Go Packages

All Shield packages are importable from github.com/xraph/shield.

Core packages

`github.com/xraph/shield`

Root package. Exports context helpers, error constants, configuration, and shared types.

Export	Description
`WithTenant(ctx, id)`	Inject tenant ID into context
`WithApp(ctx, id)`	Inject app ID into context
`TenantFromContext(ctx)`	Read tenant ID from context
`AppFromContext(ctx)`	Read app ID from context
`Config`	Engine configuration struct
`DefaultConfig()`	Returns default Config values
`Entity`	Base type with timestamps
`Version`	Current library version
`ErrNoStore`, `ErrInputBlocked`, `ErrOutputBlocked`, ...	Sentinel errors

`github.com/xraph/shield/engine`

The core layered safety engine.

Export	Description
`New(...Option) (*Engine, error)`	Create an engine
`Engine.ScanInput(ctx, *scan.Input)`	Scan user input content
`Engine.ScanOutput(ctx, *scan.Input)`	Scan agent output content
`Engine.Stop(ctx)`	Graceful shutdown
`WithStore(s)`	Set composite store
`WithPlugin(p)`	Register lifecycle plugin
`WithConfig(cfg)`	Set engine configuration
`WithLogger(l)`	Set structured logger

`github.com/xraph/shield/scan`

Scan input/output types, findings, and results.

Export	Description
`Input`	Content to scan
`Result`	Complete scan output
`Finding`	Individual detection from a safety layer
`Direction`	Input or output direction
`Decision`	Allow, block, flag, or redact
`Stats`	Aggregated scan statistics

Safety layer packages

`github.com/xraph/shield/instinct`

Pre-conscious threat detection. Categories: injection, exfiltration, manipulation, jailbreak.

Export	Description
`Instinct`	Entity with strategies, sensitivity, and action
`Category`	Injection, Exfiltration, Manipulation, Jailbreak
`Sensitivity`	Paranoid, Cautious, Balanced, Relaxed, Permissive
`Strategy`	Detection strategy with name, weight, config
`Store`	CRUD persistence interface

`github.com/xraph/shield/awareness`

Perception layer — PII, topic, sentiment, intent, language detection.

Export	Description
`Awareness`	Entity with focus, detectors, and action
`Focus`	PII, Topic, Sentiment, Intent, Language, Custom
`Detector`	Named detector with patterns and config
`PIIAction`	Redact, Flag, Block, Vault
`Store`	CRUD persistence interface

`github.com/xraph/shield/boundary`

Hard safety limits — binary pass/block checks.

Export	Description
`Boundary`	Entity with limits and canned response
`Scope`	Topic, Action, Data, Output, Custom
`Limit`	Deny/allow list with scope
`Store`	CRUD persistence interface

`github.com/xraph/shield/values`

Ethical evaluation — toxicity, brand safety, honesty, respect, safety, privacy.

Export	Description
`Values`	Entity with rules, severity, and action
`Principle`	Toxicity, BrandSafety, Honesty, Respect, Safety, Privacy, Custom
`Rule`	Principle with threshold, categories, guidelines
`Store`	CRUD persistence interface

`github.com/xraph/shield/judgment`

Contextual risk assessment — grounding, relevance, consistency, compliance.

Export	Description
`Judgment`	Entity with domain, assessors, threshold, action
`RiskLevel`	None, Low, Medium, High, Critical
`Domain`	Grounding, Relevance, Consistency, Compliance, Custom
`Assessor`	Named assessor with weight and config
`Store`	CRUD persistence interface

`github.com/xraph/shield/reflex`

Condition-action response rules — policy rules, rate limiting, escalation.

Export	Description
`Reflex`	Entity with triggers, actions, priority
`TriggerType`	OnScore, OnFinding, OnPattern, OnContext, OnRate, Always
`ActionType`	Block, Redact, Flag, Rewrite, Escalate, Log, Throttle
`Trigger`	Trigger definition with type, pattern, threshold
`Action`	Action definition with type, target, value, fallback
`Store`	CRUD persistence interface

Composition packages

`github.com/xraph/shield/profile`

SafetyProfile — composes all six safety layers into a reusable identity.

Export	Description
`SafetyProfile`	Composition entity
`InstinctAssignment`	Instinct with sensitivity override
`JudgmentAssignment`	Judgment with threshold override
`AwarenessAssignment`	Awareness detector assignment
`Store`	CRUD persistence interface

`github.com/xraph/shield/policy`

Administrative governance — tenant-scoped safety rules.

Export	Description
`Policy`	Entity with scope, rules
`ScopeLevel`	App or Org
`Rule`	CheckType + Condition + Action
`Store`	CRUD + AssignToTenant/UnassignFromTenant

`github.com/xraph/shield/pii`

PII vault — AES-256-GCM encrypted token storage.

Export	Description
`Token`	Encrypted PII token with expiry
`Stats`	Vault statistics by type and tenant
`Store`	Store/Load/Delete/Purge tokens

`github.com/xraph/shield/compliance`

Compliance reporting — EU AI Act, NIST AI RMF, SOC2.

Export	Description
`Report`	Generated compliance report
`Framework`	EUAIAct, NIST, SOC2
`Store`	Create/Get/List reports

All lifecycle hook interfaces: ScanStarted, ScanCompleted, ScanBlocked, ScanFailed, InstinctTriggered, AwarenessDetected, JudgmentAssessed, ValueViolated, ReflexFired, BoundaryEnforced, PIIDetected, PIIRedacted, PolicyEvaluated, SafetyProfileResolved, Shutdown.

`github.com/xraph/shield/observability`

func NewMetricsExtension() *MetricsExtension
func NewMetricsExtensionWithFactory(factory gu.MetricFactory) *MetricsExtension

`github.com/xraph/shield/audit_hook`

func New(r Recorder, opts ...Option) *Extension
func WithActions(actions ...string) Option
func WithLogger(l *slog.Logger) Option

ID package

`github.com/xraph/shield/id`

func NewScanID() ScanID
func NewPolicyID() PolicyID
func NewInstinctID() InstinctID
func NewJudgmentID() JudgmentID
func NewAwarenessID() AwarenessID
func NewValueID() ValueID
func NewReflexID() ReflexID
func NewBoundaryID() BoundaryID
func NewSafetyProfileID() SafetyProfileID
// ... + Parse* functions for each type
func ParseAny(s string) (AnyID, error)

All IDs implement String() string and are based on TypeID (UUIDv7, K-sortable).

Infrastructure packages

Package	Purpose
`store`	Composite store interface
`extension`	Forge framework extension adapter