Zero-Config Setup
Start protecting tools in one line with protect().
protect() is the fastest way to integrate Veto.
Instead of a multi-step Veto.init() + veto.wrap(...) flow, use one call:
import { protect } from 'veto-sdk';
const safeTools = await protect(tools);from veto import protect
safe_tools = await protect(tools)Progression
1. Zero-config mode
If you don't specify a pack or config, Veto automatically applies sensible defaults based on your tool names.
Precedence is:
- Local
./vetorules (if present) - Auto-applied built-in packs from tool-name heuristics
- Allow-all fallback when nothing matches
const safeTools = await protect(tools);2. Explicit policy pack
Apply a built-in pack quickly:
const safeTools = await protect(tools, { pack: 'financial' });3. Cloud mode
Use an API key to enable dashboard, approvals, and cloud policies:
const safeTools = await protect(tools, { apiKey: 'veto_...' });4. Shadow mode rollout
Run live traffic with full policy evaluation but no blocking:
const safeTools = await protect(tools, { mode: 'shadow' });5. Advanced control with Veto.init()
Use Veto.init() directly when you need explicit lifecycle/config control:
import { Veto } from 'veto-sdk';
const veto = await Veto.init({
configDir: './veto',
mode: 'strict',
apiKey: process.env.VETO_API_KEY,
});
const safeTools = veto.wrap(tools);Behavior notes
protect()accepts a single tool or a list; return type matches input.protect()caches initialized Veto instances and reuses them for identical options.- In zero-config mode, multiple matching tool categories are merged into one active rule set.
mode: 'shadow'preserves real decisions for wrapped calls but never blocks execution.