Skip to content

ast-guard v1.0.0 — First Public Release

Choose a tag to compare

View all tags
@Nick-is-building Nick-is-building released this 21 May 19:29
· 163 commits to main since this release
v1.0.0
f7505e7

The world's first deterministic reward hacking detector for LLM-generated Python code.

What is ast-guard?

When LLMs autonomously generate and test code, they cheat — hardcoding outputs, replacing algorithms with lookup tables, or manipulating test environments. ast-guard catches this structurally via AST analysis, before the code ever runs.

Highlights

  • Four detection checks: Hardcoding (if-count, literal-count, long strings), Complexity Collapse, Forbidden Calls & Obfuscation, Import Drift
  • Three sensitivity modes: strict (blocks execution), standard (warnings only), audit (silent telemetry)
  • Zero dependencies: Pure Python standard library, works everywhere Python 3.11+ runs
  • Diff-based analysis: Only flags what's NEW in the generated code
  • Anti-obfuscation: Catches variable aliasing, __builtins__ access, getattr tricks, chr() encoding
  • Allowlist-aware: Recognizes legitimate optimizations (comprehensions, built-ins, data structure swaps)
  • Built-in telemetry: Anonymized local metrics collection for community-driven threshold calibration
  • Privacy by design: Never stores code, filenames, or timestamps

Quick Start

git clone https://github.com/Nick-is-building/ast-guard.git
cd ast-guard
python -m pytest tests/ -v  # 35 tests, all passing

Requirements

  • Python 3.11+
  • No pip install needed
Assets 2
Loading