Lár: The PyTorch for Agents — The First EU AI Act-Ready Agent Execution Engine

The EU AI Act enforcement deadline is August 2026. Teams building AI agents in finance, healthcare, legal, and enterprise need to prove to regulators exactly what their agent did, why, and what it cost — on every run. Existing frameworks cannot do this. Lár can.

Lár is a ground-up agent execution engine where auditability is structural, not an add-on. Every design decision — deterministic graphs, step-level state diffs, cryptographic audit trails, topology validation, human oversight primitives — exists to satisfy EU AI Act requirements out of the box.

Lár is the execution spine of a three-part system. Each repo is independent and usable alone — and they're designed to compose:

The three repos share a single engine version (lar-engine 2.2.0). A JEPA node predicts a trajectory, routes through an EntropicRouter, writes the committed heuristic to DMN's Hippocampus, and recalls it on the next planning cycle — all through the same GraphExecutor causal trace.

Lár ships a complete Enterprise Compliance Backbone — 20 primitives covering all 23 requirements mapped by Nannini et al. (2026), the definitive compliance architecture paper for AI agents under EU law. Validated live against ollama/phi4:latest:

Core primitives (v2.1.x)

New in v2.2.0 — gap closure

Read the EU AI Act Deep Dive → | Nannini et al. (2026) Full Mapping →

One command runs a live SME credit decision through the compliance primitives and produces three HMAC-signed audit artefacts:

python examples/compliance/22_eu_ai_act_finance_showcase.py

Every step produces a real Article 12 causal trace, a real Article 14 AuthorityLedger record, and a real Step 9 action inventory — all HMAC-SHA256 signed. PII is stripped before signing.

This is the difference. Every step, every key written, every node that touched state — recorded. No guesswork, no external tooling required.

Full showcase breakdown — execution trace, real JSON artefacts, 12-step coverage map →

Open-source vs. enterprise: All 20 compliance primitives (FundamentalRightsImpactNode, IncidentReporterNode, BehavioralEnvelopeMonitor, SessionMemoryNode, BranchTriageNode, CredentialVault, etc.) are in lar.compliance and fully open-source under Apache 2.0. The finance showcase uses build_and_run from lar.enterprise, a convenience wrapper in the enterprise tier. Open-source users assemble the same pipeline from primitives — the step-by-step guide walks you through it: Build a Compliant Agent from Scratch →

Lár runs one node at a time, yielding a structured audit entry after every step. The execution model is a Python generator — each yield contains the state before, the state diff, token usage, the rendered prompt, and the outcome.

This means:

1. Instant Debugging: The exact node that failed, the exact data it received, the exact error — all in the log.
2. Built-in Auditing: A complete, immutable history of every decision and token cost, by default, on every run.
3. Deterministic Control: Explicit graphs, not probabilistic chat rooms. The same input produces the same execution trace.

LangGraph crashes at Step 25 on a 60-node graph, while Lár effortlessly handles a 191-node concurrent graph:

CRASH CONFIRMED: Recursion limit of 25 reached without hitting a stop condition.
LangGraph Engine stopped execution due to Recursion Limit.

See: examples/comparisons/langchain_swarm_fail.py

New to Lár? The step-by-step guide walks you through wiring every compliance primitive — from credential vault to HMAC-signed audit artefacts — starting from a blank file. Written for both engineers and AI assistants.

Read the guide → | Live showcase → | Continuously Running Agents →

pip install lar-engine

Or from source:

git clone https://github.com/snath-ai/lar.git
cd lar
poetry install

Create a .env file with your model API keys:

GEMINI_API_KEY="..."
OPENAI_API_KEY="..."
ANTHROPIC_API_KEY="..."

pip install lar-engine
lar new agent my-bot
cd my-bot
python agent.py

from lar import node, GraphExecutor

@node(output_key="summary")
def summarize_text(state):
    text = state["text"]
    return my_llm.generate(text)

from lar import LLMNode, RouterNode, GraphExecutor

classify = LLMNode(model_name="gpt-4o", prompt_template="Classify: {input}", output_key="category")
route = RouterNode(decision_function=lambda s: s.get("category"), path_map={"A": node_a, "B": node_b})
classify.next_node = route

executor = GraphExecutor()
for step in executor.run_step_by_step(classify, {"input": "Hello"}):
    print(f"Step {step['step']} ({step['node']}): {step['outcome']}")

Agentic frameworks typically crash when attempting to route anything other than text strings. When standard agents attempt to log state, they use standard json.dumps(), which immediately crashes if the state contains PyTorch tensors or multidimensional NumPy arrays.

