Skip to content

Latest commit

 

History

History

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

README.md

Python (official OpenAI SDK)

Point the official openai Python SDK at the AxioRank Gateway by changing only base_url, and every call gets local guardrails, a risk score header, and a signed receipt. The script makes one clean call (reading the x-axiorank-* headers via with_raw_response), then sends a prompt-injection attempt that the gateway blocks with a 403 before it ever reaches OpenAI.

Setup

pip install openai
export OPENAI_API_KEY=sk-...   # your OpenAI key; forwarded upstream, never stored

Start the gateway in another terminal:

npx @axiorank/gateway

Run

python main.py

Expected output

answer:       A gateway gives every model call one place for guardrails, routing, and an audit trail.
risk score:   50
receipt:      eyJyZWNlaXB0VmVyc2lvbiI6MSwia2luZCI6ImF4aW9yYW5r... (1572 chars, base64url, Ed25519-signed)

injection:    blocked with HTTP 403
error type:   axiorank_blocked
message:      held for review by AxioRank gateway: Risk score 68 is in the review band (50 to 74). The hosted product turns holds into human approvals.

A score of 50 on the clean call is the neutral base prior; it climbs when detectors fire (the injection scored 68, which lands in the review band, and the OSS gateway blocks holds by default).

Every response is also appended to a hash-chained receipt log that you can verify offline:

npx @axiorank/gateway verify ~/.axiorank/gateway/receipts.jsonl