(no title)
entrustai | 3 days ago
The problem: Regulated industries (legal, medical, financial) are moving past the "sandbox" phase and deploying LLMs into production. But LLMs are probabilistic—the same prompt can produce different output every time. You cannot audit a probability distribution. If your AI gives a different answer to two different customers, your compliance team can’t defend it.
What The Pilcrow does: It is a deterministic gate at the end of your AI pipeline. It runs every output through a rule engine before it reaches the customer.
The "No-AI" Rule: One of the biggest complaints I hear from engineers is the "hallucination stack"—using an LLM to check another LLM. It’s just layering one black box on top of another. The Pilcrow contains zero AI. It is a pure logic engine using regex, counters, and string matching. Identical input always produces an identical RELEASE or REJECT verdict. Every run is reproducible and defensible in court.
Technical Architecture: Protocol Contracts: Rules are defined in versioned JSON files. Legal/Compliance signs off on the JSON; the machine enforces it identically across every instance.
The Compliance Moat: Every verdict is signed with HMAC-SHA256, binding the workspace ID, verdict, protocol version, and timestamp into a single audit token. It turns a linter into a defensible compliance ledger.
Zero-Retention (Privacy): We process payloads purely in memory. Text is analyzed and immediately discarded. We never write PII/PHI to disk; we only log metadata.
Enterprise SSO: Authentication is handled via WorkOS — users sign in with Google, Microsoft, GitHub, or Apple and land directly in their provisioned workspace. No password management, no manual key distribution.
Self-Healing SDKs: We’ve released Python and Node.js SDKs. You can wrap your LLM calls in 3 lines of code, and the SDK handles REJECT verdicts by auto-retrying the model with context-aware repair guidance from the linter.
The Demo: You can play with the linter live at https://app.entrustai.co (runs against our public API, no signup required).
Links: Early Access: entrustai.co/pilcrow Python SDK: pypi.org/project/pilcrow Node.js SDK: npmjs.com/package/@entrustai/pilcrow API docs: https://pilcrow.entrustai.co/docs OpenAPI spec: https://pilcrow.entrustai.co/openapi.yaml
Building in the GRC space or evaluating AI compliance tooling? Reach me at contact@entrustai.co.
I’m around to answer any questions about the engine, the signature logic, or the challenges of deterministic linting!
No comments yet.