I run a small automation setup that handles content, scheduling, and browser tasks for me. Over a few months I kept re-implementing the same building blocks: scoring prompts before I ship them, guarding tool calls so a bad input can't wreck something, compressing context when it gets too long, and remembering things between runs.
So I extracted them into standalone packages and open-sourced all of them. Every one is zero-dependency (Python 3.11+ stdlib only) — pip install and go, no transitive dependency hell.
Here's what each does, with a real code snippet pulled from the repo.
1. prompt-bench — score and A/B test prompts
The problem: I'd tweak a prompt, ship it, and only discover weeks later it was worse. Now I score prompts on 12 dimensions before they touch production.
from prompt_bench import PromptScorer
scorer = PromptScorer()
result = scorer.score("You are a helpful assistant. Summarize the article.")
print(f"Overall: {result.overall_quality}")
for suggestion in result.suggestions:
print(f" - {suggestion}")
It also A/B-tests two variants and picks a winner with a per-dimension breakdown — useful when you're arguing with yourself over whether to add an example.
🔗 github.com/nguyenminhduc9988/prompt-bench
2. hermes-tool-guard — stop dangerous tool calls
The moment you let an LLM call tools (read_file, run_shell, http_get), you need a guard. This one validates inputs, rate-limits per tool, and blocks shell injection, path traversal, and SSRF before the call runs.
from tool_guard import ToolGuard
guard = ToolGuard(default_rate_limit=30)
result = guard.check_call("read_file", {"path": "/tmp/data.txt"})
if not result.all_safe:
print(result.blocked_patterns)
Token-bucket rate limiting per tool, plus a rules engine with allow/deny/sanitize/log actions.
🔗 github.com/nguyenminhduc9988/hermes-tool-guard
3. agent-loop-lite — the Plan-Act-Observe loop
The core agentic pattern as a tiny state machine: plan → execute tools → observe → replan or finish. Bring your own LLM; the loop enforces transitions, manages a tool registry, and fires hooks at every step.
from agent_loop import AgentLoop, LoopState
def search_web(query: str) -> str:
return f"Results for: {query}"
def save_data(data: str, filename: str) -> str:
return f"Saved to {filename}"
loop = AgentLoop(
tools=[
("search_web", search_web, {"type": "object", "properties": {"query": {"type": "string"}}}),
("save_data", save_data, None),
],
max_iterations=10,
)
result = loop.run("Research AI trends and save a summary")
print(f"Status: {result.status.value}, Iterations: {result.iterations}")
Hooks (on_plan, on_execute, on_observe) make it easy to emit JSON logs of every step.
🔗 github.com/nguyenminhduc9988/agent-loop-lite
4. mcp-wrap — turn any REST API into an MCP server
Model Context Protocol is becoming the standard for handing tools to LLMs. Hand-writing a server per API is tedious — mcp-wrap wraps a REST endpoint into an MCP server in minutes.
🔗 github.com/nguyenminhduc9988/mcp-wrap
5. context-window — compress long conversations
When a conversation outgrows the context window, this manager compresses older turns intelligently instead of just truncating them — recent context stays verbatim, the rest gets summarized.
🔗 github.com/nguyenminhduc9988/context-window
6. signet-lite — persistent memory for CLI agents
SQLite + FTS5 full-text-search memory for command-line agents. Your agent remembers what it did last run without standing up a database server.
🔗 github.com/nguyenminhduc9988/signet-lite
7. agent-memory — multi-layer memory system
In-memory + file-based memory with multiple layers (short-term and long-term), for agents that need both fast recall and durable storage.
🔗 github.com/nguyenminhduc9988/agent-memory
Why zero dependencies?
Every package uses only the Python standard library. That gives you:
- No version conflicts — install alongside anything
- Fast cold starts — nothing to import-resolve
- Auditable — you can read the whole codebase in an afternoon
- No supply-chain risk — no transitive packages to vet
The trade-off is writing more yourself (I reimplemented a token bucket, an FTS5 wrapper, a JSON-schema validator). For infra-style tools like these, that trade is worth it.
What's next
All seven are MIT-licensed. If you're building agents and want to compare notes, I publish more of this at bigwinner.work — open-source tools and the occasional write-up.
If any of these are useful, a GitHub star genuinely tells me what to build next.
All repos live at github.com/nguyenminhduc9988.
Top comments (0)