@taplid/client

@taplid/client

Official Node.js SDK for the hosted Taplid audit API.

Send a payload and get a trust decision (ALLOW / REVIEW / BLOCK), a 0-100 trust score and an audit trail.

• Docs: https://taplid.com/docs
• Audit page: https://taplid.com/audit

Install

npm install @taplid/client

SDK Example

import { Taplid } from '@taplid/client';

const taplid = new Taplid({
  apiKey: process.env.TAPLID_API_KEY ?? '',
});

const result = await taplid.audit({
  context: 'The number is 1.',
  prompt: 'What is the number?',
  response: 'The number is 2.',
  auditMode: 'standard'
});

console.log(result);

HTTP API Example

You can call the API directly without the SDK using fetch or any HTTP client.

const payload = {
  context: 'The number is 1.',
  prompt: 'What is the number?',
  response: 'The number is 2.',
  auditMode: 'standard'
};

const response = await fetch('https://api.taplid.com/review', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Bearer ${process.env.TAPLID_API_KEY}`,
  },
  body: JSON.stringify(payload),
});

const result = await response.json();
console.log(result);

Request Payload

Field	Type	Description
context	string	Policy, rules, or background context for the audit.
prompt	string	The user prompt that produced the response.
response	string	The AI-generated output to audit.
auditMode	string	Optional. 'artifact' (default) for code reviews, PRs, implementation plans, long answers, and structured outputs. 'standard' for short factual, policy, refund, pricing, entitlement, and simple answer checks. Still being calibrated.

Only response is required; context, prompt, and auditMode are optional. For file-based input, use @taplid/cli. The hosted SDK/API path accepts inline text only.

File format handling (CLI resolution)

Taplid treats context, prompt, and response file inputs as raw UTF-8 text. Supported examples include .txt, .md, .json, .log, .ndjson, .yaml, and .yml. These files are not parsed by type. Taplid reads the file contents as plain text and uses the resolved text value. This behavior is consistent across the audit page, CLI file-location flags, environment file-location variables, and request-payload file-location fields.

@taplid/client does not resolve files directly. When using the SDK, pass resolved inline text values for context, prompt, and response.

Response Shape

{
  "auditId": "AUD-XXX",
  "auditMode": "standard",
  "decision": "BLOCK",
  "trustScore": 20,
  "summary": "This answer conflicts with the provided context.",
  "issues": [
    {
      "message": "Contradicts the provided context.",
      "reason": "The context states one thing; the response says the opposite."
    }
  ],
  "nextStep": "Do not use this yet. Adjust the answer to match the provided context, then re-run the check.",
  "repairActions": [
    {
      "action": "Rewrite the answer so it aligns with the provided context.",
      "priority": "critical",
      "target": "response"
    }
  ],
  "claims": [
    {
      "text": "The number is 2.",
      "status": "contradicted",
      "evidence": [
        "Response value: 2",
        "Context value: 1"
      ]
    }
  ],
  "diagnosis": {
    "action": "revise_answer",
    "confidence": "high",
    "severity": "error",
    "nextSteps": [
      "Verify the answer is consistent with the provided context before re-running."
    ],
    "explanation": "The answer contradicts the provided context. Revise the answer to align with the source material before re-running the audit."
  },
  "claimStats": {
    "total": 1,
    "supported": 0,
    "unsupported": 0,
    "contradicted": 1,
    "evaluated": 1
  },
  "decisionReason": "direct_contradiction",
  "evidenceCoverage": 1,
  "metadata": {
    "auditDurationMs": 1,
    "claimsDetected": 1,
    "engine": "taplid",
    "version": "1"
  },
  "meta": {
    "policy": {
      "profileId": "balanced",
      "passThreshold": 80,
      "reviewThreshold": 60
    }
  },
  "requestId": "aud_XXX"
}

Response Fields

The response may include more fields than listed here. These are the primary fields.

• auditId - unique identifier for this audit run
• auditMode - the effective mode that actually ran ('artifact' or 'standard')
• decision - ALLOW, REVIEW, or BLOCK
• trustScore - 0 to 100 public trust signal
• summary - short explanation for the verdict
• issues - concrete problems found in the response
• nextStep - practical guidance for what to do next
• repairActions - prioritized steps to fix the response (priority: critical / high / medium / low)
• claims - individual claims extracted and verified against the context, each with status and evidence
• diagnosis - structured diagnosis (action, confidence, severity, nextSteps, explanation)
• claimStats - counts across the claims array (total / supported / unsupported / contradicted / evaluated)
• decisionReason - short machine-readable reason code for the verdict
• evidenceCoverage - 0 to 1 fraction of claims grounded against the supplied context
• metadata - engine metadata (auditDurationMs, claimsDetected, engine, version)
• meta.policy - profileId plus passThreshold / reviewThreshold actually applied to this run
• requestId - server-assigned request id for support and tracing

Related

• Taplid Audit - run audits in the browser
• Taplid CLI - run audits locally or in CI with npx @taplid/cli audit request.json
• Taplid CLI eval - CI threshold gate via npx @taplid/cli eval request.json --api-key tap_live_... --pass-threshold 80 (exits non-zero when below)
• Full docs

ESM only - @taplid/client is ESM-only. If your project is CommonJS you may see ERR_PACKAGE_PATH_NOT_EXPORTED. Use ESM config: package.json => "type": "module", and tsconfig.json => "module": "NodeNext" with "moduleResolution": "NodeNext". If you need to stay on CommonJS, use the HTTP API example above instead of the SDK import.