npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@allow-ai/sdk

v0.1.0

Published

ALLOW SDK for TypeScript — network-layer interception for AI agent authorization

Downloads

492

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

visiqlabsvisiqlabs

Keywords

allowauthorizationai-agentsdkvisiq

Readme

@allow-ai/sdk

Network-layer and framework-layer authorization SDK for AI agents. ALLOW intercepts outbound HTTP requests and tool calls, evaluating them against OPA/Rego policies before execution. Blocked actions are denied at the network and framework layers, ensuring agents can only perform authorized operations.

Prefer @visiq/sdk -- the unified VisIQ SDK bundles both ALLOW (authorization) and RECALL (context firewall) into a single package with one wrapper function. Install @visiq/sdk unless you specifically need ALLOW standalone.

Installation

npm install @allow-ai/sdk

Requires Node.js >= 20.

Quick Start

Network-Layer Interception

Patches globalThis.fetch and Node.js http/https modules to intercept all outbound requests and evaluate them against ALLOW policies.

import { init, cleanup } from '@allow-ai/sdk';

// Initialize network-layer interception
await init({
  apiKey: process.env.ALLOW_API_KEY!,
  agentId: 'my-agent',
});

// All outbound HTTP requests are now evaluated against ALLOW policies.
// Unauthorized requests are blocked before they reach the network.

// When finished, remove patches and flush telemetry
cleanup();

Framework-Layer Wrapping

Wraps AI framework tool objects to enforce policies at the tool-call interface, before execution begins.

import { withAllow } from '@allow-ai/sdk';

// Wrap a LangChain tool
const tool = withAllow(new SearchTool(), {
  agentId: 'research-bot',
});

// Wrap a LlamaIndex tool
const llamaTool = withAllow(new QueryEngineTool(), {
  agentId: 'research-bot',
});

Configuration

init(options) -- Network-Layer

| Option | Type | Required | Default | Description | |--------|------|----------|---------|-------------| | apiKey | string | Yes | -- | ALLOW API key | | agentId | string | Yes | -- | Unique agent identifier | | endpoint | string | No | Production URL | ALLOW backend endpoint | | mode | 'enforce' \| 'audit' \| 'off' | No | 'enforce' | Enforcement mode | | timeoutMs | number | No | 5000 | Request timeout in ms | | failBehavior | 'closed' \| 'open' | No | 'closed' | Behavior on evaluation failure | | passthroughHosts | string[] | No | [] | Hosts to skip evaluation | | enableLocalEval | boolean | No | true | Enable client-side rule evaluation | | syncIntervalMs | number | No | 30000 | Bundle sync interval in ms |

withAllow(target, options) -- Framework-Layer

| Option | Type | Required | Default | Description | |--------|------|----------|---------|-------------| | agentId | string | Yes | -- | Unique agent identifier | | apiKey | string | No | ALLOW_API_KEY env var | ALLOW API key | | endpoint | string | No | ALLOW_ENDPOINT env var | ALLOW backend endpoint | | mode | 'enforce' \| 'audit' \| 'off' | No | 'enforce' | Enforcement mode |

Supported Frameworks

| Framework | Tool Detection | Adapter | |-----------|---------------|---------| | LangChain | _call() + name | LangChainAllowTool | | LlamaIndex | call() + metadata | LlamaIndexAllowTool | | Semantic Kernel | functionInvocationFilters | AllowKernelFilter | | Generic | execute() or run() | Proxy wrapper |

Exports

// Primary API
import { init, cleanup, withAllow } from '@allow-ai/sdk';

// Advanced: OPA engine, client, config
import { AllowEngine, AllowClient, resolveConfig, RuleEngine } from '@allow-ai/sdk';

// Advanced: request inspection
import { shouldIntercept, extractRequestInfo } from '@allow-ai/sdk';

// Advanced: framework detection
import { detectToolFramework, isAllowWrapped, ALLOW_WRAPPED } from '@allow-ai/sdk';

// Adapter classes (for direct use without auto-detection)
import {
  LangChainAllowTool,
  LlamaIndexAllowTool,
  installAllowFilter,
  wrapToolWithProxy,
} from '@allow-ai/sdk';

Environment Variables

| Variable | Description | |----------|-------------| | ALLOW_API_KEY | API key (fallback when not passed programmatically) | | ALLOW_ENDPOINT | Backend endpoint URL | | ALLOW_MODE | Enforcement mode (enforce, audit, off) |

License

MIT