{"id":45575614,"url":"https://github.com/azerozero/grob","last_synced_at":"2026-05-31T22:01:41.313Z","repository":{"id":340049668,"uuid":"1164308245","full_name":"azerozero/grob","owner":"azerozero","description":"LLM proxy with built-in DLP and regulatory compliance. Redacts secrets before they reach the API. EU AI Act, GDPR, HDS/PCI DSS ready. Multi-provider failover, live TUI, virtual keys, fan-out. 6 MB, zero deps. Rust.","archived":false,"fork":false,"pushed_at":"2026-05-28T21:58:48.000Z","size":3796,"stargazers_count":16,"open_issues_count":2,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-29T00:21:58.565Z","etag":null,"topics":["ai-gateway","air-gapped","anthropic","audit-log","dlp","eu-ai-act","failover","fan-out","gdpr","gemini","llm-proxy","multi-provider","ollama","openai","opentelemetry","rust","secret-scanning","sovereign","streaming","virtual-keys"],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/azerozero.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":"CLA.md"}},"created_at":"2026-02-22T23:31:12.000Z","updated_at":"2026-05-28T21:58:30.000Z","dependencies_parsed_at":"2026-04-01T21:03:12.925Z","dependency_job_id":null,"html_url":"https://github.com/azerozero/grob","commit_stats":null,"previous_names":["azerozero/grob"],"tags_count":129,"template":false,"template_full_name":null,"purl":"pkg:github/azerozero/grob","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/azerozero%2Fgrob","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/azerozero%2Fgrob/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/azerozero%2Fgrob/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/azerozero%2Fgrob/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/azerozero","download_url":"https://codeload.github.com/azerozero/grob/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/azerozero%2Fgrob/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33750474,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-31T02:00:06.040Z","response_time":95,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-gateway","air-gapped","anthropic","audit-log","dlp","eu-ai-act","failover","fan-out","gdpr","gemini","llm-proxy","multi-provider","ollama","openai","opentelemetry","rust","secret-scanning","sovereign","streaming","virtual-keys"],"created_at":"2026-02-23T09:13:00.166Z","updated_at":"2026-05-31T22:01:41.295Z","avatar_url":"https://github.com/azerozero.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003ch1 align=\"center\"\u003eGrob\u003c/h1\u003e\n  \u003cp align=\"center\"\u003e\n    \u003cstrong\u003eYour LLM traffic leaks data. Grob stops it.\u003c/strong\u003e\n  \u003c/p\u003e\n  \u003cp align=\"center\"\u003e\n    The only LLM proxy with built-in DLP, written in Rust, deployable air-gapped.\n  \u003c/p\u003e\n  \u003cp align=\"center\"\u003e\n    \u003ca href=\"https://github.com/azerozero/grob/actions/workflows/ci.yml\"\u003e\u003cimg src=\"https://github.com/azerozero/grob/actions/workflows/ci.yml/badge.svg\" alt=\"CI\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/azerozero/grob/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/v/release/azerozero/grob\" alt=\"Release\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/azerozero/grob/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/downloads/azerozero/grob/total\" alt=\"Downloads\"\u003e\u003c/a\u003e\n    \u003ca href=\"LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-AGPL--3.0-blue.svg\" alt=\"License: AGPL-3.0\"\u003e\u003c/a\u003e\n  \u003c/p\u003e\n\u003c/p\u003e\n\n---\n\n**Grob** is a high-performance LLM routing proxy that sits between your AI tools and your providers. It redacts secrets before they reach the API, fails over transparently when a provider goes down, and fits in a 6 MB container with zero dependencies.