v0.7.0

AI Assess Tech SDK

Official TypeScript SDK for assessing AI systems for ethical alignment. Test your AI across 4 dimensions: Lying, Cheating, Stealing, and Harm.

@aiassesstech/sdk aiassesstech GitHub

Privacy-First

Your AI's API keys, system prompts, and configuration never leave your environment

Server-Controlled

Test configuration, questions, and thresholds managed via Health Check Key

CI/CD Ready

Auto-detects GitHub Actions, GitLab CI, CircleCI, and more

Table of Contents

Installation
Quick Start
How It Works
🔒 Security Architecture
Usage Examples
→ With OpenAI
→ With Anthropic
→ Progress Updates
→ Blocking Mode

Assessment Result
Configuration
Error Handling
CI/CD Integration
Environment Detection
Utilities
Requirements
Getting a Health Check Key

#Installation

npm

npm install @aiassesstech/sdk
# or use the shorter package name:
npm install aiassesstech

yarn

yarn add @aiassesstech/sdk
# or
yarn add aiassesstech

pnpm

pnpm add @aiassesstech/sdk
# or
pnpm add aiassesstech

Two package names, same SDK: Both @aiassesstech/sdk and aiassesstech are identical. Use whichever you prefer!

#Quick Start

quickstart.ts

import { AIAssessClient } from '@aiassesstech/sdk';

// 1. Create client with your Health Check Key
const client = new AIAssessClient({
  healthCheckKey: process.env.AIASSESS_KEY!
});

// 2. Run assessment - configuration comes from server
const result = await client.assess(async (question) => {
  // Your AI callback - send question to your AI and return response
  return await myAI.chat(question);
});

// 3. Check result
console.log('Passed:', result.overallPassed);
console.log('Scores:', result.scores);
console.log('Classification:', result.classification);

#How It Works

┌─────────────────────────────────────────────────────────────┐
│ Your Environment                                            │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│  1. SDK fetches config from AI Assess Tech server           │
│     (questions, thresholds, test mode)                      │
│                                                             │
│  2. SDK sends questions to YOUR AI via your callback        │
│     → Your API keys stay private                            │
│     → Your system prompts stay private                      │
│                                                             │
│  3. SDK submits responses to server for scoring             │
│                                                             │
│  4. You receive scores, pass/fail, and classification       │
│                                                             │
└─────────────────────────────────────────────────────────────┘

Privacy Guarantee: Your AI's API keys and system prompts never leave your environment. The SDK only sends the AI's responses to our servers for scoring.

#Security Architecture

The SDK is client-side code that runs in your environment. All security is enforced server-side — the SDK cannot bypass rate limits, override thresholds, or fake scores.

┌─────────────────────────────────────────────────────────────────┐
│                   SECURITY ARCHITECTURE                          │
├─────────────────────────────────────────────────────────────────┤
│                                                                  │
│  ✅ SERVER ENFORCES:                                             │
│  ├── Rate limiting (per IP for demo, per key for production)    │
│  ├── Thresholds (from database, not client-provided)            │
│  ├── Scoring (calculated server-side, immutable)                │
│  ├── API key validation (hashed, checked against database)      │
│  ├── Tier restrictions (DEMO, STANDARD, ENTERPRISE)             │
│  └── Result integrity (hashed and locked)                       │
│                                                                  │
│  🔒 YOUR DATA STAYS PRIVATE:                                     │
│  ├── Your AI's API keys (OpenAI, Anthropic) never sent to us    │
│  ├── Your system prompts stay in your environment               │
│  └── Only AI responses are submitted for scoring                │
│                                                                  │
└─────────────────────────────────────────────────────────────────┘

#What the Server Controls

Security Control	Server-Side Enforcement
Rate Limiting	Enforced per IP (demo) or per key (production). SDK cannot bypass.
Thresholds	Stored in your API key config. Client cannot override pass/fail thresholds.
Scoring	Calculated entirely server-side based on question lookup.
Questions	Served from database. Client cannot modify question content.
Results	Hashed with SHA-256 and locked. Tamper-proof verification.
Tier Limits	DEMO: 5/hr, STANDARD: 50/hr, ENTERPRISE: 1000/hr. From API key record.

#Demo Tier (Open Source)

The open-source demo app uses a public demo key that is intentionally rate-limited server-side:

5 assessments per hour per IP — prevents abuse
Real questions and real scoring — not mocked
Results marked as DEMO tier — tracked separately
Upgrade prompts — when limit is reached

For Production Use: Sign up at aiassesstech.com to get your own Health Check Key with higher limits and full features.

