@datavibe.cc/sdk
v0.2.0
Published
Official DataVibe SDK for AI Execution Security.
Maintainers
Readme
@datavibe/sdk
Official TypeScript/JavaScript SDK for DataVibe — AI Execution Security Gateway.
DataVibe intercepts AI-generated outbound content before it reaches customers. Policy scan → human approval queue → tamper-evident audit log. One API call.
Architecture
Your LLM API keys never leave your infrastructure. DataVibe only receives the text your model produced.
Your system:
const output = await openai.chat.completions.create({ ... })
↑ your key, your model, your network
const verdict = await datavibe.check({ content: output.choices[0].message.content })
↑ only the generated text reaches DataVibeInstall
npm install @datavibe/sdk
# or
pnpm add @datavibe/sdk
# or
yarn add @datavibe/sdkQuickstart
import { DataVibeClient } from "@datavibe/sdk";
const datavibe = new DataVibeClient({
apiKey: process.env.DATAVIBE_API_KEY!, // dv_live_... from your dashboard
});Get your API key at app.datavibe.cc/settings/api-keys.
Three APIs
check() — Governance verdict on any AI output
You call your LLM. Send only the output to DataVibe. Returns safe | blocked | review_required.
const aiOutput = await openai.chat.completions.create({
model: "gpt-4o",
messages: [{ role: "user", content: "Write a sales email to Acme Corp." }],
});
const verdict = await datavibe.check({
content: aiOutput.choices[0].message.content,
contentType: "email",
sourceModel: "gpt-4o", // model name only — never an API key
});
if (verdict.verdict === "safe") {
await sendEmail(aiOutput.choices[0].message.content);
} else if (verdict.verdict === "review_required") {
// Route to human reviewer
console.log("Review at:", verdict.review_url);
} else {
// "blocked" — hard policy violation, do not send
console.log("Blocked by:", verdict.violations.map((v) => v.rule));
}intercept() — Full outbound email governance workflow
Submits an AI-generated email for policy scan → human approval queue → dispatch.
const result = await datavibe.intercept({
recipient: prospect.email,
subject: aiSubject,
body_html: aiGeneratedEmail,
source_model: "claude-3-5-sonnet-20241022",
metadata: {
deal_id: deal.salesforceId,
rep_id: rep.id,
},
});
if (result.status === "BLOCKED") {
// Hard policy violation — never dispatched
await notifyRep(result.policy_violations);
} else if (result.status === "QUEUED") {
// Routed to human approval queue
await notifyReviewer(result.review_url);
} else {
// SENT — all controls passed
console.log("Dispatched, action_id:", result.action_id);
}generateAndCheck() — Single-call generate + govern
DataVibe calls the LLM (shared key or your BYOK) and governance-checks the output in one round trip.
const result = await datavibe.generateAndCheck({
messages: [{ role: "user", content: "Write a sales email to Acme Corp." }],
contentType: "email",
model: "gpt-4o-mini",
});
if (result.verdict === "safe") {
await sendEmail(result.content!);
} else if (result.verdict === "review_required") {
await routeToApprovalQueue(result.review_url);
} else {
// blocked — result.content is null
console.log("Blocked by:", result.violations.map((v) => v.rule));
}LangChain Integration
Callback Handler (recommended)
Automatically governance-checks every LLM output in your chain — no manual wrapping required.
import { DataVibeClient } from "@datavibe/sdk";
import { DataVibeCallbackHandler } from "@datavibe/sdk/integrations";
import { ChatOpenAI } from "@langchain/openai";
import { HumanMessage } from "@langchain/core/messages";
const datavibe = new DataVibeClient({
apiKey: process.env.DATAVIBE_API_KEY!,
});
const handler = new DataVibeCallbackHandler(datavibe, {
contentType: "email",
onBlocked: (verdict) => {
console.error("LLM output blocked:", verdict.violations[0]?.rule);
},
});
const llm = new ChatOpenAI({ model: "gpt-4o" });
const response = await llm.invoke(
[new HumanMessage("Write a sales email to Acme Corp.")],
{ callbacks: [handler] },
);Tool Wrapper
Wrap any LangChain tool with a governance check:
import { wrapTool } from "@datavibe/sdk/integrations";
const governedTool = wrapTool(datavibe, emailTool, {
contentType: "email",
sourceModel: "gpt-4o",
onBlocked: (verdict) => `[blocked: ${verdict.violations[0]?.rule}]`,
onReviewRequired: (verdict) => `Queued for review: ${verdict.review_url}`,
});HIPAA / FINRA / EU AI Act compliance
DataVibe ships compliance policy packs for regulated industries. See datavibe.cc/governance/packages for HIPAA, FINRA, EU AI Act, and EEOC bundles.
// Healthcare example — intercept patient support bot reply before delivery
const result = await datavibe.intercept({
recipient: patient.email,
subject: "Re: Your appointment inquiry",
body_html: botGeneratedReply,
source_model: "claude-haiku-4-5",
metadata: { patient_id: patient.id, bot_session: sessionId },
});
if (result.status === "BLOCKED") {
// PHI detected — never sent, escalate to clinical ops
await escalateToClinicalOps(patient.id, result.policy_violations);
}Error handling
import { DataVibeGatewayTimeoutError } from "@datavibe/sdk";
try {
const verdict = await datavibe.check({ content: aiOutput });
} catch (err) {
if (err instanceof DataVibeGatewayTimeoutError) {
// err.retryable === true — safe to retry with backoff
console.error("Gateway timeout, retrying...");
}
throw err;
}Configuration
| Option | Type | Default | Description |
| ------------------ | -------- | -------------------------- | ----------------------------------------------------- |
| apiKey | string | required | Workspace API key (dv_live_...) from your dashboard |
| baseUrl | string | https://gate.datavibe.cc | Override the gateway URL |
| gatewayTimeoutMs | number | 10000 | Request timeout in milliseconds |
Links
- Dashboard: app.datavibe.cc
- API docs: gate.datavibe.cc/docs
- Integration guide: datavibe.cc/docs/integration
- Status: datavibe.cc/status
- Python SDK:
datavibeon PyPI
License
MIT © DataVibe
