npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@promptwall/node

v0.1.0

Published

Official Node.js SDK for PromptWall — runtime governance for LLM apps (verify, chat, tools, usage).

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

extreme421nextreme421n

Keywords

promptwallllmprompt-injectionai-securitygovernancehallucinationowasp

Readme

@promptwall/node

npm version npm downloads Publish status License: MIT Node >=18

Official Node.js / TypeScript SDK for PromptWall — runtime governance for LLM applications. Detects prompt injection, verifies answer grounding, enforces policies, and ships a full audit trail.

  • Zero runtime dependencies (uses native fetch on Node 18+)
  • Full TypeScript types (ESM + CJS builds)
  • Typed errors (AuthError, BlockedError, QuotaError, SubscriptionError, TimeoutError, APIError)
  • Built-in retry with exponential backoff + Retry-After honoring on 429/5xx
  • AbortSignal support for cancellation

Install

npm install @promptwall/node
# or
pnpm add @promptwall/node
# or
yarn add @promptwall/node

Requires Node.js 18+ (or any environment with global fetch).

Quickstart

import { PromptWall } from '@promptwall/node';

const pw = new PromptWall({ apiKey: process.env.PROMPTWALL_API_KEY });

const result = await pw.verify({
  prompt: 'What is the capital of France?',
  answer: 'Paris is the capital of France.',
  toolResult: 'Paris',
});

console.log(result.governance);          // 'allow' | 'rewrite' | 'block' | 'regenerate'
console.log(result.confidence);          // 'high' | 'medium' | 'low'
console.log(result.evidenceConsistent);  // true / false
console.log(result.requestId);           // for log correlation

PROMPTWALL_API_KEY is read from the environment automatically if you don't pass apiKey.

Modes

PromptWall supports three operational modes — all reachable from this SDK:

| Mode | Method | What it does | |---|---|---| | Verify | pw.verify(...) | Validate an answer you already have. Fastest, cheapest. | | Webhook (BYOK) | pw.chat(...) | Full pipeline; PromptWall calls your LLM key. | | Webhook (Managed) | pw.chat(...) | Full pipeline; PromptWall provides the LLM. |

Mode is determined by the API key you use. See the docs.

Verify mode

const r = await pw.verify({
  prompt: 'What was Q3 revenue?',
  answer: 'Q3 revenue was $12.4M.',
  toolResult: { quarter: 'Q3', revenue_usd: 12_400_000 },
  verifiedSourceUsed: true,
  groundingRequired: true,
});

if (r.governance === 'block') {
  // PromptWall blocked the answer (e.g. policy violation)
}
if (r.mismatchType === 'numeric') {
  // The answer's numbers don't match the source
}

Chat mode (full pipeline)

const r = await pw.chat({
  prompt: 'Summarize last week’s sales.',
  model: 'gpt-4o-mini',
  provider: 'openai',
  temperature: 0.2,
});

console.log(r.answer);
console.log(r.tokens);                   // { prompt, completion, total }
console.log(r.verifiedSourceUsed);       // true if a tool was used to ground the answer

Tool registry (webhooks)

Register webhook tools that PromptWall can call to ground answers. PromptWall returns a signingSecret you use to verify HMAC-SHA256 signatures on incoming calls.

const tool = await pw.tools.register({
  name: 'billing_api',
  webhookUrl: 'https://api.acme.com/v1/billing',
  authType: 'bearer',
  authToken: process.env.BILLING_API_TOKEN,
  category: 'metrics',
  groundingKeywords: ['revenue', 'mrr', 'billing'],
  trustTier: 'customer',
  timeoutMs: 5_000,
  rateLimitRpm: 60,
});

console.log('Save this:', tool.signingSecret);

// Probe connectivity
const health = await pw.tools.test(tool.id);
console.log(health.ok, health.statusCode, health.latencyMs);

// List all tools
const tools = await pw.tools.list();

Usage

const usage = await pw.usage.current();
//   { requestsUsed, requestsIncluded, tokensUsed, periodStart, periodEnd, overageUsd }

const series = await pw.usage.timeseries(14); // last 14 days

Error handling

Every error thrown by the SDK is an instance of PromptWallError. Use instanceof to handle them:

import {
  PromptWall,
  AuthError,
  BlockedError,
  QuotaError,
  SubscriptionError,
  TimeoutError,
  APIError,
} from '@promptwall/node';

try {
  await pw.verify({ prompt, answer });
} catch (err) {
  if (err instanceof BlockedError)        { /* policy blocked the request */ }
  else if (err instanceof QuotaError)     { /* err.retryAfterMs */ }
  else if (err instanceof SubscriptionError) { /* upgrade required */ }
  else if (err instanceof AuthError)      { /* bad API key */ }
  else if (err instanceof TimeoutError)   { /* request slow / network */ }
  else if (err instanceof APIError)       { /* 5xx, network error */ }
  else throw err;
}

Every error carries status, code, requestId, and raw (the original payload).

Cancellation

Pass an AbortSignal to cancel mid-flight:

const ctrl = new AbortController();
setTimeout(() => ctrl.abort(), 500);

await pw.verify({ prompt, answer }, { signal: ctrl.signal });

Configuration

const pw = new PromptWall({
  apiKey: 'pk_live_...',                   // or PROMPTWALL_API_KEY
  baseUrl: 'https://api.prompt-wall.com',  // override for self-hosted
  timeoutMs: 30_000,                       // per-request timeout
  maxRetries: 2,                           // 0 = disabled; retries 408/425/429/5xx
  defaultHeaders: { 'X-Tenant': 'acme' },  // merged into every request
  fetch: customFetch,                      // optional custom fetch impl
});

License

MIT © PromptWall