Official TypeScript SDK for ZeroLeaks. Run hosted red-team probes through your actual application agent, including its model settings, instructions, memory, middleware, tools, and tool execution loop.
bun add @zeroleaks/sdk
# or: npm install @zeroleaks/sdkZEROLEAKS_API_KEY=zl_live_...import { ZeroLeaks, createRuntimeTarget } from "@zeroleaks/sdk";
const zeroleaks = new ZeroLeaks();
const target = createRuntimeTarget({
definition: {
name: "Production support agent",
provider: "custom",
tools: productionToolDefinitions,
},
invoke: ({ messages, sessionId, signal }) =>
runProductionAgent({ messages, sessionId, signal }),
reset: (sessionId) => resetProductionAgent(sessionId),
});
const { report } = await zeroleaks.runtimeScans.run(target);
console.log(report.overallScore, report.toolTrace);Runtime scans execute independent sessions concurrently, with a default concurrency of 8 and a maximum of 16. Events within the same multi-turn session always remain ordered.
const { report } = await zeroleaks.runtimeScans.run(target, {
eventConcurrency: 4,
workerStallTimeoutMs: 6 * 60_000,
scan: { scanMode: "full" },
});Full mode is the default. It runs extraction, adaptive injection, the complete production probe catalog, and target-specific agent probes in parallel while checkpointing long extraction scans. Use scan: { scanMode: "quick" } only for a smaller development smoke test.
Upgrade with bun add @zeroleaks/sdk@^0.2.2 or npm install @zeroleaks/sdk@^0.2.2. This release does not require application code changes.
import { aiSdk } from "@zeroleaks/sdk/ai-sdk";
const target = aiSdk({ agent: productionAgent });
await zeroleaks.runtimeScans.run(target);You can also pass normal ToolLoopAgent settings directly. All configured tools are included by default; input/output schemas, calls, results, errors, approval metadata, and provider-executed tools are preserved where available.
import { openAI } from "@zeroleaks/sdk/openai";
const target = openAI.responses({
client: openai,
request: {
model: "gpt-5",
instructions,
tools,
},
toolExecutors,
});
await zeroleaks.runtimeScans.run(target);Both Responses API and Chat Completions function-tool loops are supported.
await zeroleaks.scans.run({ systemPrompt, scanMode: "full" });
await zeroleaks.endpointScans.run(endpointConfigId);
await zeroleaks.skillScans.run({ source: skillRepository, mode: "full" });agentConfigs and agentScans remain compatibility aliases for endpointConfigs and endpointScans.
Run runtime scans with the same policy and tool-control code as production, but use isolated databases, test tenants, sink integrations, and scan-specific credentials for tools that can create irreversible side effects.
API keys are server credentials. Never expose them in browser bundles.
Documentation: https://zeroleaks.ai/docs/sdk
License: MIT