Skip to content

Auditor Lifecycle Phases

Lucid Auditors are Phase-Aware. Security logic is enforced across the entire lifecycle of an AI request, from build-time verification to runtime response filtering.

Cryptographic Evidence

Each phase contributes a signed unit of evidence. These are bundled into the AI Passport, providing a verifiable record that the workload followed the Security Policy in a secure TEE.

The Four Phases

Lucid's protection spans four distinct lifecycle phases. Each phase can host multiple auditors specialized for different safety or compliance tasks.

Phase 1: Build & Deploy

SDK Hook: @builder.on_artifact

Verified at weight-loading or container-init time. If an auditor in this phase fails, the TEE enclave will refuse to transition to a "Ready" state.

Integrity Watchdog

Ensures that the binary and model weights match the cryptographically signed hashes in the registry.

Artifact IntegritySLSA

SBOM Verifier

Scans the Software Bill of Materials (SBOM) for critical CVEs before allowing deployment.

Supply ChainNIST

Model Card Validator

Validates model transparency metadata against regulatory schemas (e.g., EU AI Act).

EU AI ActTransparency

Phase 2: Input Gate

SDK Hook: @builder.on_request

Intercepts and cleanses data before it reachers the model's high-privilege processing context.

PII Sanitizer

Detects and redacts sensitive identifiers (SSNs, emails, phone numbers) from user prompts.

GDPRCCPA

Injection Shield

Scans for adversarial prompt structures and "jailbreak" patterns designed to bypass safety filters.

OWASP Top 10LLM-01

Geo-Fencer

Enforces data residency by checking request origin against sovereignty-aware access policies.

Data SovereigntyCompliance

Phase 3: Runtime Mirror

SDK Hook: @builder.on_execution

Observes the model's internal behavior and execution environment during active inference.

Token Economist

Tracks token usage and latency in real-time to detect cost anomalies and SLA breaches.

FinOpsSLA Monitoring

Loop Breaker

Detects recursive tool-calling patterns in agentic workflows to stop infinite loops.

Agentic SafetyResilience

MCP Firewall

Restricts Model Context Protocol (MCP) tool usage to only approved external domains.

IAMNetwork Security

Phase 4: Output Gate

SDK Hook: @builder.on_response

The final safety check before data is cryptographically released from the TEE to the user. This phase also embeds provenance watermarks for content authenticity.

Truth Proxy

Cross-references model outputs against RAG sources to detect and flag hallucinations.

AccuracyRAG Quality

Fairness Judge

Calculates bias and disparate impact metrics on model responses across demographics.

Ethical AIBias Detection

Toxicity Audit

Filters responses for harmful, toxic, or non-compliant language before release.

Content SafetyBrand Prep

Content Watermarker

Embeds cryptographic watermarks (text, image, video) with TEE-attested provenance for content authenticity.

C2PAProvenance

Auditor Lifecycle

graph TD
    A[Build Time] -->|Verify Hash| B[Deployment]
    B --> C{Request Hook}
    C -->|Allow/Redact| D[Model Execution]
    C -->|Deny| E[Error Response]
    D -->|Telemetry| F{Response Hook}
    F -->|Verified| G[Release + AI Passport]
    F -->|Blocked| H[Redacted/Error Response]

Auditor Development Patterns

The SDK supports two patterns for building auditors:

1. Builder Pattern (Direct Decisions)

Traditional approach where auditors return decisions (Proceed(), Deny(), etc.) directly.

@builder.on_request
def check_input(data: dict):
    if is_dangerous(data):
        return Deny("Dangerous input detected")
    return Proceed()

Best for: Simple rules, rapid prototyping, self-contained auditors.

2. ClaimsAuditor Pattern (Policy-Driven)

Modern approach where auditors only produce claims (observations), and the PolicyEngine makes decisions based on YAML policies.

class SafetyAuditor(ClaimsAuditor):
    @claims(phase=Phase.REQUEST)
    def measure_risk(self, request: dict) -> list[Claim]:
        return [Claim(name="risk.score", value=analyze(request), ...)]

Best for: Dynamic policy updates, compliance-heavy environments, multi-tenant deployments.

See the Auditor Development Guide for detailed implementation guidance.

🚀 What's Next?