npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@datplatform/agent-sdk

v0.1.1

Published

Drop-in trust enforcement for AI agent frameworks — Vercel AI SDK, and more

Downloads

23

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

signacloudsignacloud

Keywords

aiagentstrustsecurityvercel-aidatopssandboxguardrails

Readme

@datplatform/agent-sdk

Drop-in trust enforcement for AI agent frameworks — Vercel AI SDK, and more.

Add DatOps trust-gated execution to your existing AI agent in 2 lines of code. Every tool call is authorized against the agent's live trust score, sandboxed by risk level, and reported as a trust signal — no Docker, no Redis, no infrastructure changes.

Try it live in the browser — drag the trust slider and watch tools get blocked in real-time. No install required.

Install

npm install @datplatform/agent-sdk

Getting Your API Key

  1. Sign up at datops.ai/pages/signup.html — choose Individual (personal workspace) or Organization
  2. Log in at datops.ai/pages/login.html
  3. Go to SDK Keys in the dashboard sidebar
  4. Click Generate New Key — give it a name, copy the key (shown once)
  5. Use the key in your code or set it as an environment variable:
    export DAT_API_KEY="dat_xxx"

Trust Shield Badge

Show your agent's live trust score with a clickable badge that links to your public profile on the DAT Trust Registry:

[![DAT Trust](https://www.datops.ai/api/v1/badge/<your-agent-did>.svg)](https://www.datops.ai/pages/registry?agent=<your-agent-did>)

Options: ?style=flat|plastic and ?label=Custom+Label

Your agent DID and ready-to-paste badge markdown are shown on the SDK Keys dashboard page after generating a key.

Quick Start

Vercel AI SDK

import { DatOps } from '@datplatform/agent-sdk';

const tools = DatOps.wrapVercelTools(myTools, {
  apiKey: 'dat_xxx',
  toolRiskLevels: { search: 'medium', email: 'high' },
});

Generic Function Wrapping

import { DatOps } from '@datplatform/agent-sdk';

const datops = new DatOps({ apiKey: 'dat_xxx' });

const searchWeb = datops.wrapTool(
  (query: string) => fetch(`https://api.search.com?q=${query}`).then(r => r.text()),
  'search_web',
  'medium',
);

// Tool call is now trust-gated
const result = await searchWeb('weather in NYC');

Wrap Multiple Tools

const datops = new DatOps({ apiKey: 'dat_xxx' });

const tools = datops.wrapTools(
  { readFile, searchWeb, sendEmail },
  { readFile: 'low', searchWeb: 'medium', sendEmail: 'high' },
);

await tools.readFile('data.txt');   // Allowed at STRICT+
await tools.searchWeb('flights');   // Allowed at ADAPTIVE+
await tools.sendEmail('hi');        // Allowed at OPEN only

How It Works

Your Agent Code
      │
      ▼
┌─────────────┐
│  DatOps SDK  │  ← 2 lines of code
├─────────────┤
│  Pre-check   │  Is this tool allowed at this trust level?
│  Execute     │  Run the tool
│  Post-report │  Report success/failure as trust signal
└─────────────┘
      │
      ▼
  DatOps Platform (trust score, reputation, sandbox level)

Before each tool call:

  • Fetch the agent's trust score (cached, 60s TTL)
  • Map score to sandbox level: STRICT (0-30), ADAPTIVE (30-70), OPEN (70-100)
  • Check if the tool's risk level is allowed in the current sandbox
  • Block execution if trust is too low

After each tool call:

  • Report success or failure as a trust signal (fire-and-forget)
  • Signals feed back into the agent's reputation score

Sandbox Levels

| Trust Score | Sandbox | Allowed Risk Levels | |-------------|------------|---------------------| | 0 - 30 | STRICT | Low only | | 30 - 70 | ADAPTIVE | Low + Medium | | 70 - 100 | OPEN | All (Low/Medium/High) |

New agents start at trust score 50 (ADAPTIVE). As the agent demonstrates reliability, its trust grows and more tools become available.