Lár v2.1.0 introduces native support for Scientific and Biological AI Architectures (e.g., JEPAs, Diffusion Models). The engine includes a native TensorSafeEncoder built directly into the core GraphExecutor and AuditLogger. This intercepts PyTorch and NumPy structures natively during execution and audit-logging, allowing your agent graph to:

1. Route Tensors Deterministically: Pass gigabyte-sized biological or scientific tensors across nodes without serialization crashes.
2. Audit Latent Space: Cryptographically log the exact multidimensional shape and type of massive data structures moving through the pipeline without blowing out memory (e.g., {"__type__": "Tensor", "shape": [1, 768]}).

Lár is the first EU AI Act-ready engine built not just for LLMs, but for real mathematical world models. For a complete heterogeneous cognitive architecture built on this foundation, see Lár-JEPA.

Lár is built on LiteLLM — switch providers by changing one string. Zero refactoring.

# Cloud
node = LLMNode(model_name="gpt-4o", ...)
node = LLMNode(model_name="gemini/gemini-2.5-pro", ...)
node = LLMNode(model_name="claude-opus-4-6", ...)

# Local (Ollama)
node = LLMNode(model_name="ollama/phi4", ...)
node = LLMNode(model_name="ollama/deepseek-r1:7b", ...)

Read the Full LiteLLM Setup Guide →

Native support for DeepSeek R1, OpenAI o1, and Liquid. <think> tags are first-class citizens — extracted and saved to run_metadata, keeping the main context window clean.

node = LLMNode(
    model_name="ollama/deepseek-r1:7b",
    prompt_template="Solve: {puzzle}",
    output_key="answer"
)
# state['answer'] = "The answer is 42."
# log['metadata']['reasoning_content'] = "<think>First, I calculate...</think>"

Most frameworks cannot reliably resume a crashed execution — not because the feature is missing, but because their routers are probabilistic. On retry, the LLM may branch differently. The "resume" is actually a new run that happens to start with the same input.

Lár's routers are pure Python functions. Same state in, same decision out — deterministically. When Lár resumes at Step 47, it takes exactly the path Step 47 would have taken. The resumption is exact, not approximate.

The GraphExecutor is a Python generator that yields after every node. GraphState is a plain dict — always serialisable, always decoupled from the engine. The causal trace written on every run is not just an audit log; every entry is a resumption checkpoint.

At 10,000 runs/day with 40% transient failure rate → $9.48/day saved.

The same property powers HumanJuryNode: the graph halts before an irreversible action, the process can be killed, and when the human responds — hours later if needed — execution resumes from exactly that node with exactly that state. This is what EU AI Act Art. 14 requires in practice.

If your agent produces a wrong output at Step 5, load the state from Step 4, modify the prompt, and run Step 5 alone — repeatedly, cheaply. In a black-box framework you re-run the whole pipeline and hope the LLM reproduces the same path. In Lár you rewind to the exact state that produced the bad output.

See: examples/patterns/9_resumable_graph.py · examples/patterns/10_resumable_cost_demo.py

Most pipelines are hardcoded: you define every branch at development time. AdaptiveNode breaks that constraint — the number, type, and sequence of processing nodes is decided at runtime based on what the agent actually receives.

The mental model: You pre-define a set of approved tools. At runtime, an LLM acts as an architect — it receives the live input and outputs a JSON graph spec describing which tools to run and in what order. Lár validates that spec deterministically (no cycles, no unapproved tools), instantiates the nodes, and executes the subgraph. The LLM never runs again — pure Python takes over.

When this matters: When problem complexity is genuinely input-dependent. A simple document → 1 summarise node. A financial contract → extract entities, check compliance, then summarise. You don't hardcode which path — the agent decides. Without AdaptiveNode, you'd need to pre-build a branch for every possible combination upfront.

# You define the tools the LLM is allowed to wire up
validator = TopologyValidator(allowed_tools=[extract_entities, check_compliance, summarize])

adaptive = AdaptiveNode(
    llm_model="gpt-4o",
    prompt_template="""
    Document type: {doc_type}
    If "simple"    → 1 node: summarize only
    If "financial" → 3 nodes: extract_entities → check_compliance → summarize
    Output JSON GraphSpec.
    """,
    validator=validator,
    next_node=done_node,
    context_keys=["doc_type"]
)

# Wire it like any other node — the executor handles the rest
executor = GraphExecutor()
for step in executor.run_step_by_step(adaptive, {"doc_type": "financial", "document": "..."}):
    pass
# → extract_entities runs, then check_compliance, then summarize
# If doc_type were "simple", only summarize would have run

Honest tradeoffs:

• Costs one extra LLM call upfront to design the subgraph before any work happens
• The LLM must output valid JSON every time — TopologyValidator hard-rejects malformed specs and falls back to next_node, but you've spent tokens
• Graph depth is unpredictable — use Lár's node budget limits to cap it

The real unlock is combining AdaptiveNode with BatchNode. The LLM can decide both how many workers to spawn and that they should run in parallel — covering case complexity you'd need a combinatorial explosion of static branches to replicate.

