|
1 | 1 | # NerveMind CGOS Python SDK |
2 | 2 |
|
3 | | -Developer-oriented client for **decision intake (v2)**, **proof validation**, and **execution invoke** (gateway). |
| 3 | +**Governance enforcement for AI and enterprise systems** |
4 | 4 |
|
5 | | -## Install (local / editable) |
| 5 | +Install in seconds: |
6 | 6 |
|
7 | 7 | ```bash |
8 | | -cd sdks/python |
9 | | -pip install -e . |
| 8 | +pip install nervemind-cgos |
10 | 9 | ``` |
11 | 10 |
|
12 | | -## Quick start |
| 11 | +--- |
| 12 | + |
| 13 | +## 🚀 What is CGOS? |
| 14 | + |
| 15 | +**CGOS (Cognitive Governance Operating System)** is a control layer that ensures all AI and system actions are evaluated, approved, and enforced based on governance rules before execution. |
| 16 | + |
| 17 | +This SDK allows you to integrate CGOS into your system in minutes. |
| 18 | + |
| 19 | +--- |
| 20 | + |
| 21 | +## ⚡ Quick Start |
13 | 22 |
|
14 | 23 | ```python |
15 | 24 | from cgos_sdk import CGOSClient |
16 | 25 |
|
17 | 26 | client = CGOSClient( |
18 | | - base_url="https://cgos-api.example.com", |
19 | | - api_key="your-api-key", |
20 | | - internal_service_token="...", # for verify_proof / invoke_execution |
| 27 | + base_url="https://your-cgos-api.com", |
| 28 | + api_key="your-api-key" |
21 | 29 | ) |
22 | 30 |
|
23 | | -out = client.submit_decision( |
24 | | - source_system="core-payments", |
25 | | - sector="banking", |
26 | | - decision_type="limit_increase", |
27 | | - decision_id="dec-001", |
28 | | - context={"amount": 5000}, |
29 | | - policy_set="ORGANIZATION_POLICY_V1", |
30 | | - callback_url="https://your-bank.example/callbacks/cgos", |
31 | | - correlation_id="trace-abc", |
| 31 | +response = client.submit_decision( |
| 32 | + source_system="loan_system", |
| 33 | + sector="finance", |
| 34 | + decision_type="loan_approval", |
| 35 | + decision_id="loan_123", |
| 36 | + context={"amount": 50000}, |
| 37 | + policy_set="default", |
| 38 | + callback_url="https://your-system.com/callback" |
32 | 39 | ) |
33 | 40 |
|
34 | | -proof_check = client.verify_proof(out.get("proof_id") or "prf_...") |
35 | | -exec_resp = client.invoke_execution( |
36 | | - proof_id="prf_...", |
37 | | - path="/api/v1/payments/transfer", |
38 | | - organization_id="org_123", |
39 | | - http_method="POST", |
40 | | - json_body={"to": "x", "amount": 1}, |
41 | | -) |
| 41 | +print(response) |
| 42 | +``` |
| 43 | + |
| 44 | +--- |
| 45 | + |
| 46 | +## 🧠 Core Capabilities |
| 47 | + |
| 48 | +* Submit decisions for governance evaluation |
| 49 | +* Validate execution proofs |
| 50 | +* Invoke controlled execution flows |
| 51 | +* Built-in retry, tracing, and observability hooks |
| 52 | + |
| 53 | +--- |
| 54 | + |
| 55 | +## 🔁 Typical Flow |
| 56 | + |
| 57 | +```plaintext |
| 58 | +Your System → CGOS → Governance Decision → Execution Control |
| 59 | +``` |
| 60 | + |
| 61 | +1. Submit action to CGOS |
| 62 | +2. CGOS evaluates against policies |
| 63 | +3. Receive approval / rejection / escalation |
| 64 | +4. Execute action through controlled pathway |
| 65 | + |
