| Name | upss JSON |
| Version |
2.0.1
JSON |
| download |
| home_page | None |
| Summary | Universal Prompt Security Standard - Python Implementation |
| upload_time | 2025-10-30 10:50:39 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | >=3.9 |
| license | MIT |
| keywords |
security
llm
prompt
ai
prompt-injection
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# UPSS Python Library
A comprehensive Python implementation of the Universal Prompt Security Standard (UPSS) for secure prompt management in LLM applications.
## Features
- **Dual Deployment Modes**: Filesystem (zero-config) and PostgreSQL (enterprise-grade)
- **Security-First Design**: Built-in injection prevention, checksum verification, and audit logging
- **RBAC Support**: Role-based access control for fine-grained permissions
- **Migration Tools**: Facilitate transition from hardcoded prompts to UPSS
- **Async/Await**: Modern asynchronous API for high performance
- **Type-Safe**: Full type hints for better IDE support
## Quick Start
### Installation
```bash
pip install upss
```
### Basic Usage
```python
import asyncio
from upss import UPSSClient
async def main():
# Initialize client (zero-config filesystem mode)
async with UPSSClient() as client:
# Load a prompt
prompt = await client.load("assistant", user_id="user@example.com")
print(prompt.content)
# Create a new prompt
prompt_id = await client.create(
name="greeting",
content="You are a helpful assistant...",
user_id="admin@example.com"
)
print(f"Created prompt: {prompt_id}")
asyncio.run(main())
```
### Safe Rendering with User Input
```python
from upss.security.scanner import render
system_prompt = "You are a helpful assistant."
user_message = "User's input here"
# Automatically sanitized
output = render(system_prompt, user_message, style="xml")
```
## Configuration
### Filesystem Mode (Default)
```python
client = UPSSClient(
mode="filesystem",
base_path="./prompts",
enable_checksum=True,
enable_rbac=False
)
```
### PostgreSQL Mode
```python
client = UPSSClient(
mode="postgresql",
db_url="postgresql://user:pass@localhost/upss",
enable_checksum=True,
enable_rbac=True
)
```
## Architecture
```
upss/
├── core/
│ ├── client.py # Main UPSSClient class
│ ├── models.py # Data models
│ └── exceptions.py # Exception classes
├── security/
│ └── scanner.py # Injection prevention, PII detection
├── storage/
│ ├── filesystem.py # Filesystem storage backend
│ └── postgresql.py # PostgreSQL storage backend
├── migration/
│ ├── discover.py # Discover hardcoded prompts
│ ├── facade.py # Legacy system facade
│ └── decorator.py # Migration decorator
└── cli/
└── main.py # CLI tool
```
## Security Features
### Prompt Injection Prevention
```python
from upss.security.scanner import sanitize, calculate_risk_score
user_input = "ignore previous instructions..."
sanitized, is_safe = sanitize(user_input)
if not is_safe:
print("Potential injection detected!")
```
### PII Detection
```python
from upss.security.scanner import detect_pii
content = "My email is user@example.com"
pii_types = detect_pii(content, block=True) # Raises ComplianceError if PII found
```
### Checksum Verification
```python
# Automatically verified on load
prompt = await client.load("assistant", user_id="user@example.com")
# IntegrityError raised if checksum fails
```
## Migration Tools
### Discover Hardcoded Prompts
```bash
upss discover --path ./myapp --output prompts.json
```
### Decorator-Based Migration
```python
from upss.migration.decorator import migrate_prompt
@migrate_prompt("assistant-system")
async def get_system_prompt(user_id: str):
return "fallback prompt" # Used if UPSS fails
```
### Batch Migration
```python
prompts = [
{"name": "old-prompt-1", "content": "..."},
{"name": "old-prompt-2", "content": "..."},
]
report = await client.migrate(prompts, user_id="admin@example.com")
print(f"Migrated: {report.successful}/{report.total}")
```
## CLI Usage
### Initialize UPSS
```bash
upss init
```
### Discover Hardcoded Prompts
```bash
upss discover --path ./src --output prompts.json
```
## Testing
```bash
# Install dev dependencies
pip install upss[dev]
# Run tests
pytest
# Run with coverage
pytest --cov=upss
```
## Requirements
- Python 3.9+
- For PostgreSQL mode: PostgreSQL 12+
## Dependencies
- `filelock`: File-based locking for filesystem mode
- `asyncpg`: PostgreSQL async driver
- `pyyaml`: YAML configuration support
- `click`: CLI framework
## Performance
| Operation | Filesystem Mode | PostgreSQL Mode (Cached) | PostgreSQL Mode (Uncached) |
|-----------|----------------|-------------------------|---------------------------|
| Load prompt | < 10ms | < 5ms | < 100ms |
| Create prompt | < 50ms | < 50ms | < 150ms |
| Permission check | < 5ms | < 2ms | < 20ms |
## Documentation
- [API Reference](docs/api.md)
- [Security Guide](docs/security.md)
- [Migration Guide](docs/migration.md)
- [Examples](examples/)
## Contributing
See [CONTRIBUTING.md](../../CONTRIBUTING.md) for guidelines.