\n\n\u003e **~90 µs pure overhead** with full DLP + routing + caching + rate limiting -- [40x faster than LiteLLM, every feature measured individually](docs/reference/benchmarks.md).\n\n```mermaid\nflowchart LR\n    CC[Claude Code] --\u003e G\n    AI[Aider] --\u003e G\n    CX[Codex CLI] --\u003e G\n    FO[Forge] --\u003e G\n    CU[Cursor] --\u003e G\n    G[\"Grob \u0026lt;DLP\u0026gt;\u003cbr/\u003e6 MB · zero deps\"] --\u003e A[\"Anthropic (primary)\"]\n    G --\u003e OR[\"OpenRouter (fallback)\"]\n    G --\u003e GE[Gemini]\n    G --\u003e DS[DeepSeek]\n    G --\u003e OL[\"Ollama (local)\"]\n```\n\n## Why Grob?\n\n| Problem | How Grob solves it |\n|---------|-------------------|\n| API keys and secrets leak to LLM providers in prompts | **DLP engine** scans every request -- redacts, blocks, or warns before the data leaves |\n| Provider goes down during a coding session | **Multi-provider failover** with circuit breakers and exponential backoff. Zero client changes |\n| No visibility into what your AI tools send | **`grob watch`** -- live TUI showing every request, response, DLP action, and fallback in real time |\n| Bill shock from runaway LLM usage | **Spend tracking** with per-tenant budgets, monthly caps, and alerts at 80% |\n| AI agent executes destructive tool calls without review | **HIT Gateway** -- intercepts every `tool_use` block, enforces per-policy approval rules (auto-approve / require human / deny), supports multisig and quorum |\n| Deploying in air-gapped / sovereign environments | **Single binary, 6 MB, zero dependencies** -- no Python, no PostgreSQL, no Redis |\n\n## 30-second quickstart\n\n**With Homebrew** (macOS / Linux):\n```bash\nbrew install azerozero/tap/grob\n```\n\n**Without Homebrew** (Linux / CI):\n```bash\ncurl -fsSL https://raw.githubusercontent.com/azerozero/grob/main/scripts/install.sh | sh\n```\n\nThen:\n```bash\ngrob setup        # interactive wizard — picks providers + auth\ngrob exec -- claude\n```\n\nThat's it. Grob auto-starts, routes traffic, and stops when your tool exits.\n\n## DLP -- secrets never reach the provider\n\nEvery request and response passes through the DLP engine before leaving your machine:\n\n```toml\n[dlp]\nenabled = true\n\n[[dlp.secrets]]\nname = \"custom_token\"\nprefix = \"tok_\"\npattern = \"tok_[A-Za-z0-9]{40}\"\naction = \"redact\"            # API keys, tokens, credentials → [REDACTED]\n\n[dlp.pii]\ncredit_cards = true\niban = true\naction = \"redact\"            # Emails, phone numbers → redacted\n\n[[dlp.names]]\nterm = \"Acme Corp\"\naction = \"pseudonym\"         # Real names → consistent pseudonyms\n\n[dlp.prompt_injection]\nenabled = true\naction = \"block\"             # Prompt injection attempts → 400\n\n[dlp.url_exfil]\nenabled = true\naction = \"block\"             # Data exfiltration URLs → stripped\n```\n\nNo other LLM proxy does this. LiteLLM, Bifrost, Portkey, Kong -- none have inline DLP on the hot path.\n\n## Live traffic inspector\n\n```bash\ngrob watch\n```\n\n```\n┌─ Providers ──────────────────────────────────────────────────────────┐\n│  anthropic ●  142ms  99.2%  │  openrouter ●  380ms  97.1%           │\n├─ Live ───────────────────────────────────────────────────────────────┤\n│  11:24:03  → claude-sonnet-4-6    anthropic   1.2K tok              │\n│  11:24:04  ← claude-sonnet-4-6    anthropic   834 tok  1.4s  $0.02 │\n│  11:24:05  DLP: 1 secret redacted (AWS key pattern)                 │\n│  11:24:09  FALLBACK: anthropic 429 → openrouter                     │\n│  11:24:10  ← gemini-2.5-pro       openrouter  412 tok  0.6s  $0.001│\n├─ Alerts ─────────────────────────────────────────────────────────────┤\n│  DLP: 3 secrets | 1 PII | 0 injections   Circuit: all OK            │\n└──────────────────────────────────────────────────────────────────────┘\n```\n\n## Intelligent routing\n\nRequests are classified by intent, then routed to the best model with automatic fallback:\n\n```mermaid\nflowchart LR\n    R[Request] --\u003e CL[Classify]\n    CL --\u003e M[Model] --\u003e P1[\"Provider (P1)\"]\n    P1 --\u003e|fail| P2[\"Provider (P2)\"]\n    CL --\u003e|extended thinking?