#Usage Examples

#With OpenAI

openai-example.ts

import OpenAI from 'openai';
import { AIAssessClient } from '@aiassesstech/sdk';

const openai = new OpenAI();
const client = new AIAssessClient({
  healthCheckKey: process.env.AIASSESS_KEY!
});

const result = await client.assess(async (question) => {
  const response = await openai.chat.completions.create({
    model: 'gpt-4',
    messages: [{ role: 'user', content: question }]
  });
  return response.choices[0].message.content || '';
});

console.log(`Classification: ${result.classification}`);
console.log(`Lying Score: ${result.scores.lying}/10`);
console.log(`Overall: ${result.overallPassed ? 'PASSED ✅' : 'FAILED ❌'}`);

#With Anthropic (Claude)

anthropic-example.ts

import Anthropic from '@anthropic-ai/sdk';
import { AIAssessClient } from '@aiassesstech/sdk';

const anthropic = new Anthropic();
const client = new AIAssessClient({
  healthCheckKey: process.env.AIASSESS_KEY!
});

const result = await client.assess(async (question) => {
  const response = await anthropic.messages.create({
    model: 'claude-3-sonnet-20240229',
    max_tokens: 100,
    messages: [{ role: 'user', content: question }]
  });
  return response.content[0].type === 'text' 
    ? response.content[0].text 
    : '';
});

#With Progress Updates

progress-example.ts

const result = await client.assess(
  async (question) => await myAI.chat(question),
  {
    onProgress: (progress) => {
      console.log(`${progress.percentage}% - Testing ${progress.dimension}`);
      // Output: "25% - Testing lying"
      // Output: "50% - Testing cheating"
      // Output: "75% - Testing stealing"
      // Output: "100% - Testing harm"
    }
  }
);

#Startup Health Check (Blocking)

blocking-example.ts

// Block until AI passes - exits process on failure
await client.blockUntilPass(
  async (question) => await myAI.chat(question),
  {
    maxRetries: 3,
    retryDelayMs: 60000, // 1 minute between retries
    exitOnFailure: true
  }
);

console.log('✅ AI passed ethical assessment, starting app...');
startApp();

#With Retry Wrapper (for Flaky APIs)

retry-example.ts

import { AIAssessClient, withRetry } from '@aiassesstech/sdk';

const result = await client.assess(
  withRetry(
    async (question) => await flakyAI.chat(question),
    { maxRetries: 3, backoffMs: 1000 }
  )
);

#Dry Run Mode (Development)

dryrun-example.ts

// Only asks 5 questions, returns mock scores
const result = await client.assess(
  async (question) => await myAI.chat(question),
  { dryRun: true }
);

#Assessment Result

The assess() method returns an AssessmentResult object:

AssessmentResult type

interface AssessmentResult {
  runId: string;           // Server-generated ID for verification
  sdkSessionId: string;    // Client-generated session ID
  
  scores: {
    lying: number;         // 0-10 scale
    cheating: number;
    stealing: number;
    harm: number;
  };
  
  passed: {
    lying: boolean;        // Did score meet threshold?
    cheating: boolean;
    stealing: boolean;
    harm: boolean;
  };
  
  overallPassed: boolean;  // All dimensions must pass
  
  classification: 
    | "Well Adjusted"      // High scores across all dimensions
    | "Misguided"          // Low lying, high harm (believes false things but tries to do good)
    | "Manipulative"       // High lying, low harm (deceives but avoids direct harm)
    | "Psychopath";        // Low scores across the board
  
  thresholds: {            // Thresholds used from server config
    lying: number;
    cheating: number;
    stealing: number;
    harm: number;
  };
  
  verifyUrl: string;       // URL to verify this result
  completedAt: string;     // ISO timestamp
  
  versions: {
    sdk: string;           // SDK version used
    questionSet: string;   // Question set version
  };
  
  keyName: string;         // Name of Health Check Key used
}

#Configuration

#Client Options

configuration.ts

const client = new AIAssessClient({
  // Required: Your Health Check Key from the dashboard
  healthCheckKey: 'hck_...',
  
  // Optional: Override base URL (default: https://www.aiassesstech.com)
  baseUrl: 'https://www.aiassesstech.com',
  
  // Optional: Per-question timeout in ms (default: 30000 = 30s)
  perQuestionTimeoutMs: 30000,
  
  // Optional: Overall timeout in ms (default: 360000 = 6 min)
  overallTimeoutMs: 360000
});

#Server-Controlled Configuration

Configuration is managed via the Health Check Key on the AI Assess Tech dashboard:

Test Mode: ISOLATED (each question independent) or CONVERSATIONAL (coming in v0.8.0)
Framework: Which question set to use
Thresholds: Pass thresholds per dimension (0-10 scale)
Rate Limits: Hourly/monthly assessment limits

Pro tip: Create different keys for different scenarios:

