Expand description
§systemprompt
The governance engine behind AI infrastructure you actually own. One Rust binary, one PostgreSQL, every agent and tool call through one audited path. This is the facade crate: it re-exports the systemprompt-core workspace behind feature flags.
This README mirrors the systemprompt-core root README and is published to docs.rs.
systempromptre-exports the workspace crates behind feature flags; the full project documentation lives in thedocumentation/directory.
§Why this exists
Most teams govern AI one of two ways. They rent a dashboard, and someone else’s infrastructure holds their prompts, their keys, and their audit trail. Or they build it themselves, and eighteen months later they are maintaining a distributed system instead of shipping.
This is the third option. systemprompt-core compiles to a single Rust binary you run on your own infrastructure, backed by the only state it has: a PostgreSQL database you own. Every agent, MCP tool call, and inference request passes through one authenticated, authorized, audited path: a synchronous in-process pipeline under 5 ms, writing an 18-column audit row for every decision. Credentials live in a ChaCha20-Poly1305 store and are injected only into tool child processes, never into the LLM context.
Zero outbound telemetry by default. Air-gap capable. Built for SOC 2 Type II, ISO 27001, HIPAA, and the OWASP Agentic Top 10.
Live capture: an agent tries to pass a GitHub PAT through a tool argument and is denied before the tool process spawns. Evaluating? Start with the MIT-licensed systemprompt-template: 43 scripted demos run every claim on your laptop.
§Capabilities
Six surfaces, one binary, one authenticated and audited path.
| Capability | What it provides |
|---|---|
| A2A agents | A standalone agent server speaking the agent-to-agent JSON-RPC protocol, with SSE streaming and .well-known discovery. Agents you host, not seats you rent. |
| MCP servers | Model Context Protocol servers hosted natively over streamable HTTP. Each is an isolated OAuth2 resource server with scoped tools and its own access log. |
| OAuth2 / OIDC | A built-in authorization server: OIDC discovery, PKCE (S256), WebAuthn, RS256 JWTs. No external identity dependency required to run. |
| Provider gateway | A /v1 proxy (POST /v1/messages, GET /v1/models) that routes model patterns to any configured upstream. Swap providers without touching clients. |
| Extensions | Compile-time Extension implementations registered with the inventory crate. Your code becomes part of your binary; no runtime plugin loading, nothing injected you didn’t compile. |
| Governance | Fail-closed (default-deny) authorization, secret detection, rate limiting, and structured audit logging correlated by trace_id. Every deny reason is a queryable row. |
§Use as a library
[dependencies]
systemprompt = { version = "0.21.1", features = ["full"] }use systemprompt::prelude::*;| Feature | Includes |
|---|---|
core (default) | traits, models, identifiers, extension |
database | PostgreSQL abstraction (DbPool) |
api | HTTP server and AppContext (requires core + database) |
cli | CLI entry point |
full | Everything: all domain modules + CLI |
slack | Slack integration (opt-in; not included in full) |
teams | Microsoft Teams integration (opt-in; not included in full) |
The full per-feature matrix, including the finer-grained flags (config, mcp, events, security, runtime, and the rest), is on the docs.rs crate root.
§Requirements
- Rust 1.94+ (the workspace is edition 2024).
- PostgreSQL 18+.
justto run the build recipes.
§Quickstart (building from source)
git clone https://github.com/systempromptio/systemprompt-core.git
cd systemprompt-core
just build
# Generate a profile + secrets, provision the database, and migrate
./target/debug/systemprompt admin setup --environment local --migrate --yes
# Start the API server (binds 127.0.0.1:8080 by default)
./target/debug/systemprompt infra services start --apiConfirm it is serving:
curl -i http://127.0.0.1:8080/health # 200 when the process and database are up
curl -s http://127.0.0.1:8080/api/v1 # discovery document of mounted surfacesThe full walkthrough is in documentation/getting-started.md.
§Performance
Governance overhead benchmarked at 3,308 req/s burst with p99 latency of 22.7 ms: under 1% of AI response time. Reproduce it yourself with just benchmark in the evaluation template.
§License
Business Source License 1.1 (BSL-1.1). Source-available for evaluation, testing, and non-production use; production use requires a commercial license. Each version converts to Apache-2.0 four years after its publication. You will always be able to read, audit, and eventually own this code. See LICENSE. Licensing enquiries: ed@systemprompt.io.
§Security
Report vulnerabilities to ed@systemprompt.io, not via public issues. See SECURITY.md.
systemprompt.io · Documentation · Guides · Live Demo · Template · crates.io · docs.rs · Discord
Rent your control plane and you rent your audit trail. This one compiles.
