Skip to main content

Crate systemprompt

Crate systemprompt 

Source
Expand description
systemprompt.io

§systemprompt

The governance engine behind AI infrastructure you actually own. One Rust binary, one PostgreSQL, every agent and tool call through one audited path. This is the facade crate: it re-exports the systemprompt-core workspace behind feature flags.

Crates.io Docs.rs codecov License: BSL-1.1 Rust 1.94+ PostgreSQL 18+

Website · Documentation · Evaluation template · Discord

This README mirrors the systemprompt-core root README and is published to docs.rs. systemprompt re-exports the workspace crates behind feature flags; the full project documentation lives in the documentation/ directory.


§Why this exists

Most teams govern AI one of two ways. They rent a dashboard, and someone else’s infrastructure holds their prompts, their keys, and their audit trail. Or they build it themselves, and eighteen months later they are maintaining a distributed system instead of shipping.

This is the third option. systemprompt-core compiles to a single Rust binary you run on your own infrastructure, backed by the only state it has: a PostgreSQL database you own. Every agent, MCP tool call, and inference request passes through one authenticated, authorized, audited path: a synchronous in-process pipeline under 5 ms, writing an 18-column audit row for every decision. Credentials live in a ChaCha20-Poly1305 store and are injected only into tool child processes, never into the LLM context.

Zero outbound telemetry by default. Air-gap capable. Built for SOC 2 Type II, ISO 27001, HIPAA, and the OWASP Agentic Top 10.

An agent attempts to exfiltrate a GitHub PAT through a tool argument; the secret-detection layer denies the call before the tool process spawns

Live capture: an agent tries to pass a GitHub PAT through a tool argument and is denied before the tool process spawns. Evaluating? Start with the MIT-licensed systemprompt-template: 43 scripted demos run every claim on your laptop.

§Capabilities

Six surfaces, one binary, one authenticated and audited path.

CapabilityWhat it provides
A2A agentsA standalone agent server speaking the agent-to-agent JSON-RPC protocol, with SSE streaming and .well-known discovery. Agents you host, not seats you rent.
MCP serversModel Context Protocol servers hosted natively over streamable HTTP. Each is an isolated OAuth2 resource server with scoped tools and its own access log.
OAuth2 / OIDCA built-in authorization server: OIDC discovery, PKCE (S256), WebAuthn, RS256 JWTs. No external identity dependency required to run.
Provider gatewayA /v1 proxy (POST /v1/messages, GET /v1/models) that routes model patterns to any configured upstream. Swap providers without touching clients.
ExtensionsCompile-time Extension implementations registered with the inventory crate. Your code becomes part of your binary; no runtime plugin loading, nothing injected you didn’t compile.
GovernanceFail-closed (default-deny) authorization, secret detection, rate limiting, and structured audit logging correlated by trace_id. Every deny reason is a queryable row.

§Use as a library

[dependencies]
systemprompt = { version = "0.21.1", features = ["full"] }
use systemprompt::prelude::*;
FeatureIncludes
core (default)traits, models, identifiers, extension
databasePostgreSQL abstraction (DbPool)
apiHTTP server and AppContext (requires core + database)
cliCLI entry point
fullEverything: all domain modules + CLI
slackSlack integration (opt-in; not included in full)
teamsMicrosoft Teams integration (opt-in; not included in full)

The full per-feature matrix, including the finer-grained flags (config, mcp, events, security, runtime, and the rest), is on the docs.rs crate root.

§Requirements

  • Rust 1.94+ (the workspace is edition 2024).
  • PostgreSQL 18+.
  • just to run the build recipes.

§Quickstart (building from source)

git clone https://github.com/systempromptio/systemprompt-core.git
cd systemprompt-core
just build

# Generate a profile + secrets, provision the database, and migrate
./target/debug/systemprompt admin setup --environment local --migrate --yes

# Start the API server (binds 127.0.0.1:8080 by default)
./target/debug/systemprompt infra services start --api

Confirm it is serving:

curl -i http://127.0.0.1:8080/health   # 200 when the process and database are up
curl -s http://127.0.0.1:8080/api/v1   # discovery document of mounted surfaces

The full walkthrough is in documentation/getting-started.md.

§Performance

Governance overhead benchmarked at 3,308 req/s burst with p99 latency of 22.7 ms: under 1% of AI response time. Reproduce it yourself with just benchmark in the evaluation template.

§License

Business Source License 1.1 (BSL-1.1). Source-available for evaluation, testing, and non-production use; production use requires a commercial license. Each version converts to Apache-2.0 four years after its publication. You will always be able to read, audit, and eventually own this code. See LICENSE. Licensing enquiries: ed@systemprompt.io.

§Security

Report vulnerabilities to ed@systemprompt.io, not via public issues. See SECURITY.md.


systemprompt.io · Documentation · Guides · Live Demo · Template · crates.io · docs.rs · Discord

Rent your control plane and you rent your audit trail. This one compiles.

