SDK & Open Source

Verified evidence, three method calls.

The Skippy Python SDK is in private preview. The verification and audit tooling that powers Skippy internally is available now as open-source packages.

Open Source · Apache 2.0

Verification tooling, available now

The packages below are the verification, audit, and key infrastructure used inside Skippy. All are Apache 2.0, installable via pip, and require no Skippy account or API key.

skippy-verifyAvailable

Offline cryptographic verifier for signed Skippy responses. Checks Ed25519 signatures, Merkle root integrity, key revocation, and optional Rekor transparency-log inclusion. No Skippy infrastructure required after install.

Install

pip install skippy-verify

Usage

from skippy_verify import ResponseVerifier

verifier = ResponseVerifier(

key_registry_url="https://keys.your-org.com"

)

result = verifier.verify(signed_response)

# result.verified · result.failures

Six verification steps

01Signature present

02Key lookup + TTL cache

03Key revocation check

04Merkle root recomputation

05Ed25519 signature validation

06Response hash integrity

Ed25519Merkle treeRekor-compatibleCLI + libraryApache 2.0

skippy-verifierAvailable

Claim-vs-source entailment audit harness. Extracts claims from output, validates each against cited sources using pluggable NLI backends, and returns structured violation reports with JSON Schema-validated audit logs.

Install

pip install skippy-verifier

# with NLI backend:

pip install skippy-verifier[alignscore]

Usage

from skippy_verifier import VerifierHarness

from skippy_verifier.providers import AlignScoreProvider

harness = VerifierHarness(

nli_provider=AlignScoreProvider()

)

result = harness.verify(claims, sources)

# result.gate_decision · result.violations

Violation taxonomy (V001–V011)

V001–V002Unsupported or uncited claim

V005–V006Finding not found · Retracted source

V010–V011PII in response · Safety gate bypass

V003–V004Irrelevant citation · Low utility

AlignScoreFactKBMiniCheck (BYO)Custom NLIApache 2.0

skippy-keysAvailable

Public key registry for cryptographic verification of signed Skippy responses. Provides key lookup, TTL-cached resolution, and key revocation status. Required by skippy-verify to resolve the signing key embedded in a signed response.

Install

pip install skippy-keys

Configure with skippy-verify

from skippy_verify import ResponseVerifier

from skippy_keys import KeyRegistry

registry = KeyRegistry(

base_url="https://keys.skippy.health/v1",

ttl_seconds=3600

)

verifier = ResponseVerifier(key_registry=registry)

result = verifier.verify(signed_response)

Key lifecycle

·90-day rotation cadence for all signing keys

·Revocation list checked on every verification

·Dev, test, and prod-2026-Q2 key sets included

·Self-hostable — point to your own registry URL

Ed25519 keysTTL cacheRevocation supportSelf-hostableApache 2.0

Pluggable NLI provider interface

Bring your own entailment model. Any class implementing the NLIProvider Protocol works as a drop-in backend — no inheritance required.

Protocol

class NLIProvider(Protocol):

model_id: str

model_type: str

def score(

claim: str, source: str

) -> NLIResult: ...

NLIResult

score: float # 0.0 → 1.0

supported: bool

rationale: str | None

model_id: str

elapsed_ms: int # latency audit

Evidence API · Private Preview

skippy-python — verified evidence, three method calls

v0.1.0Private PreviewMay 2026

verify() — claim verification with calibrated confidence
retrieve() — evidence retrieval by entity
score_output() — per-sentence grounding scores
Pydantic models for all responses
Typed error classes

v0.2.0UpcomingJune 2026

LangChain integration
LlamaIndex integration
OpenAI function-calling adapter
Async support

v0.3.0PlannedJuly 2026

Batch verification
Streaming responses
Local cache
Offline mode

Request SDK access

Tell us about your use case and we'll provision early access keys plus integration support.

Request Access How the verifier works →