SDK
Native TypeScript SDK for integrating Security Layer into agentic applications.
Why use the SDK?
The CLI integrations (hooks, shell shim) work without code changes — but they operate at the boundary. The SDK gives you in-process security with full context:
| Shell Shim | Hooks | SDK | |
|---|---|---|---|
| Intercepts exec | Yes | Yes | Yes |
| Intercepts file writes | No | Yes | Yes |
| Intercepts web fetch | No | Yes | Yes |
| Full session context | No | Partial | Yes |
| Taint tracking precision | Coarse | Moderate | Per-operation |
| Bypass risk | PATH manipulation | None | None (in-process) |
| Works with any framework | Yes (shell only) | Claude Code only | Any framework |
| Integration effort | Zero | One command | Code changes |
The SDK is the right choice when you're building an agentic application and want structural security guarantees — not just command-line interception.
Installation
npm install @securitylayerai/sdkyarn add @securitylayerai/sdkpnpm add @securitylayerai/sdkbun add @securitylayerai/sdkQuick example
import { createSecurityLayer } from "@securitylayerai/sdk";
const sl = await createSecurityLayer();
// Check an action before executing it
const result = await sl.check("exec", { command: "rm -rf /tmp/output" });
if (result.decision === "DENY") {
console.error(`Blocked: ${result.reason}`);
} else if (result.decision === "REQUIRE_APPROVAL") {
const approved = await sl.waitForApproval(result.approvalId as string);
if (!approved) console.error("Approval denied");
}
// Clean up when done
sl.destroy();Integration patterns
The SDK supports three patterns depending on how your agent framework is structured:
Direct check
Call sl.check() before each tool execution.
Middleware wrapper
Wrap tool executors transparently with withSecurityLayer().
Event-based
Hook into beforeToolUse / afterToolUse lifecycle events.