| Feature | Pulls in | Use case |
|---|---|---|
core (default) | traits, models, identifiers, extension, template-provider | Author extensions, share types, no I/O. |
database | systemprompt-database, sqlx | SQLx-backed DbPool and repository helpers. |
config | systemprompt-config | Profile, secrets, and credential bootstrap loaders. |
mcp | rmcp | Implement Model Context Protocol servers. |
api | systemprompt-api, systemprompt-runtime, axum (implies core + database) | HTTP server, AppContext, Axum router. |
sync | systemprompt-sync | Cloud synchronisation primitives. |
cloud | systemprompt-cloud | Cloud API client, credentials bootstrap, OAuth. |
logging | systemprompt-logging | Tracing setup with the workspace’s layer stack. |
loader | systemprompt-loader | Filesystem and module discovery. |
events | systemprompt-events | In-process event bus and SSE plumbing. |
client | systemprompt-client | HTTP API client used by the CLI. |
security | systemprompt-security | JWT, scope/RBAC, secret scanning, rate limit. |
cli | systemprompt-cli | The systemprompt CLI as a library entry point. |
runtime | cli + extension injection | RuntimeBuilder for embedding with custom extensions. |
test-utils | cloud | Enables cloud for test scaffolding; not for production. |
full | All of the above plus all domain crates (agent, ai, mcp, oauth, users, content, analytics, scheduler, generator, files) | Building a product binary. |
systemprompt = { version = "0.21.1", features = ["full"] }Copyright (c) systemprompt.io — Business Source License 1.1. See https://systemprompt.io for licensing details.
Re-exports§
pub use runtime::RuntimeBuilder;runtimepub use runtime::RuntimeError;runtimepub use crate::prelude::*;
Modules§
- agent
full - Agent-to-Agent (A2A) protocol surface from
systemprompt-agent— message types, task lifecycle, streaming server, agent registry. - ai
full - LLM integration surface from
systemprompt-ai— provider selection, request/response types, cost accounting. - analytics
full - Analytics domain from
systemprompt-analytics— request, conversation, agent, tool, cost metrics. - api
api - HTTP server entry: Axum router, middleware stack, listener bootstrap.
- cli
cli - CLI entry surface:
run,CliConfig,OutputFormat,ColorMode,VerbosityLevel. - client
client - HTTP API client used by the CLI and external tooling to drive a running instance.
- cloud
cloud - Cloud API client from
systemprompt-cloud— credentials bootstrap, tenant management, deployment. - config
config - Profile / secrets / credentials configuration loaders. Drives the
ProfileBootstrap → SecretsBootstrap → CredentialsBootstrap → Configsequence. - content
full - Content management domain from
systemprompt-content— pages, articles, markdown ingestion. - credentials
cloud - Cloud credentials bootstrap from
systemprompt-cloud— loads OAuth client credentials and tenant identity at startup. - database
database - SQLx-backed database abstraction:
DbPool,DatabaseProvider, repositories, introspection. - events
events - In-process event bus and SSE broadcasting from
systemprompt-events. - extension
core - Compile-time extension framework: the
Extensiontrait, typed variants,register_extension!macro, and registry. - files
full - File-storage domain from
systemprompt-files. - generator
full - Static-site generator from
systemprompt-generator— Tera-based renderer driving thewebCLI domain. - identifiers
core - Typed identifiers from
systemprompt-identifiers(UserId,AgentId,TaskId,TraceId, …). - loader
loader - Filesystem and module discovery for services, plugins, and config files.
- logging
logging - Tracing/logging setup helpers (startup-mode gating, layered subscribers).
- marketplace
full - Marketplace filtering domain from
systemprompt-marketplace— theMarketplaceFiltertrait that gates per-user visibility of plugins, skills, agents, and managed MCP servers in the bridge manifest. - mcp
full - Model Context Protocol implementation from
systemprompt-mcp— server orchestrator, network/proxy layer, RBAC middleware. - models
core - I/O-free data models from
systemprompt-models— config structs, profile types, domain DTOs. - oauth
full - OAuth2 / OIDC / WebAuthn flows from
systemprompt-oauth. - prelude
- Curated re-exports for ergonomic
use systemprompt::prelude::*. Seepreludefor the full list. Curated re-exports foruse systemprompt::prelude::*. - profile
core - Profile types — the on-disk profile schema (
Profile,CloudConfig,ProfileStyle,CloudValidationMode) plus theProfileBootstraploader when theconfigfeature is enabled. - runtime
runtime RuntimeBuilderfor embedding the platform with compile-time injected extensions and a custom web-asset strategy. Embedding helper for thesystempromptCLI.- scheduler
full - Background-job scheduler from
systemprompt-scheduler. - security
security - Security primitives: JWT verification, scope/RBAC, secret scanning, rate-limit middleware.
- slack
slack - Slack integration from
systemprompt-slack— inbound Events API, slash commands, and Block Kit interactivity dispatched to governed agents. - sync
sync - Cloud synchronisation primitives from
systemprompt-sync. - system
api - Application runtime /
AppContextwiring. Construct viaAppContextBuilderfrom the prelude. - teams
teams - Microsoft Teams integration from
systemprompt-teams— inbound Bot Framework activities, token validation, Adaptive Card rendering. - template_
provider core - Template provider trait surface for custom rendering backends (Tera, Handlebars, MJML, …).
- traits
core - Core trait surface from
systemprompt-traits. - users
full - User management domain from
systemprompt-users— accounts, roles, scopes.
Enums§
- WebAssets
runtime WebAssetsstrategy re-export — controls how the runtime serves the static web bundle (in-binary, on-disk, or disabled). Web-asset serving strategy re-exported fromsystemprompt-extension.