A runtime safety layer for AI systems that blocks actions when causal evidence is not reliable enough.
Core principle: when causal identifiability is insufficient, the correct behavior is causal silence (no actionable recommendation).
Causal Safety Engine (CSE) is a runtime safety layer for AI systems that prevents actions when causal reasoning is unreliable.
CSE enforces a strict separation between two phases that are often mixed:
- Causal discovery (analysis / insights)
- Action authorization (operational decision)
This reduces the risk of:
- premature automation
- decision leakage
- causally unjustified interventions
- false positives in high-impact settings
- Runs a local, deterministic causal pipeline.
- Applies guardrails (bias checks, robustness, stability).
- Produces auditable artifacts in
out/. - Exposes an integration-ready machine-readable state (
ALLOW | BLOCK | SILENCE).
- It is not an autonomous decision agent.
- It does not execute interventions by itself.
- It does not replace human judgment, governance, or compliance.
Invariants take precedence over performance and coverage:
- Safety gates must not be bypassable through operational config.
- Causal silence is a valid and preferred outcome over weak insights.
- No action authorization without causal and robustness conditions being met.
Further reading:
docs/INVARIANTS.mddocs/DECISION_GATES.mddocs/VIOLATION_PROTOCOL.md
IMPLEMENTATION/pcb_one_click/
pcb_cli.py # unified CLI
run_pcb.py # legacy runner
pcb_integration.py # machine-readable decision contract
demo.py # local demo
data.csv # example dataset
integrations/gemini/
... # Gemini safety-governed integration adapters
docs/
ARCHITECTURE.md
INTEGRATION_GUIDE.md
SECURITY.md
INVARIANTS.md
- Python 3.7+
- Python dependencies from
IMPLEMENTATION/pcb_one_click/
Quick install:
cd IMPLEMENTATION/pcb_one_click
pip install -r requirements.txtFrom repository root:
python IMPLEMENTATION/pcb_one_click/pcb_cli.py init
python IMPLEMENTATION/pcb_one_click/pcb_cli.py run --data IMPLEMENTATION/pcb_one_click/data.csv --skip-32Main commands:
init→ prepareout/run→ full pipeline (with selective skip flags)plan,log,eval→ experimental workflow (L2.9)alerts→ daily alerts (L2.8)validate→ level 3.2 validation onlydecision→ machine-readable integration contract
Full help:
python IMPLEMENTATION/pcb_one_click/pcb_cli.py --helpFor production integrations, avoid parsing text logs and consume the JSON contract:
python IMPLEMENTATION/pcb_one_click/pcb_cli.py decision --print-jsonDefault output file:
out/integration_decision.json
Example contract:
{
"schema_version": "v1",
"generated_at_utc": "2026-01-01T00:00:00Z",
"decision_state": "ALLOW",
"decision_reason": "no_active_alerts",
"metrics": {
"kept_insights_count": 5,
"alerts_count": 0
},
"artifacts": {
"insights_level2_csv": "out/insights_level2.csv",
"alerts_level28_csv": "out/alerts_today_level28.csv"
}
}SILENCE: no kept insights are availableBLOCK: kept insights exist and at least one alert is activeALLOW: kept insights exist and no active alerts are present
data_clean.csvedges.csvinsights_level2.csvalerts_today_level28.csvexperiment_plan.csvexperiment_results.csvexperiment_summary_level29.csvinsights_level3.csvinsights_level3_ledger.csvexperiment_trials_enriched_level32.csvintegration_decision.json
The integrations/gemini/ folder shows a safety-governed pattern:
- LLM generates proposals only
- CSE remains the deterministic evaluation authority
- model-side override is not allowed
- Local-first: no network service exposed by default.
- Auditable per-run artifacts.
- See:
docs/SECURITY.mddocs/REPRODUCIBILITY.mddocs/ARTIFACT_MANIFEST.md
- Shadow mode: run CSE and log decisions without enforcement.
- Soft gate: block only critical cases.
- Hard gate: full enforcement on
decision_state. - Audit loop: artifact retention + periodic policy/config review.
Extended integration guide:
docs/INTEGRATION_GUIDE.md
+---
See License.md.