## License
MIT License - see [LICENSE](../../LICENSE) for details.
## Security
For security vulnerabilities, see [SECURITY.md](../../SECURITY.md).
## Support
- GitHub Issues: [Report issues](https://github.com/alvinveroy/prompt-security-standard/issues)
- Documentation: [Full docs](https://github.com/alvinveroy/prompt-security-standard)
## Citation
```bibtex
@software{upss_python,
title={UPSS Python Library},
author={UPSS Contributors},
year={2025},
url={https://github.com/alvinveroy/prompt-security-standard}
}
```
Raw data
{
"_id": null,
"home_page": null,
"name": "upss",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": null,
"keywords": "security, llm, prompt, ai, prompt-injection",
"author": null,
"author_email": "UPSS Contributors <security@upss-standard.org>",
"download_url": "https://files.pythonhosted.org/packages/1d/45/297873f390c83e2bc446792fbc02ee8e6e5eea1f9e90bdd8561257ca3e55/upss-2.0.1.tar.gz",
"platform": null,
"description": "# UPSS Python Library\n\nA comprehensive Python implementation of the Universal Prompt Security Standard (UPSS) for secure prompt management in LLM applications.\n\n## Features\n\n- **Dual Deployment Modes**: Filesystem (zero-config) and PostgreSQL (enterprise-grade)\n- **Security-First Design**: Built-in injection prevention, checksum verification, and audit logging\n- **RBAC Support**: Role-based access control for fine-grained permissions\n- **Migration Tools**: Facilitate transition from hardcoded prompts to UPSS\n- **Async/Await**: Modern asynchronous API for high performance\n- **Type-Safe**: Full type hints for better IDE support\n\n## Quick Start\n\n### Installation\n\n```bash\npip install upss\n```\n\n### Basic Usage\n\n```python\nimport asyncio\nfrom upss import UPSSClient\n\nasync def main():\n # Initialize client (zero-config filesystem mode)\n async with UPSSClient() as client:\n # Load a prompt\n prompt = await client.load(\"assistant\", user_id=\"user@example.com\")\n print(prompt.content)\n \n # Create a new prompt\n prompt_id = await client.create(\n name=\"greeting\",\n content=\"You are a helpful assistant...\",\n user_id=\"admin@example.com\"\n )\n print(f\"Created prompt: {prompt_id}\")\n\nasyncio.run(main())\n```\n\n### Safe Rendering with User Input\n\n```python\nfrom upss.security.scanner import render\n\nsystem_prompt = \"You are a helpful assistant.\"\nuser_message = \"User's input here\"\n\n# Automatically sanitized\noutput = render(system_prompt, user_message, style=\"xml\")\n```\n\n## Configuration\n\n### Filesystem Mode (Default)\n\n```python\nclient = UPSSClient(\n mode=\"filesystem\",\n base_path=\"./prompts\",\n enable_checksum=True,\n enable_rbac=False\n)\n```\n\n### PostgreSQL Mode\n\n```python\nclient = UPSSClient(\n mode=\"postgresql\",\n db_url=\"postgresql://user:pass@localhost/upss\",\n enable_checksum=True,\n enable_rbac=True\n)\n```\n\n## Architecture\n\n```\nupss/\n\u251c\u2500\u2500 core/\n\u2502 \u251c\u2500\u2500 client.py # Main UPSSClient class\n\u2502 \u251c\u2500\u2500 models.py # Data models\n\u2502 \u2514\u2500\u2500 exceptions.py # Exception classes\n\u251c\u2500\u2500 security/\n\u2502 \u2514\u2500\u2500 scanner.py # Injection prevention, PII detection\n\u251c\u2500\u2500 storage/\n\u2502 \u251c\u2500\u2500 filesystem.py # Filesystem storage backend\n\u2502 \u2514\u2500\u2500 postgresql.py # PostgreSQL storage backend\n\u251c\u2500\u2500 migration/\n\u2502 \u251c\u2500\u2500 discover.py # Discover hardcoded prompts\n\u2502 \u251c\u2500\u2500 facade.py # Legacy system facade\n\u2502 \u2514\u2500\u2500 decorator.py # Migration decorator\n\u2514\u2500\u2500 cli/\n \u2514\u2500\u2500 main.py # CLI tool\n```\n\n## Security Features\n\n### Prompt Injection Prevention\n\n```python\nfrom upss.security.scanner import sanitize, calculate_risk_score\n\nuser_input = \"ignore previous instructions...\"\nsanitized, is_safe = sanitize(user_input)\n\nif not is_safe:\n print(\"Potential injection detected!\")\n```\n\n### PII Detection\n\n```python\nfrom upss.security.scanner import detect_pii\n\ncontent = \"My email is user@example.com\"\npii_types = detect_pii(content, block=True) # Raises ComplianceError if PII found\n```\n\n### Checksum Verification\n\n```python\n# Automatically verified on load\nprompt = await client.load(\"assistant\", user_id=\"user@example.com\")\n# IntegrityError raised if checksum fails\n```\n\n## Migration Tools\n\n### Discover Hardcoded Prompts\n\n```bash\nupss discover --path ./myapp --output prompts.json\n```\n\n### Decorator-Based Migration\n\n```python\nfrom upss.migration.decorator import migrate_prompt\n\n@migrate_prompt(\"assistant-system\")\nasync def get_system_prompt(user_id: str):\n return \"fallback prompt\" # Used if UPSS fails\n```\n\n### Batch Migration\n\n```python\nprompts = [\n {\"name\": \"old-prompt-1\", \"content\": \"...