| O[Opus 4.7]\n    CL --\u003e|web_search tool?| GP[Gemini 2.5 Pro]\n    CL --\u003e|background task?| GF[Haiku 4.5]\n    CL --\u003e|regex match?| CM[custom model]\n    CL --\u003e|default| S[Sonnet 4.6]\n```\n\nPresets configure everything in one command:\n\n| Preset | What it sets up | Cost |\n|--------|-----------------|------|\n| **perf** | Pure Anthropic OAuth (Pro/Max) — auto-maps `claude-*` to native | Max subscription |\n| **ultra-cheap** | Stacked free tiers (Groq + Cerebras + Z.ai + OpenRouter `:free`) | ~€0-2/month |\n| **gdpr** | EU-only routing — Mistral, Scaleway, OVH (`region = \"eu\"`) | Pay-as-you-go |\n| **eu-ai-act** | EU AI Act compliant — EU providers + transparency headers + risk classification | Pay-as-you-go |\n| **eu-eco** | Strict-EU sovereign, budget — Scaleway FR + Nebius `eu-north1` | Pay-as-you-go |\n| **eu-pro** | Strict-EU sovereign, balanced — Hermes-4-405B + Qwen3.5-397B | Pay-as-you-go |\n| **eu-max** | Strict-EU sovereign, premium — preemptive 397B/405B everywhere | Pay-as-you-go |\n\n```bash\ngrob preset apply perf\ngrob preset list   # see every available preset\n```\n\n## Supported providers\n\n| Provider | Auth | Notes |\n|----------|------|-------|\n| **Anthropic** | API key / OAuth (Max) | Claude models |\n| **OpenAI** | API key | GPT, o-series |\n| **Gemini** | API key / OAuth (Pro) | Google AI Studio |\n| **Vertex AI** | ADC | Google Cloud |\n| **OpenRouter** | API key | 200+ models |\n| **DeepSeek** | API key | DeepSeek V4, R1 |\n| **Mistral** | API key | Devstral, Codestral |\n| **Groq** | API key | Fast inference |\n| **z.ai** | API key | GLM-4 family |\n| **MiniMax** | API key | MiniMax models |\n| **Kimi Coding** | API key | Kimi K2 |\n| **Zenmux** | API key | Aggregated routing |\n| **Ollama** | none | Local inference |\n\nAny OpenAI-compatible API works with `provider_type = \"openai\"` and a custom `base_url`.\n\n## Multi-tenant virtual keys\n\nDistribute API keys to teams with per-key budgets, rate limits, and model restrictions:\n\n```bash\ngrob key create --name \"frontend-team\" --tenant frontend --budget 50 --rate-limit 20\n# grob_a1b2c3d4e5f6... (shown once, hashed at rest)\n\ngrob key list\n# PREFIX        NAME            TENANT     BUDGET    RATE\n# grob_a1b2...  frontend-team   frontend   $50/mo    20 rps\n# grob_f8e7...  ml-pipeline     data       $200/mo   100 rps\n```\n\n## Fan-out racing\n\nSend the same request to multiple providers in parallel. Pick the fastest, cheapest, or best-quality response:\n\n```toml\n[[models]]\nname = \"best-answer\"\nstrategy = \"fan_out\"\n\n[models.fan_out]\nmode = \"fastest\"   # or \"best_quality\", \"weighted\"\n```\n\n## Regulatory compliance\n\nGrob maps its features to specific regulatory articles. Every claim is [verified against the codebase](docs/reference/features.md#implementation-verification-audited-2026-03-18).