Sponsio provides deterministic safety solutions for probabilistic AI agents by compiling natural language policies into unbreakable, runtime-enforced agent contracts. It targets developers building complex agentic applications who need robust security against known AI risks, offering significant performance benefits and comprehensive coverage of OWASP Agentic threats.

How It Works

Sponsio employs formal methods to translate high-level policies into deterministic agent contracts. These contracts act as runtime checks at every agent action, ensuring adherence to defined rules. This approach guarantees unbreakable enforcement, unlike prompt-based methods, and achieves sub-millisecond execution times with zero LLM runtime cost, making it significantly faster and more reliable than LLM-as-judge guardrails.

Quick Start & Requirements

Installation is straightforward via pip (pip install sponsio) or npm (npm install -D @sponsio/sdk). The sponsio init . command initiates an interactive wizard that detects the framework (e.g., LangChain, LangGraph, CrewAI) and generates a sponsio.yaml configuration file along with integration code snippets. Prerequisites include Python or TypeScript environments.

Highlighted Details

• Achieves sub-millisecond latency (p50 0.139ms) on critical workloads, vastly outperforming LLM-based guardrails (5,000x–60,000x faster).
• Demonstrates high effectiveness on benchmarks: blocks 84.5% of misalignment on ODCV-Bench on average and 100% of fraud in a financial audit scenario.
• Covers all 10 OWASP Agentic risks and integrates seamlessly with popular agent frameworks like LangChain, Claude Agent, and CrewAI.
• Offers sixteen pre-built contract bundles, composed from 44 deterministic patterns, for immediate protection against common failure classes.

Maintenance & Community

Contributions via patches, issue reports, and new pattern proposals are welcomed, with guidance provided in CONTRIBUTING.md. The project encourages users to open issues for new threat models or desired bundle coverage. Specific community channels like Discord or Slack are not detailed in the README.

Licensing & Compatibility

The project is licensed under Apache 2.0, permitting commercial use and integration into closed-source applications. Documentation exists regarding the boundary between the open-source offering and Sponsio Cloud features.

Limitations & Caveats

Advanced features such as stochastic atoms, managed LLM-judge pipelines, and cross-customer pattern intelligence are slated for Sponsio Cloud, indicating that some capabilities may be restricted to the managed service. The OSS/Cloud boundary documentation should be consulted for a precise understanding of feature availability.