entropy0
v0.1.0
Published
Entropy0 Node.js SDK — pre-fetch source trust for AI agents and pipelines
Maintainers
Readme
entropy0 · Node.js SDK
Pre-fetch source trust for AI agents and pipelines.
npm install entropy0Quick start
import { Entropy0Client } from "entropy0";
const client = new Entropy0Client(); // reads ENTROPY0_API_KEY from env
const result = await client.decide("https://github.com");
console.log(result.action); // "proceed"
console.log(result.scores.trust); // 96
console.log(result.shouldFetch); // trueHow it works
client.decide(url) calls the Entropy0 /v1/decide API and returns a
DecisionResult with three axes of trust signal:
| Property | Description |
|---|---|
| result.action | Recommended action: proceed, proceed_with_caution, sandbox, escalate_to_human, deny |
| result.scores.trust | Infrastructure identity posture (0–100) |
| result.scores.threat | Abuse / threat likelihood (0–100) |
| result.scores.deviation | Structural misalignment vs baseline (0–100) |
| result.shouldFetch | true when action is proceed or proceed_with_caution |
| result.reasonCodes | Codes explaining the decision |
Usage patterns
Gate before fetch
const result = await client.decide(url);
if (!result.shouldFetch) {
throw new Error(`Blocked: ${result.action} — ${result.reasonCodes.join(", ")}`);
}
const response = await fetch(url);Shadow mode (observe without blocking)
const result = await client.decide(url);
if (!result.shouldFetch) {
console.warn("Would have blocked:", url, result.action, result.reasonCodes);
}
// proceed anyway during rollout
const response = await fetch(url);BlockedByEntropy0Error pattern
import { Entropy0Client, BlockedByEntropy0Error } from "entropy0";
async function safeFetch(url: string) {
const result = await client.decide(url);
if (!result.shouldFetch) throw new BlockedByEntropy0Error(result);
return fetch(url);
}Error handling
import { AuthenticationError, RateLimitError, APIError } from "entropy0";
try {
const result = await client.decide(url);
} catch (err) {
if (err instanceof AuthenticationError) { /* bad key */ }
if (err instanceof RateLimitError) { /* quota exceeded */ }
if (err instanceof APIError) { /* err.status, err.message */ }
}The client fails open by design — if the Entropy0 API is unreachable, catch the error and proceed rather than blocking all traffic.
Constructor options
const client = new Entropy0Client({
apiKey: "sk_ent0_...", // or ENTROPY0_API_KEY env var
defaultPolicy: "strict", // "open" | "balanced" | "strict" | "critical"
timeoutMs: 5000,
});