agentskit.js
Security

Security

The five primitives most production agents want — PII, injection, rate limits, audit, sandbox.

Primitives

  • PII redactioncreatePIIRedactor + DEFAULT_PII_RULES. Recipe.
  • Prompt injection detector — heuristics + pluggable model classifier. Recipe.
  • Rate limiting — token-bucket by user / IP / key. Recipe.
  • Signed audit log — hash-chain + HMAC. Recipe.
  • Mandatory sandbox — allow / deny / require / validators across every tool. Recipe.
  • Human-in-the-loop approvals — pause / resume / approve with persisted state. Recipe.

Per-primitive deep dives land in step 6 of the docs IA rollout.

✎ Edit this page on GitHub·Found a problem? Open an issue →·How to contribute →
Edit on GitHub

Observability

Trace, log, audit, and cost-guard your agents end-to-end.

Evals

Measure quality with numbers, not vibes. Suites, replay, snapshots, diff, CI reporters.

On this page

PrimitivesRelated