\"},\n {\"name\": \"old-prompt-2\", \"content\": \"...\"},\n]\n\nreport = await client.migrate(prompts, user_id=\"admin@example.com\")\nprint(f\"Migrated: {report.successful}/{report.total}\")\n```\n\n## CLI Usage\n\n### Initialize UPSS\n\n```bash\nupss init\n```\n\n### Discover Hardcoded Prompts\n\n```bash\nupss discover --path ./src --output prompts.json\n```\n\n## Testing\n\n```bash\n# Install dev dependencies\npip install upss[dev]\n\n# Run tests\npytest\n\n# Run with coverage\npytest --cov=upss\n```\n\n## Requirements\n\n- Python 3.9+\n- For PostgreSQL mode: PostgreSQL 12+\n\n## Dependencies\n\n- `filelock`: File-based locking for filesystem mode\n- `asyncpg`: PostgreSQL async driver\n- `pyyaml`: YAML configuration support\n- `click`: CLI framework\n\n## Performance\n\n| Operation | Filesystem Mode | PostgreSQL Mode (Cached) | PostgreSQL Mode (Uncached) |\n|-----------|----------------|-------------------------|---------------------------|\n| Load prompt | < 10ms | < 5ms | < 100ms |\n| Create prompt | < 50ms | < 50ms | < 150ms |\n| Permission check | < 5ms | < 2ms | < 20ms |\n\n## Documentation\n\n- [API Reference](docs/api.md)\n- [Security Guide](docs/security.md)\n- [Migration Guide](docs/migration.md)\n- [Examples](examples/)\n\n## Contributing\n\nSee [CONTRIBUTING.md](../../CONTRIBUTING.md) for guidelines.\n\n## License\n\nMIT License - see [LICENSE](../../LICENSE) for details.\n\n## Security\n\nFor security vulnerabilities, see [SECURITY.md](../../SECURITY.md).\n\n## Support\n\n- GitHub Issues: [Report issues](https://github.com/alvinveroy/prompt-security-standard/issues)\n- Documentation: [Full docs](https://github.com/alvinveroy/prompt-security-standard)\n\n## Citation\n\n```bibtex\n@software{upss_python,\n title={UPSS Python Library},\n author={UPSS Contributors},\n year={2025},\n url={https://github.com/alvinveroy/prompt-security-standard}\n}\n```\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Universal Prompt Security Standard - Python Implementation",
"version": "2.0.1",
"project_urls": {
"Documentation": "https://github.com/alvinveroy/prompt-security-standard/tree/main/implementations/python",
"Homepage": "https://github.com/alvinveroy/prompt-security-standard",
"Issues": "https://github.com/alvinveroy/prompt-security-standard/issues",
"Repository": "https://github.com/alvinveroy/prompt-security-standard"
},
"split_keywords": [
"security",
" llm",
" prompt",
" ai",
" prompt-injection"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "0498aadc5661e4f0c784825c2c19ee2cf620b583b3d985f1353d5297e12691ea",
"md5": "9c1d659777055686e9254d820dbce1cb",
"sha256": "433b24d502145d79b57883f49e721d448c657c0e2b4a00b18f2f64850b2c67d2"
},
"downloads": -1,
"filename": "upss-2.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "9c1d659777055686e9254d820dbce1cb",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 17994,
"upload_time": "2025-10-30T10:50:38",
"upload_time_iso_8601": "2025-10-30T10:50:38.364782Z",
"url": "https://files.pythonhosted.org/packages/04/98/aadc5661e4f0c784825c2c19ee2cf620b583b3d985f1353d5297e12691ea/upss-2.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "1d45297873f390c83e2bc446792fbc02ee8e6e5eea1f9e90bdd8561257ca3e55",
"md5": "2760caf508d4591b588e51da55f62dda",
"sha256": "0db66558ff541856fecd988ebd74a1a9cbd81f7a7a95538ba9dd2ae216e9191c"
},
"downloads": -1,
"filename": "upss-2.0.1.tar.gz",
"has_sig": false,
"md5_digest": "2760caf508d4591b588e51da55f62dda",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 20668,
"upload_time": "2025-10-30T10:50:39",
"upload_time_iso_8601": "2025-10-30T10:50:39.720096Z",
"url": "https://files.pythonhosted.org/packages/1d/45/297873f390c83e2bc446792fbc02ee8e6e5eea1f9e90bdd8561257ca3e55/upss-2.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-10-30 10:50:39",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "alvinveroy",
"github_project": "prompt-security-standard",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "upss"
}