\n\n| Regulation | Coverage |\n|------------|----------|\n| **EU AI Act** | Art. 12 (signed audit log with model/tokens), Art. 14 (risk scoring + escalation webhook), Art. 15 (injection detection, 28 languages), Art. 52 (transparency headers) |\n| **GDPR/RGPD** | PII redaction, name pseudonymization, EU-only provider routing (`gdpr = true`), canary tokens for leak detection |\n| **HDS/PCI DSS/SecNumCloud** | Hash-chained audit entries, Merkle batch signing, classification NC/C1/C2/C3, AES-256-GCM credentials at rest |\n| **NIS2/DORA** | Multi-provider resilience, escalation webhooks, zero-downtime upgrades |\n\n```bash\ngrob preset apply eu-ai-act   # EU AI Act + GDPR in one command\ngrob preset apply gdpr        # EU-only routing + DLP\n```\n\n## Also included\n\n- **Signed audit log** -- ECDSA-P256 / Ed25519 / HMAC-SHA256, hash-chained, Merkle tree batch signing\n- **Response caching** -- Dedup temperature=0 requests (saves tokens and money)\n- **Native TLS + ACME** -- Built-in HTTPS with Let's Encrypt auto-certificates\n- **Three API endpoints** -- `/v1/messages` (Anthropic), `/v1/chat/completions` (OpenAI), `/v1/responses` (Codex CLI)\n- **Prometheus + OpenTelemetry** -- `/metrics` endpoint, OTLP distributed tracing\n- **MCP tool matrix** -- JSON-RPC server for tool-calling orchestration\n\nSee the [full feature matrix](docs/reference/features.md) for rate limiting, JWT/OAuth, log export, zero-downtime upgrades, record \u0026 replay, and more.\n\n## Configuration\n\n```toml\n[[providers]]\nname = \"anthropic\"\nprovider_type = \"anthropic\"\nauth_type = \"oauth\"\noauth_provider = \"anthropic-max\"\n\n[[providers]]\nname = \"openrouter\"\nprovider_type = \"openrouter\"\napi_key = \"$OPENROUTER_API_KEY\"\n\n[[models]]\nname = \"default\"\n[[models.mappings]]\nprovider = \"anthropic\"\nactual_model = \"claude-sonnet-4-6\"\npriority = 1\n[[models.mappings]]\nprovider = \"openrouter\"\nactual_model = \"openai/gpt-5\"\npriority = 2\n\n[router]\ndefault = \"default\"\nthink = \"claude-opus-thinking\"\n\n[server]\nport = 13456\n```\n\nSee [Configuration Reference](docs/reference/configuration.md) for all options.\n\n## CLI\n\n```\ngrob setup                Start the interactive setup wizard\ngrob start [-d]           Start the server (--detach for background)\ngrob stop / restart       Stop or restart the server\ngrob exec -- \u003ccmd\u003e        Run a command behind the proxy (auto start/stop)\ngrob watch                Live traffic inspector (TUI dashboard)\ngrob status               Service status + spend summary\ngrob spend                Monthly spend breakdown\ngrob key create/list/revoke  Manage virtual API keys\ngrob validate             Test all providers with real API calls\ngrob doctor               Run diagnostic checks\ngrob preset list/apply    Manage presets\ngrob connect [provider]   Set up credentials interactively\n```\n\n## Container\n\n```bash\ndocker run -e ANTHROPIC_API_KEY=sk-... ghcr.io/azerozero/grob:latest\n```\n\n6 MB image, `FROM scratch`, TLS bundled via rustls. No OS layer needed.\n\n## Project structure\n\n```\nsrc/\n├── server/              Axum HTTP server and dispatch pipeline\n│   ├── dispatch/        Core dispatch: DLP, cache, route, provider loop\n│   ├── openai_compat/   OpenAI /v1/chat/completions translation\n│   ├── responses_compat/  OpenAI Responses API translation\n│   ├── rpc/             JSON-RPC control plane\n│   ├── watch_sse.rs     Live traffic inspector SSE backend\n│   └── fan_out.rs       Parallel multi-provider dispatch\n├── providers/           Provider implementations and registry\n├── routing/             Request routing: classification + nature-inspired primitives\n│   ├── classify/        Regex-based request classification engine (task type, tier, auto-map)\n│   ├── circuit_breaker.rs  Passive per-endpoint circuit breaker (RE-1a, ADR-0018)\n│   └── health_check.rs     Active per-provider health probe (RE-1b, opt-in)\n├── cli/                 Config structs and CLI argument parsing\n├── commands/            CLI command implementations\n├── auth/                OAuth client, token store, JWT validation\n├── features/\n│   ├── dlp/             Secret