@aegis-sdk/anthropic
Advanced tools
Anthropic Claude SDK adapter for Aegis prompt injection defense. Scans messages, monitors streams, and validates tool_use blocks in Anthropic's content block format.
Part of the Aegis.js prompt injection defense toolkit.
npm install @aegis-sdk/anthropic @aegis-sdk/core @anthropic-ai/sdk
Wrap the Anthropic client for automatic protection on every call:
import Anthropic from '@anthropic-ai/sdk';
import { Aegis } from '@aegis-sdk/core';
import { wrapAnthropicClient } from '@aegis-sdk/anthropic';
const aegis = new Aegis({ policy: 'strict' });
const client = wrapAnthropicClient(new Anthropic(), aegis);
// Messages are scanned before sending.
// Streaming responses are monitored in real-time.
// tool_use blocks are validated against the policy.
const response = await client.messages.create({
model: 'claude-sonnet-4-20250514',
max_tokens: 1024,
messages: [{ role: 'user', content: 'Hello!' }],
});
Or scan messages manually:
import { Aegis } from '@aegis-sdk/core';
import { guardMessages } from '@aegis-sdk/anthropic';
const aegis = new Aegis({ policy: 'strict' });
const messages = [
{
role: 'user' as const,
content: [
{ type: 'text' as const, text: userInput },
],
},
];
// Throws AegisInputBlocked if injection is detected
const safe = await guardMessages(aegis, messages);
wrapAnthropicClient(client, aegis, options?)Proxy the Anthropic client to automatically guard all messages.create() calls. Input messages are scanned before sending, streaming responses are monitored, and tool_use content blocks are validated against the Aegis policy. All other client methods pass through unchanged.
guardMessages(aegis, messages, options?)Scan an array of AnthropicMessageParam[] for prompt injection. Handles Anthropic's message format -- string content, arrays of content blocks (text, tool_use, tool_result, image), and nested text within tool_result blocks. Optionally validates tool_use blocks against the policy (enabled by default). Returns the original messages if safe, throws AegisInputBlocked if blocked.
createStreamTransform(aegis)Create a TransformStream<string, string> for monitoring extracted text deltas. Feed text_delta values from Anthropic streaming events through this transform for real-time output scanning.
getAuditLog(aegis)Convenience accessor for the Aegis audit log.
guardMessages and the client wrapper accept AnthropicGuardOptions:
scanStrategy -- 'last-user' (default), 'all-user', or 'full-history'validateToolUse -- Whether to validate tool_use blocks against the policy (default: true)MIT
FAQs
Anthropic Claude SDK adapter for Aegis prompt injection defense
The npm package @aegis-sdk/anthropic receives a total of 8 weekly downloads. As such, @aegis-sdk/anthropic popularity was classified as not popular.
We found that @aegis-sdk/anthropic demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A long-running Go typosquat impersonated the popular shopspring/decimal library and used DNS TXT records to execute commands.
Research
Active npm supply chain attack compromises @antv packages in a fast-moving malicious publish wave tied to Mini Shai-Hulud.
Security News
/Research
Socket detected malicious node-ipc versions with obfuscated stealer/backdoor behavior in a developing npm supply chain attack.