SuperagentSDK
TypeScript
TypeScript SDK for content safety - guard and redact methods
TypeScript SDK
The @superagent-ai/safety-agent package provides two core methods: guard() for detecting threats and redact() for removing sensitive data.
Installation
npm install @superagent-ai/safety-agentQuick Start
import { createClient } from "@superagent-ai/safety-agent";
const client = createClient();
// Guard: Detect threats
const guardResult = await client.guard({
input: "user message to analyze"
});
// Redact: Remove PII
const redactResult = await client.redact({
input: "My email is john@example.com",
model: "openai/gpt-4o-mini"
});Guard
The guard() method classifies input content as pass or block. It detects prompt injections, malicious instructions, and security threats.
Basic Usage
const result = await client.guard({
input: "user message to analyze"
});
if (result.classification === "block") {
console.log("Blocked:", result.violation_types);
}Options
| Option | Type | Required | Default | Description |
|---|---|---|---|---|
input | string | Blob | URL | Yes | - | The input to analyze |
model | string | No | superagent/guard-1.7b | Model in provider/model format |
systemPrompt | string | No | - | Custom system prompt |
chunkSize | number | No | 8000 | Characters per chunk (0 to disable) |
Response
| Field | Type | Description |
|---|---|---|
classification | "pass" | "block" | Whether content passed or should be blocked |
violation_types | string[] | Types of violations detected |
cwe_codes | string[] | CWE codes associated with violations |
usage | TokenUsage | Token usage information |
Input Types
Guard supports multiple input types:
- Plain text: Analyzed directly
- URLs: Automatically fetched and analyzed
- Blob/File: Analyzed based on MIME type
- PDFs: Text extracted and analyzed per page
- Images: Requires vision-capable model
// URL input
const result = await client.guard({
input: "https://example.com/document.pdf"
});
// Image input (requires vision model)
const result = await client.guard({
input: imageBlob,
model: "openai/gpt-4o"
});Redact
The redact() method removes sensitive content from text using placeholders or contextual rewriting.
Basic Usage
const result = await client.redact({
input: "My email is john@example.com and SSN is 123-45-6789",
model: "openai/gpt-4o-mini"
});
console.log(result.redacted);
// "My email is <EMAIL_REDACTED> and SSN is <SSN_REDACTED>"Options
| Option | Type | Required | Default | Description |
|---|---|---|---|---|
input | string | Yes | - | The text to redact |
model | string | Yes | - | Model in provider/model format |
entities | string[] | No | Default PII | Entity types to redact |
rewrite | boolean | No | false | Rewrite contextually instead of placeholders |
Response
| Field | Type | Description |
|---|---|---|
redacted | string | Sanitized text with redactions |
findings | string[] | What was redacted |
usage | TokenUsage | Token usage information |
Rewrite Mode
Contextually rewrites text instead of using placeholders:
const result = await client.redact({
input: "My email is john@example.com",
model: "openai/gpt-4o-mini",
rewrite: true
});
console.log(result.redacted);
// "My email is on file"Custom Entities
Specify which entity types to redact:
const result = await client.redact({
input: "Contact john@example.com or call 555-123-4567",
model: "openai/gpt-4o-mini",
entities: ["email addresses"] // Only redact emails
});Default Entities
When entities is not specified:
- SSNs, Driver's License, Passport Numbers
- API Keys, Secrets, Passwords
- Names, Addresses, Phone Numbers
- Emails, Credit Card Numbers