scanning, PII, canary tokens\n│   ├── policies/        HIT Gateway, per-action authorization\n│   ├── token_pricing/   Pricing, spend tracking, budgets\n│   ├── mcp/             MCP tool matrix, JSON-RPC server\n│   ├── tap/             Webhook event emission\n│   ├── harness/         Record \u0026 replay sandwich testing\n│   ├── tool_layer/      Tool-calling abstraction layer\n│   ├── pledge/          Pledge-based capability restrictions\n│   ├── watch/           TUI dashboard (grob watch)\n│   ├── log_backend/     Structured audit log backend\n│   └── log_export/      Encrypted audit log export\n├── shared/              Cross-cutting modules (not tied to a single slice)\n│   ├── acme.rs          Automatic TLS certificate provisioning via ACME\n│   ├── instance.rs      Multi-instance coordination (PID + port probing)\n│   ├── net.rs           Network binding with SO_REUSEPORT\n│   ├── otel.rs          OpenTelemetry subscriber bootstrap\n│   ├── pid.rs           PID file management for daemon mode\n│   └── message_tracing/ Request/response trace pipeline (JSONL + rotation)\n├── security/            Circuit breakers, rate limiting, audit log\n├── storage/             Persistent storage layer: atomic files, JSONL journals (GrobStore)\n├── models/              Model and message type definitions\n├── cache/               Response cache layer\n├── pricing.rs           Static model pricing (leaf module, breaks cycle providers↔features)\n└── preset/              Preset management system\n```\n\n## Development\n\n### Prerequisites\n\n- Rust stable (edition 2021)\n- For TUI features: a terminal with 256-color support\n- [prek](https://github.com/j178/prek) for pre-commit hooks (optional but recommended)\n\n### Build and run\n\n```bash\ncargo build\ncargo run -- start\n```\n\n### Tests\n\n```bash\ncargo test\n```\n\n### Pre-commit hooks\n\n```bash\nprek install   # activates fmt, clippy, gitleaks on commit\n```\n\n### Benchmarks\n\n```bash\ncargo bench --bench routing\ncargo bench --bench hotpath\n```\n\n## Documentation\n\n| Doc | Description |\n|-----|-------------|\n| [Feature Matrix](docs/reference/features.md) | Complete feature list with config references |\n| [Getting Started](docs/tutorials/getting-started.md) | Step-by-step tutorial |\n| [Configuration Reference](docs/reference/configuration.md) | All config options |\n| [DLP Reference](docs/reference/dlp.md) | Secret scanning, PII, injection, URL exfil |\n| [DLP How-To](docs/how-to/dlp.md) | Recipes for each DLP feature |\n| [Security Model](docs/explanation/security.md) | Rate limiting, audit, circuit breakers |\n| [Architecture](docs/explanation/architecture.md) | Module layout and design decisions |\n| [CLI Reference](docs/reference/cli.md) | Full command documentation |\n| [OAuth Setup](docs/how-to/oauth-setup.md) | Anthropic Max, Gemini Pro |\n| [Benchmarks](docs/reference/benchmarks.md) | AWS results, competitor comparison |\n| [Provider Setup](docs/how-to/providers.md) | Per-provider guides |\n| [Python SDK Examples](docs/examples/sdk-python.md) | Call Grob from `anthropic` and `openai` Python SDKs |\n| [Node SDK Examples](docs/examples/sdk-node.md) | Call Grob from `@anthropic-ai/sdk` and `openai` Node SDKs |\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for development setup, testing, and PR guidelines.\n\n## License\n\n[AGPL-3.0](LICENSE) -- Commercial licensing available. See [LICENSING.md](LICENSING.md).\n\nBuilt in Rust. Copyright (c) 2025-2026 [A00 SASU](https://github.com/azerozero).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fazerozero%2Fgrob","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fazerozero%2Fgrob","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fazerozero%2Fgrob/lists"}