TypeScript SDK

TypeScript AI Agent Guardrails with Veto SDK

Native TypeScript SDK for AI agent authorization. Works with any JavaScript or TypeScript agent framework. Two lines of code to add runtime guardrails.

Start freeRead the docs

TypeScript AI agent guardrails with veto-sdk

The Veto TypeScript SDK provides runtime authorization for AI agents built in JavaScript or TypeScript. It intercepts tool calls before execution, validates them against your policies, and enforces allow/deny/approval decisions. Works with OpenAI, Anthropic, LangChain, Vercel AI SDK, MCP, and custom agents.

Installation

npm install veto-sdk

Also available via pnpm, yarn, or bun. The SDK has zero runtime dependencies for local mode. Cloud mode requires network access.

Quick start

The protect function is the fastest way to add guardrails to your tools. It wraps any tool definition and returns a guarded version with identical types.

import { protect } from 'veto-sdk';

const tools = [
  {
    name: 'transfer_funds',
    description: 'Transfer money between accounts',
    parameters: {
      type: 'object',
      properties: {
        amount: { type: 'number' },
        recipient: { type: 'string' },
      },
      required: ['amount', 'recipient'],
    },
    execute: async (args) => {
      // Your transfer logic
    },
  },
];

// Add guardrails in one line
const safeTools = await protect(tools);

// Use with any agent framework
const response = await openai.chat.completions.create({
  model: 'gpt-4',
  messages: [{ role: 'user', content: 'Send $50 to Alice' }],
  tools: safeTools,
});

Tool wrapping patterns

The SDK supports multiple initialization patterns depending on your needs.

Local mode (default)

No API key required. Policies loaded from your local veto config directory.

import { Veto } from 'veto-sdk';

const veto = await Veto.init();
const safeTools = veto.wrap(tools);

Cloud mode

Policies managed in the Veto dashboard. Supports human-in-the-loop approvals.

import { Veto } from 'veto-sdk';

const veto = await Veto.init({
  apiKey: 'veto_...',
  onApprovalRequired: (context, approvalId) => {
    console.log(`Tool "${context.toolName}" needs approval`);
  },
});

const safeTools = veto.wrap(tools);

Policy packs

Use pre-built policy packs for common use cases.

import { protect } from 'veto-sdk';

// Financial transactions with built-in limits
const safeTools = await protect(tools, { pack: 'financial' });

// Browser automation guardrails
const safeBrowserTools = await protect(browserTools, { pack: 'browser' });

// File system operations
const safeFileTools = await protect(fileTools, { pack: 'filesystem' });

Operating modes

Control how the SDK handles policy violations.

import { protect } from 'veto-sdk';

// strict (default) - Block violations
const strict = await protect(tools, { mode: 'strict' });

// log - Allow but log violations
const logging = await protect(tools, { mode: 'log' });

// shadow - Allow, log, and track what would have been blocked
const shadow = await protect(tools, { mode: 'shadow' });

Framework integrations

The SDK provides first-class integrations with popular TypeScript agent frameworks.

Claude (Anthropic)

Anthropic SDK tool use guardrails

OpenAI

OpenAI function calling authorization

Vercel AI SDK

Streaming middleware for Vercel AI

LangChain

LangChain.js middleware and ToolNode

MCP

Model Context Protocol tool authorization

Playwright

Browser automation security

Standalone validation

Use the guard method to validate tool calls without wrapping or executing. Useful for pre-flight checks, conditional logic, or building custom workflows.

import { Veto } from 'veto-sdk';

const veto = await Veto.init();

const result = await veto.guard('transfer_funds', {
  amount: 25000,
  recipient: 'vendor-123',
});

if (result.decision === 'deny') {
  console.log('Blocked:', result.reason);
  // result.ruleId - which rule triggered
  // result.severity - critical, high, medium, low, info
}

Error handling

In strict mode, blocked tool calls throw typed errors you can catch and handle.

import { ToolCallDeniedError, BudgetExceededError } from 'veto-sdk';

try {
  await safeTools[0].execute({ amount: 50000, recipient: '...' });
} catch (error) {
  if (error instanceof ToolCallDeniedError) {
    console.log('Tool:', error.toolName);
    console.log('Reason:', error.reason);
    // Agent can retry with different params
  }

  if (error instanceof BudgetExceededError) {
    console.log('Budget exceeded:', error.spent, '/', error.limit);
    // Agent should stop spending operations
  }
}

Features

Type-safe

Full TypeScript types. Wrapped tools have identical signatures.

Zero dependencies

Local mode has no runtime dependencies. Cloud mode is optional.

Deterministic local

Policies evaluate locally with no network latency.

Framework agnostic

Works with OpenAI, Anthropic, LangChain, Vercel AI, MCP.

Frequently asked questions

How do I add guardrails to existing TypeScript agents?
Install veto-sdk, then wrap your tools with protect() or Veto.init().wrap(). The wrapped tools have identical types and are drop-in compatible with your existing agent code. No changes to your agent logic required.
Can I use veto-sdk without an API key?
Yes. Local mode requires no API key. Policies are loaded from your ./veto config directory. Cloud mode with an API key enables team collaboration, dashboard management, and human-in-the-loop approvals.
What TypeScript frameworks are supported?
The SDK works with OpenAI function calling, Anthropic tool use, Vercel AI SDK, LangChain.js, MCP tools, and custom tool definitions. Provider adapters convert between formats automatically.
How do I test guardrails in development?
Use shadow mode to log violations without blocking. Tools execute normally while you collect data on what would have been denied. Switch to strict mode when ready to enforce.

Related

Python SDK

Native Python SDK for AI agent authorization

AI Agent Guardrails

Overview of guardrail concepts and patterns

AI Agent Authorization

Authorization model for autonomous agents

All Integrations

View all supported frameworks and platforms

Add guardrails to your TypeScript agent in minutes.

Start freeView on GitHub