Configuration

const datops = new DatOps({
  apiKey: 'dat_xxx',                          // Required
  baseUrl: 'https://www.datops.ai',           // Platform URL
  agentName: 'my-agent',                      // Display name
  network: 'testnet',                         // testnet | mainnet
  trustCacheTtl: 60,                          // Cache trust score (seconds)
  heartbeatInterval: 300,                     // Heartbeat interval (seconds)
  minTrustForTool: 10.0,                      // Minimum trust to use any tool
  trustThresholdHighRisk: 70.0,               // Minimum trust for high-risk tools
  autoInitialize: true,                       // Auto-register on construction
  debug: false,                               // Enable debug logging
});

Risk Levels

Assign risk levels to control which sandbox levels can execute each tool:

// Low risk — available in all sandbox levels (STRICT+)
const readFile = datops.wrapTool(readFileFn, 'read_file', 'low');

// Medium risk — requires ADAPTIVE or OPEN sandbox
const searchWeb = datops.wrapTool(searchFn, 'search_web', 'medium');

// High risk — requires OPEN sandbox (trust >= 70)
const sendEmail = datops.wrapTool(emailFn, 'send_email', 'high');

For Vercel AI tools, set per-tool risk levels:

const tools = DatOps.wrapVercelTools(myTools, {
  apiKey: 'dat_xxx',
  toolRiskLevels: {
    search: 'low',
    web_browse: 'medium',
    send_email: 'high',
  },
  defaultRisk: 'medium',
});

Error Handling

import { DatOps, ToolBlockedError } from '@datplatform/agent-sdk';

const datops = new DatOps({ apiKey: 'dat_xxx' });

const dangerousTool = datops.wrapTool(fn, 'danger', 'high');

try {
  await dangerousTool();
} catch (err) {
  if (err instanceof ToolBlockedError) {
    console.log(`Blocked: ${err.reason}`);
    console.log(`Trust: ${err.trustScore}, Sandbox: ${err.sandboxLevel}`);
  }
}

Inspecting Trust State

const datops = new DatOps({ apiKey: 'dat_xxx' });
await datops.ready(); // Wait for initialization

// Current trust score
console.log(datops.trustScore);  // 55.0

// Sandbox info
const info = await datops.getSandboxInfo();
console.log(info);
// { trustScore: 55.0, sandboxLevel: 'ADAPTIVE', allowedRiskLevels: ['low', 'medium'] }

// Agent DID
console.log(datops.did);  // did:dat:testnet:agent_abc123

// Force refresh
const score = await datops.getTrustScore(true);

Initialization

The SDK auto-registers your agent on construction by default. Use ready() to ensure registration is complete:

const datops = new DatOps({ apiKey: 'dat_xxx' });
await datops.ready(); // Resolves when agent is registered

For manual initialization:

const datops = new DatOps({ apiKey: 'dat_xxx', autoInitialize: false });
const identity = await datops.initialize();
console.log(identity.did);        // did:dat:testnet:agent_xxx
console.log(identity.trustScore); // 55.0

Shutdown

const datops = new DatOps({ apiKey: 'dat_xxx' });
await datops.ready();

// ... use tools ...

datops.shutdown(); // Stop heartbeat, clear caches

Architecture

src/
  index.ts              # DatOps class (public API)
  core.ts               # Registration, trust cache, signal reporting
  trust-gate.ts         # Pre/post tool call middleware
  cache.ts              # TTL cache (no Redis)
  heartbeat.ts          # Background heartbeat worker
  types.ts              # Enums, interfaces, exceptions
  adapters/
    vercel-ai.ts        # Vercel AI SDK wrapper
    generic.ts          # Generic function wrapper

No Redis. No Docker. No infrastructure. Pure TypeScript with zero runtime dependencies.

Exports

The SDK exports everything you need:

import {
  // Main class
  DatOps,
  // Enums
  SandboxLevel,
  RiskLevel,
  SignalEvent,
  // Errors
  ToolBlockedError,
  RegistrationError,
  // Helpers
  getSandboxLevel,
  parseRiskLevel,
  // Internal (advanced)
  TrustCache,
  DatOpsCore,
  TrustGate,
} from '@datplatform/agent-sdk';

// Types
import type { GateDecision, AgentIdentity, DatOpsConfig } from '@datplatform/agent-sdk';

Development

git clone https://github.com/datops-ai/agent-sdk-typescript.git
cd agent-sdk-typescript
npm install
npm test         # Run tests (96 tests)
npm run build    # Compile TypeScript

License

MIT