pic-standard
PIC (Provenance & Intent Contracts) is a Python library/CLI and integration set that validates structured “action proposals” for AI agents, enforcing fail-closed checks on intent/impact, provenance trust, and evidence (hash/signature) before allowing tool execution.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Strengths: fail-closed action gating; explicit evidence verification options (SHA-256 hashes, Ed25519 signatures) and a trust keyring with expiry/revocation support; local-first design to avoid data leaving the machine. Uncertainties: provided content does not specify HTTP server authentication/TLS requirements or detailed key storage/secret handling; scope granularity and operational authorization beyond evidence/provenance are not fully specified.
⚡ Reliability
Best When
You have agent workflows where side effects must be authorized based on verifiable provenance/evidence, and you want fail-closed gating at the tool execution boundary.
Avoid When
You cannot supply any trustworthy provenance/evidence (because PIC will likely block). Avoid where you need complex, stateful, domain-specific authorization that PIC does not model.
Use Cases
- • Guard high-impact tool calls made by LLM agents (payments, irreversible actions, sensitive data access)
- • Local/offline verification of proposed actions against evidence (SHA-256 hashes, Ed25519 signatures)
- • Tool-gating integration for agent frameworks (LangGraph, MCP) to block unsafe or unproven actions
- • Building an internal safety “action boundary” layer for agentic systems
Not For
- • Not a general-purpose policy engine for all application logic (it specifically validates PIC action proposals)
- • Not a replacement for secure tool implementations or backend authorization controls
- • Not intended to manage real payment/identity security by itself (it gates agent-side intent/evidence)
Interface
Authentication
The README describes a local-first trust keyring for verifying signature evidence (not user authentication/authorization). Authentication for the optional HTTP bridge and MCP integration is not specified in the provided content.
Pricing
As an Apache-2.0 Python package, it appears to be open-source and local; no hosted pricing is mentioned.
Agent Metadata
Known Gotchas
- ⚠ PIC enforces fail-closed for high-impact proposals when trusted provenance/evidence is missing; agents may need to be adapted to produce richer Action Proposal JSON.
- ⚠ Signature evidence verification depends on having a correct trusted keyring/resolver configured; otherwise actions will be blocked.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for pic-standard.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.