Tools & SDK Services

11 SDK services. 33 CLI commands.
Shipped.

spanforge ships a complete toolkit for AI compliance — from PII redaction and secrets scanning at CI time, to HMAC audit chains and regulatory evidence bundles in production. Every service is available today via pip install spanforge.

11SDK servicessf_identity · sf_pii · sf_secrets · sf_audit · sf_observe · sf_alert · sf_gate · sf_cec · sf_trust · sf_rag · sf_feedback

33CLI commandsscan · gate · trust · audit · secrets · compliance · doctor · security · enterprise · and 24 more

6Compliance frameworksEU AI Act · GDPR · HIPAA · SOC 2 · ISO 42001 · NIST AI RMF — article-level mapping

91%Test coverage6,541 tests passing · mypy --strict · zero required dependencies

Available now

Published tools & SDK services

Browse every SDK service and CLI tool that ships with spanforge. Use the filters to narrow by type or lifecycle phase.

Showing 13 of 13 public tools

SDK ServiceDocs Available

`sf_identity`

API keys (sf_live_*), JWT HS256/RS256, TOTP RFC 6238, magic links, SAML 2.0 ACS, SCIM 2.0 User/Group CRUD, OIDC PKCE, SSO session delegation, brute-force lockout.

SDK ServiceDocs Available

`sf_pii`

Presidio NLP + regex, 5 sensitivity levels, flag/redact/block pipeline, GDPR Art.17 erasure, HIPAA safe harbor, CCPA DSAR, DPDP consent gate, PIPL entity types.

SDK ServiceDocs Available

`sf_secrets`

20 detection patterns, Shannon entropy scoring, SARIF 2.1.0 output, Vault migration hints, auto-block policy table, pre-commit hook.

SDK ServiceDocs Available

`sf_audit`

HMAC-SHA256 chain, WORM S3/GCS/Azure, SQLite index, 7-year retention, tombstone erasure, verify_chain(), GDPR Article 30 RoPA, BYOS cloud routing.

SDK ServiceDocs Available

`sf_observe`

OTel GenAI Semantic Conventions v1.27+, OTLP / Datadog / Grafana / Splunk / Elastic, W3C TraceContext, annotation store, SLO tracking, health probes.

SDK ServiceDocs Available

`sf_alert`

Topic-based publish, 5-min dedup, Slack / Teams / PagerDuty / OpsGenie / VictorOps / Incident.io, HMAC-signed webhooks, escalation policy, circuit breakers.

SDK ServiceDocs Available

`sf_gate`

6-gate YAML pipeline engine, PRRI governance gate, trust gate (HRI + PII + secrets), SLSA Level 2 provenance, artifact store, CI/CD integration.

SDK ServiceDocs Available

`sf_cec`

Signed ZIP evidence bundles, EU AI Act / SOC 2 / ISO 42001 / NIST AI RMF / ISO 27001 clause mapping, verify_bundle(), generate_dpa(), RFC 3161 timestamps.

SDK ServiceDocs Available

`sf_trust`

T.R.U.S.T. scorecard — 5 dimensions (Transparency, Reliability, UserTrust, Security, Traceability), configurable weights, SVG badge, history time-series, 5 HallucCheck pipeline integrations.

SDK ServiceDocs Available

`sf_rag`

@trace_rag decorator, trace_query(), retrieval scoring, grounding metrics, LlamaIndex and LangChain auto-instrumentation, session lifecycle, privacy controls.

SDK ServiceDocs Available

`sf_feedback`

POST /v1/feedback — NPS/CSAT/thumbs/Likert ratings, SHA-256 hashed free-text comments, T.R.U.S.T. dimension linking, ULID-keyed feedback records.

Python CLIDocs Available

`spanforge-secrets`

CI Gate 01. Scans prompt files and training data for PII (10 entity types) and exposed API keys (5 platforms). Structured JSON output, HMAC audit-chain verification, and exit codes for pipeline integration.

Python CLIDocs Available

`sf-validate`

CI compliance gate for RFC-0001 JSONL audit-log streams. Unifies per-event JSON schema validation and HMAC chain verification in a single pass. Outputs GitHub Actions annotations, SARIF, and JUnit XML.