How it works
Three lines of code. Zero trust required.
Wrap one function with the SDK. Every AI call gets hashed, graded, and chained automatically — you watch it live in the desktop app, and hand your auditor a proof they verify without trusting you.
$ pip install foxy-audit
from foxy_audit import audit
@audit(policy="soc2") # the only line you add
def ask_model(prompt):
return llm.generate(prompt) # your code, unchanged
That decorator is the only change to your app. It never blocks your function and never throws its own errors — everything below runs on a background thread.
01
Hashed on your machine
The moment your function returns, Foxy takes a SHA-256 of the prompt and response and throws the raw text away. Only the digests, token count, and policy tag leave your servers — your data never does.
02
Graded against your policy
Every call is scored in real time against the policy you tagged — HIPAA, SOC 2, or your own rules. Anything that crosses the line is flagged the instant it happens, not in a review weeks later.
03
Sealed into a hash chain
Each record's hash folds in the one before it — and which model produced it. Edit any past entry and every hash after it stops matching. Tampering isn't hidden; it's mathematically obvious.
04
Watch live, prove anywhere
The desktop app reacts the instant a call lands — green when it's clean, red on a breach. The dashboard shows the whole trail and exports a compliance passport your auditor re-verifies themselves, mapped to NIST AI RMF & the EU AI Act.
See it on your own stack.
Book a walkthrough and we'll wire the SDK into a real call live, then verify the chain in front of you.
Book a demo