# Feature flags
FeaturePulls inUse case
core (default)traits, models, identifiers, extension, template-providerAuthor extensions, share types, no I/O.
databasesystemprompt-database, sqlxSQLx-backed DbPool and repository helpers.
configsystemprompt-configProfile, secrets, and credential bootstrap loaders.
mcprmcpImplement Model Context Protocol servers.
apisystemprompt-api, systemprompt-runtime, axum (implies core + database)HTTP server, AppContext, Axum router.
syncsystemprompt-syncCloud synchronisation primitives.
cloudsystemprompt-cloudCloud API client, credentials bootstrap, OAuth.
loggingsystemprompt-loggingTracing setup with the workspace’s layer stack.
loadersystemprompt-loaderFilesystem and module discovery.
eventssystemprompt-eventsIn-process event bus and SSE plumbing.
clientsystemprompt-clientHTTP API client used by the CLI.
securitysystemprompt-securityJWT, scope/RBAC, secret scanning, rate limit.
clisystemprompt-cliThe systemprompt CLI as a library entry point.
runtimecli + extension injectionRuntimeBuilder for embedding with custom extensions.
test-utilscloudEnables cloud for test scaffolding; not for production.
fullAll of the above plus all domain crates (agent, ai, mcp, oauth, users, content, analytics, scheduler, generator, files)Building a product binary.
systemprompt = { version = "0.21.1", features = ["full"] }

Copyright (c) systemprompt.io — Business Source License 1.1. See https://systemprompt.io for licensing details.

Re-exports§

pub use runtime::RuntimeBuilder;runtime
pub use runtime::RuntimeError;runtime
pub use crate::prelude::*;

Modules§

agentfull
Agent-to-Agent (A2A) protocol surface from systemprompt-agent — message types, task lifecycle, streaming server, agent registry.
aifull
LLM integration surface from systemprompt-ai — provider selection, request/response types, cost accounting.
analyticsfull
Analytics domain from systemprompt-analytics — request, conversation, agent, tool, cost metrics.
apiapi
HTTP server entry: Axum router, middleware stack, listener bootstrap.
clicli
CLI entry surface: run, CliConfig, OutputFormat, ColorMode, VerbosityLevel.
clientclient
HTTP API client used by the CLI and external tooling to drive a running instance.
cloudcloud
Cloud API client from systemprompt-cloud — credentials bootstrap, tenant management, deployment.
configconfig
Profile / secrets / credentials configuration loaders. Drives the ProfileBootstrap → SecretsBootstrap → CredentialsBootstrap → Config sequence.
contentfull
Content management domain from systemprompt-content — pages, articles, markdown ingestion.
credentialscloud
Cloud credentials bootstrap from systemprompt-cloud — loads OAuth client credentials and tenant identity at startup.
databasedatabase
SQLx-backed database abstraction: DbPool, DatabaseProvider, repositories, introspection.
eventsevents
In-process event bus and SSE broadcasting from systemprompt-events.
extensioncore
Compile-time extension framework: the Extension trait, typed variants, register_extension! macro, and registry.
filesfull
File-storage domain from systemprompt-files.
generatorfull
Static-site generator from systemprompt-generator — Tera-based renderer driving the web CLI domain.
identifierscore
Typed identifiers from systemprompt-identifiers (UserId, AgentId, TaskId, TraceId, …).
loaderloader
Filesystem and module discovery for services, plugins, and config files.
logginglogging
Tracing/logging setup helpers (startup-mode gating, layered subscribers).
marketplacefull
Marketplace filtering domain from systemprompt-marketplace — the MarketplaceFilter trait that gates per-user visibility of plugins, skills, agents, and managed MCP servers in the bridge manifest.
mcpfull
Model Context Protocol implementation from systemprompt-mcp — server orchestrator, network/proxy layer, RBAC middleware.
modelscore
I/O-free data models from systemprompt-models — config structs, profile types, domain DTOs.
oauthfull
OAuth2 / OIDC / WebAuthn flows from systemprompt-oauth.
prelude
Curated re-exports for ergonomic use systemprompt::prelude::*. See prelude for the full list. Curated re-exports for use systemprompt::prelude::*.
profilecore
Profile types — the on-disk profile schema (Profile, CloudConfig, ProfileStyle, CloudValidationMode) plus the ProfileBootstrap loader when the config feature is enabled.
runtimeruntime
RuntimeBuilder for embedding the platform with compile-time injected extensions and a custom web-asset strategy. Embedding helper for the systemprompt CLI.
schedulerfull
Background-job scheduler from systemprompt-scheduler.
securitysecurity
Security primitives: JWT verification, scope/RBAC, secret scanning, rate-limit middleware.
slackslack
Slack integration from systemprompt-slack — inbound Events API, slash commands, and Block Kit interactivity dispatched to governed agents.
syncsync
Cloud synchronisation primitives from systemprompt-sync.
systemapi
Application runtime / AppContext wiring. Construct via AppContextBuilder from the prelude.
teamsteams
Microsoft Teams integration from systemprompt-teams — inbound Bot Framework activities, token validation, Adaptive Card rendering.
template_providercore
Template provider trait surface for custom rendering backends (Tera, Handlebars, MJML, …).
traitscore
Core trait surface from systemprompt-traits.
usersfull
User management domain from systemprompt-users — accounts, roles, scopes.

Enums§

WebAssetsruntime
WebAssets strategy re-export — controls how the runtime serves the static web bundle (in-binary, on-disk, or disabled). Web-asset serving strategy re-exported from systemprompt-extension.