This stays compliant regardless of graph shape. Every generated spec is logged to the HMAC-signed Causal Trace before any node executes (Art. 12). TopologyValidator is pure Python — deterministic, not probabilistic — so the safety decision is never delegated to an LLM. All 13 compliance primitives (HumanJuryNode, PIIRedactionEngine, BiasFilterNode, etc.) work inside generated subgraphs exactly as they do in static ones. The graph shape changes at runtime; the compliance guarantees don't.

In fractal agents (manager AdaptiveNode + BatchNode of specialist AdaptiveNodes), wire BranchTriageNode between BatchNode and the human jury. Without it the human sees a rolled-up score — they don't know which parallel branch triggered the alert. That's not meaningful oversight under Art. 14. With it, the jury context includes per-branch findings before ReduceNode compresses them away.

See: examples/adaptive/ | examples/compliance/23_fractal_compliance_showcase.py | Adaptive Graphs Docs →

What Lár solves:

• Cryptographic causal traces for every decision (Art. 12)
• Hardware-level routing to human approval before high-risk actions (Art. 14)
• Automated external action inventory for adjacent legislation (Step 9)

What Lár cannot solve:

• Model bias or unsuitability — if you plug in a biased model, Lár records the biased decision accurately; liability remains with the organisation
• Human negligence — a HumanJuryNode that is rubber-stamped will fail an audit for negligent oversight
• Data provenance — Lár cannot guarantee training data was legally acquired

from lar import GraphExecutor

executor = GraphExecutor(
    log_dir="secure_logs",
    hmac_secret="your_enterprise_secret_key"
)
# Run your agent normally. Every log is HMAC-SHA256 signed.

Verify for auditors:

python examples/compliance/11_verify_audit_log.py secure_logs/run_xyz.json your_secret_key
# [+] VERIFICATION SUCCESSFUL  or  [-] VERIFICATION FAILED

When you run a fully compliant, resumable agent (like 27_ultimate_resumable_enterprise.py), the output isn't just print statements—it produces concrete, cryptographically sealed JSON artifacts designed for legal and compliance review.

We have provided real output samples generated by phi4:latest in the examples/compliance/sample_auditor_reports/ directory:

1. sample_compliance_manifest.json: A high-level regulatory map proving that all 23 EU AI Act primitives (bias filters, PII redactors, supplier registries) successfully fired during the run.
2. sample_authority_ledger.json: The immutable, cryptographically signed ledger proving who approved the high-risk action, what their role was, and when they approved it.
3. sample_causal_trace.json: A massive, detailed execution log capturing the exact state changes, inputs, and outputs of every single node in the graph (with PII automatically stripped) for deep forensic analysis.

Compliance pattern library:

• 8_hmac_audit_log.py — Basic HMAC authentication
• 9_high_risk_trading_hmac.py — Algorithmic Trading / SEC
• 10_pharma_clinical_trials_hmac.py — FDA 21 CFR Part 11
• 11_verify_audit_log.py — Standalone auditor script

See the Adaptive Graphs Docs →

• snath-ai/DMN — A complete cognitive architecture built on Lár: bicameral mind (Fast/Slow), sleep cycles, episodic memory, catastrophic forgetting solved architecturally.
• snath-ai/Lar-JEPA — Universal model routing: LLMs, JEPA world models, diffusion models as first-class routable nodes in the same graph.
• snath-ai/rag-demo — Self-correcting RAG agent with a local vector database.

Lár is designed for Cursor, Windsurf, and Antigravity. Reference these files to make your IDE an expert Lár architect:

1. @lar/IDE_MASTER_PROMPT.md — strict typing rules and "Code-as-Graph" philosophy
2. @lar/IDE_INTEGRATION_PROMPT.md — generate production-ready API wrappers in seconds
3. @lar/IDE_PROMPT_TEMPLATE.md — fill in your agent's goal and ask the IDE to implement it

[![Glass Box Ready](https://img.shields.io/badge/Auditable-Glass%20Box%20Ready-54B848?style=flat&logo=checkmarx&logoColor=white)](https://docs.snath.ai)

Lár was created by SnathAI.

Lár is open-source. If this project helps you, consider supporting its development: Sponsor on GitHub →

Read our Contribution Guidelines to report bugs, submit pull requests, and propose new features.

Lár is licensed under the Apache License 2.0. Free to use in personal, academic, or commercial projects. Retain the LICENSE and NOTICE files in any distribution.