type="hash")
- Ed25519 Signature Evidence (type="sig" – v0.4 highlight)
- Trusted Keyring with Lifecycle Controls
- Key Status & Diagnostic Helpers
- LangGraph Integration (PICToolNode)
- MCP (Model Context Protocol) Guarding
- Privacy Gating & Hardening
- CLI Tooling Suite
