npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@datavibe.cc/sdk

v0.2.0

Published

Official DataVibe SDK for AI Execution Security.

Readme

@datavibe/sdk

Official TypeScript/JavaScript SDK for DataVibe — AI Execution Security Gateway.

DataVibe intercepts AI-generated outbound content before it reaches customers. Policy scan → human approval queue → tamper-evident audit log. One API call.

npm version License: MIT


Architecture

Your LLM API keys never leave your infrastructure. DataVibe only receives the text your model produced.

Your system:
  const output = await openai.chat.completions.create({ ... })
                 ↑ your key, your model, your network

  const verdict = await datavibe.check({ content: output.choices[0].message.content })
                  ↑ only the generated text reaches DataVibe

Install

npm install @datavibe/sdk
# or
pnpm add @datavibe/sdk
# or
yarn add @datavibe/sdk

Quickstart

import { DataVibeClient } from "@datavibe/sdk";

const datavibe = new DataVibeClient({
  apiKey: process.env.DATAVIBE_API_KEY!, // dv_live_... from your dashboard
});

Get your API key at app.datavibe.cc/settings/api-keys.


Three APIs

check() — Governance verdict on any AI output

You call your LLM. Send only the output to DataVibe. Returns safe | blocked | review_required.

const aiOutput = await openai.chat.completions.create({
  model: "gpt-4o",
  messages: [{ role: "user", content: "Write a sales email to Acme Corp." }],
});

const verdict = await datavibe.check({
  content: aiOutput.choices[0].message.content,
  contentType: "email",
  sourceModel: "gpt-4o", // model name only — never an API key
});

if (verdict.verdict === "safe") {
  await sendEmail(aiOutput.choices[0].message.content);
} else if (verdict.verdict === "review_required") {
  // Route to human reviewer
  console.log("Review at:", verdict.review_url);
} else {
  // "blocked" — hard policy violation, do not send
  console.log("Blocked by:", verdict.violations.map((v) => v.rule));
}

intercept() — Full outbound email governance workflow

Submits an AI-generated email for policy scan → human approval queue → dispatch.

const result = await datavibe.intercept({
  recipient: prospect.email,
  subject: aiSubject,
  body_html: aiGeneratedEmail,
  source_model: "claude-3-5-sonnet-20241022",
  metadata: {
    deal_id: deal.salesforceId,
    rep_id: rep.id,
  },
});

if (result.status === "BLOCKED") {
  // Hard policy violation — never dispatched
  await notifyRep(result.policy_violations);
} else if (result.status === "QUEUED") {
  // Routed to human approval queue
  await notifyReviewer(result.review_url);
} else {
  // SENT — all controls passed
  console.log("Dispatched, action_id:", result.action_id);
}

generateAndCheck() — Single-call generate + govern

DataVibe calls the LLM (shared key or your BYOK) and governance-checks the output in one round trip.

const result = await datavibe.generateAndCheck({
  messages: [{ role: "user", content: "Write a sales email to Acme Corp." }],
  contentType: "email",
  model: "gpt-4o-mini",
});

if (result.verdict === "safe") {
  await sendEmail(result.content!);
} else if (result.verdict === "review_required") {
  await routeToApprovalQueue(result.review_url);
} else {
  // blocked — result.content is null
  console.log("Blocked by:", result.violations.map((v) => v.rule));
}

LangChain Integration

Callback Handler (recommended)

Automatically governance-checks every LLM output in your chain — no manual wrapping required.

import { DataVibeClient } from "@datavibe/sdk";
import { DataVibeCallbackHandler } from "@datavibe/sdk/integrations";
import { ChatOpenAI } from "@langchain/openai";
import { HumanMessage } from "@langchain/core/messages";

const datavibe = new DataVibeClient({
  apiKey: process.env.DATAVIBE_API_KEY!,
});

const handler = new DataVibeCallbackHandler(datavibe, {
  contentType: "email",
  onBlocked: (verdict) => {
    console.error("LLM output blocked:", verdict.violations[0]?.rule);
  },
});

const llm = new ChatOpenAI({ model: "gpt-4o" });
const response = await llm.invoke(
  [new HumanMessage("Write a sales email to Acme Corp.")],
  { callbacks: [handler] },
);

Tool Wrapper

Wrap any LangChain tool with a governance check:

import { wrapTool } from "@datavibe/sdk/integrations";

const governedTool = wrapTool(datavibe, emailTool, {
  contentType: "email",
  sourceModel: "gpt-4o",
  onBlocked: (verdict) => `[blocked: ${verdict.violations[0]?.rule}]`,
  onReviewRequired: (verdict) => `Queued for review: ${verdict.review_url}`,
});

HIPAA / FINRA / EU AI Act compliance

DataVibe ships compliance policy packs for regulated industries. See datavibe.cc/governance/packages for HIPAA, FINRA, EU AI Act, and EEOC bundles.

// Healthcare example — intercept patient support bot reply before delivery
const result = await datavibe.intercept({
  recipient: patient.email,
  subject: "Re: Your appointment inquiry",
  body_html: botGeneratedReply,
  source_model: "claude-haiku-4-5",
  metadata: { patient_id: patient.id, bot_session: sessionId },
});

if (result.status === "BLOCKED") {
  // PHI detected — never sent, escalate to clinical ops
  await escalateToClinicalOps(patient.id, result.policy_violations);
}

Error handling

import { DataVibeGatewayTimeoutError } from "@datavibe/sdk";

try {
  const verdict = await datavibe.check({ content: aiOutput });
} catch (err) {
  if (err instanceof DataVibeGatewayTimeoutError) {
    // err.retryable === true — safe to retry with backoff
    console.error("Gateway timeout, retrying...");
  }
  throw err;
}

Configuration

| Option | Type | Default | Description | | ------------------ | -------- | -------------------------- | ----------------------------------------------------- | | apiKey | string | required | Workspace API key (dv_live_...) from your dashboard | | baseUrl | string | https://gate.datavibe.cc | Override the gateway URL | | gatewayTimeoutMs | number | 10000 | Request timeout in milliseconds |


Links


License

MIT © DataVibe