Skip to main content

Prerequisites

  • Node.js >= 20
  • npm, pnpm, or yarn

Install

Install the unified package: 
npm install sec0-sdk
Sec0 ships as one package with stable subpath exports. Pick the integration surface that matches where you want enforcement to happen.

Public Import Paths

Import pathUse it for
sec0-sdk/policyParse and validate policy YAML
sec0-sdk/middlewareWrap tool servers and MCP runtimes
sec0-sdk/guardAllow, redact, block, or escalate outbound messages, tool calls, MCP calls, and API calls
sec0-sdk/instrumentationDecorators, hop registry, AgentManager, and local or remote hop invocation
sec0-sdk/gatewayNetwork-edge enforcement, quotas, entitlements, AP2, and brokering
sec0-sdk/agent-stateEncode, decode, and propagate canonical agent-state headers
sec0-sdk/mandate-ap2Build digests and verify AP2 mandate headers
sec0-sdk/auditAppend-only NDJSON audit writing and upload helpers
sec0-sdk/signerEd25519 signing helpers and canonicalization utilities
sec0-sdk/otelOpenTelemetry bootstrap and span helpers
sec0-sdk/coreAdapter contracts for custom middleware integrations
sec0-sdk/integrations/openclawOpenClaw or Moltbot hooks, plugin wiring, and escalation manager

Build From Source

For local development from source: 
npm install
npm run build

Verify Installation

After installing, confirm the main entrypoints resolve: 
import { parsePolicyYaml } from "sec0-sdk/policy";
import { sec0LocalMiddleware } from "sec0-sdk/middleware";
import { createSec0Guard } from "sec0-sdk/guard";
import { initializeSec0App } from "sec0-sdk/instrumentation";
import { startGatewayServer } from "sec0-sdk/gateway";

Next Steps