@veto-protocol/cli
v0.6.0
Published
The Veto CLI. Tell an AI agent what to buy. Veto decides if it's safe.
Maintainers
tomer_vetoReadme
@veto-protocol/cli
Tell an AI agent what to buy. Veto decides if it's safe.
npx @veto-protocol/cli "buy weather data for New York"That's it. The command spins up Claude as the driving agent, gives it tools for x402 payments + Veto authorize, and lets it figure out the rest. Every spend the agent plans is run through Veto's 8-stage risk engine first — allow, deny, or escalate. Every decision is signed Ed25519 and verifiable offline.
Veto isn't the payment rail. Veto governs the agent that uses the payment rail. Two layers, working together.
What it does
npx @veto-protocol/cli "buy weather for NYC"— Claude reads your intent, picks an x402 endpoint, asks Veto for permission on every spend, pays, returns the data + signed receiptnpx @veto-protocol/cli demo— canned allow/deny/escalate walkthrough (no LLM key required)npx @veto-protocol/cli verify <jwt>— verify any Veto receipt offline against/.well-known/jwks.jsonnpx @veto-protocol/cli plugin install— drop the Veto plugin into Claude Codenpx @veto-protocol/cli register— open browser-based signup at veto-ai.com
Setup
- Get a Veto API key:
npx @veto-protocol/cli register(opens browser). - Set env vars:
export VETO_API_KEY=vk_... export VETO_AGENT_ID=agt_... export ANTHROPIC_API_KEY=sk-ant-... # for agent mode only - Run.
Agent mode needs an Anthropic key (Claude is the driving agent). Demo mode doesn't.
Add Veto to your own agent
The CLI is the demo. To put Veto in YOUR agent's payment path:
// TypeScript / JavaScript
import { pay, payX402 } from "@veto-protocol/pay";
const result = await payX402({ url, maxAmount: "$0.05" });
// ↑ Veto authorize fires automatically before the spend# Python
from veto_pay import pay, payX402
result = payX402(url=..., max_amount="$0.05")That's it. Veto adds the policy gate without changing your payment rail.
What you get
Every Veto-governed spend ships with:
- A signed receipt (JWT, Ed25519, verifiable against
/.well-known/jwks.json) — anyone can prove a decision happened - An engine trace — which of the 8 stages fired and why
- An optional on-chain enforcement path via
VetoGuardedAccount— funds physically refused without a fresh Veto-signed mandate
Eight stages: precheck, policy, prompt-injection, merchant-fraud (typosquat), crypto-safety (OFAC, drainer, address-poisoning), intent verification, anomaly, behavioral baseline.
See veto-ai.com/how-it-works for the engine walkthrough. See veto-ai.com/security for what's strong and what's still maturing.
Links
- Site: https://veto-ai.com
- Source: https://github.com/veto-protocol
- Claude Code plugin: https://github.com/veto-protocol/claude-plugin
- SDK: https://www.npmjs.com/package/@veto-protocol/pay
- Python: https://pypi.org/project/veto-cli/
- Contact: [email protected]
MIT. Built by Investech Global LLC.