| 66 | +--- |
| 67 | + |
| 68 | +## 📦 Key Methods |
| 69 | + |
| 70 | +### Submit Decision |
| 71 | + |
| 72 | +```python |
| 73 | +client.submit_decision(...) |
| 74 | +``` |
| 75 | + |
| 76 | +Send an action to CGOS for governance evaluation. |
| 77 | + |
| 78 | +--- |
| 79 | + |
| 80 | +### Verify Proof |
| 81 | + |
| 82 | +```python |
| 83 | +client.verify_proof(proof_id="...") |
| 84 | +``` |
| 85 | + |
| 86 | +Validate that an action is approved before execution. |
| 87 | + |
| 88 | +--- |
| 89 | + |
| 90 | +### Invoke Execution |
| 91 | + |
| 92 | +```python |
| 93 | +client.invoke_execution(...) |
42 | 94 | ``` |
43 | 95 |
|
44 | | -## Auth |
| 96 | +Execute actions through CGOS-controlled pathways. |
| 97 | + |
| 98 | +--- |
| 99 | + |
| 100 | +## 🔐 Authentication |
| 101 | + |
| 102 | +You can use: |
| 103 | + |
| 104 | +* API Key (external systems) |
| 105 | +* Internal Service Token (secure backend) |
| 106 | +* Bearer Token (admin / internal flows) |
| 107 | + |
| 108 | +--- |
| 109 | + |
| 110 | +## 🏗️ Architecture |
| 111 | + |
| 112 | +CGOS enforces governance by sitting between decision-making and execution: |
| 113 | + |
| 114 | +```plaintext |
| 115 | +AI / User Request |
| 116 | + ↓ |
| 117 | + CGOS |
| 118 | + ↓ |
| 119 | +Execution Control |
| 120 | + ↓ |
| 121 | +Core System |
| 122 | +``` |
| 123 | + |
| 124 | +--- |
| 125 | + |
| 126 | +## ⚠️ Important |
| 127 | + |
| 128 | +* CGOS does NOT execute actions directly |
| 129 | +* It enforces whether actions are allowed or not |
| 130 | +* Execution should always be gated by CGOS |
| 131 | + |
| 132 | +--- |
| 133 | + |
| 134 | +## 📄 License |
| 135 | + |
| 136 | +MIT License © Keymatrix Solutions |
| 137 | + |
| 138 | +--- |
| 139 | + |
| 140 | +## 🌐 Learn More |
| 141 | + |
| 142 | +* PyPI: https://pypi.org/project/nervemind-cgos/ |
| 143 | +* GitHub: https://github.com/KeyMatrix-solutions/nervemind-cgos-python |
45 | 144 |
|
46 | | -| Call | Header | |
47 | | -|------|--------| |
48 | | -| Intake v2 | `X-API-Key` or `Authorization: Bearer <api_key>` (matches brain-api) | |
49 | | -| Proof validate / execution | `X-CGOS-Internal-Token` (S2S) | |
| 145 | +--- |
50 | 146 |
|
51 | | -Optional **bearer JWT** (UI / ops) enables `wait_for_decision()` polling on `GET /api/v1/cgos/decisions/{id}`. |
| 147 | +## 🤝 Contributing |
52 | 148 |
|
53 | | -## Reliability |
| 149 | +Contributions are welcome. Please open an issue or submit a pull request. |
54 | 150 |
|
55 | | -`CGOSClient` supports `timeout_s`, `max_retries`, `Idempotency-Key` on intake (passed as header when provided), and optional `traceparent` / `correlation_id` on every request. |
| 151 | +--- |
56 | 152 |
|
57 | | -## External attestation |
| 153 | +## 🚀 About |
58 | 154 |
|
59 | | -This SDK cannot prove mesh or gateway posture. Pair with SPIFFE/SPIRE, signed policy bundles, and CI validators — see `docs/CGOS_EXTERNAL_ATTESTATION_AND_SDK.md` at repo root. |
| 155 | +Built by **Keymatrix Solutions** to bring governance, control, and safety to AI-driven systems. |
0 commit comments