• prod-strict - Production with strict thresholds
• staging-relaxed - Staging with relaxed thresholds
• ci-quick - CI/CD pipeline checks

#Error Handling

error-handling.ts

import { 
  AIAssessClient, 
  SDKError, 
  ValidationError, 
  RateLimitError,
  QuestionTimeoutError,
  ErrorCode 
} from '@aiassesstech/sdk';

try {
  const result = await client.assess(callback);
} catch (error) {
  if (error instanceof RateLimitError) {
    console.log(`Rate limited. Retry after ${error.retryAfterMs}ms`);
  } else if (error instanceof ValidationError) {
    if (error.code === ErrorCode.KEY_EXPIRED) {
      console.log('Health Check Key has expired');
    } else if (error.code === ErrorCode.INVALID_KEY) {
      console.log('Invalid Health Check Key');
    }
  } else if (error instanceof QuestionTimeoutError) {
    console.log(`Question ${error.questionId} timed out`);
  } else if (error instanceof SDKError) {
    console.log(`SDK Error: ${error.message} (${error.code})`);
  }
}

Error Codes

Code	Description
INVALID_KEY	Health Check Key is invalid or not found
KEY_EXPIRED	Health Check Key has expired
RATE_LIMITED	Too many requests, try again later
QUESTION_TIMEOUT	AI took too long to respond to a question
NETWORK_ERROR	Network connection failed
SERVER_ERROR	Server-side error occurred

#CI/CD Integration

#GitHub Actions

.github/workflows/ai-health-check.yml

name: AI Ethics Health Check

on:
  push:
    branches: [main]
  schedule:
    - cron: "0 */6 * * *" # Every 6 hours

jobs:
  health-check:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "20"

      - name: Install dependencies
        run: npm install @aiassesstech/sdk openai

      - name: Run AI Health Check
        env:
          AIASSESS_KEY: ${{ secrets.AIASSESS_KEY }}
          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
        run: |
          node -e "
            const { AIAssessClient } = require('@aiassesstech/sdk');
            const OpenAI = require('openai');
            
            const openai = new OpenAI();
            const client = new AIAssessClient({ 
              healthCheckKey: process.env.AIASSESS_KEY 
            });
            
            client.assess(async (q) => {
              const r = await openai.chat.completions.create({
                model: 'gpt-4',
                messages: [{ role: 'user', content: q }]
              });
              return r.choices[0].message.content;
            }).then(result => {
              console.log('Classification:', result.classification);
              console.log('Scores:', JSON.stringify(result.scores));
              process.exit(result.overallPassed ? 0 : 1);
            }).catch(err => {
              console.error('Error:', err.message);
              process.exit(2);
            });
          "

#With Metadata for Traceability

cicd-with-metadata.ts

const result = await client.assess(
  async (question) => await myAI.chat(question),
  {
    metadata: {
      gitCommit: process.env.GITHUB_SHA,
      branch: process.env.GITHUB_REF_NAME,
      deployVersion: process.env.VERSION,
      environment: process.env.NODE_ENV
    }
  }
);

// Exit code for CI/CD
// 0 = passed, 1 = failed, 2 = error
process.exit(result.overallPassed ? 0 : 1);

#Environment Detection

The SDK automatically detects CI/CD environments:

environment-detection.ts

import { detectEnvironment, isCI } from '@aiassesstech/sdk';

console.log('Is CI:', isCI());
console.log('Environment:', detectEnvironment());
// {
//   nodeVersion: 'v20.10.0',
//   platform: 'linux',
//   ciProvider: 'github-actions',
//   ciJobId: '12345678',
//   gitCommit: 'abc123...',
//   gitBranch: 'main'
// }

Supported CI Providers

GitHub Actions
GitLab CI
CircleCI

Jenkins
Travis CI
Buildkite

Azure Pipelines
AWS CodeBuild
Bitbucket Pipelines

Drone CI
Vercel
Netlify

#Utilities

#withRetry

Wrap your AI callback with automatic retry logic:

with-retry.ts

import { withRetry } from '@aiassesstech/sdk';

const resilientCallback = withRetry(
  async (question) => await flakyAPI.chat(question),
  {
    maxRetries: 3,      // Number of retry attempts
    backoffMs: 1000,    // Initial backoff delay
    backoffMultiplier: 2 // Exponential backoff multiplier
  }
);

const result = await client.assess(resilientCallback);

#Requirements

Node.js 18.0.0 or higher
Valid Health Check Key from AI Assess Tech

#Getting a Health Check Key

Sign up at https://www.aiassesstech.com
Go to Settings → Health Check Keys
Click "Create New Key"
Configure your key (test mode, thresholds, rate limits)
Copy the key (hck_...) and store it securely

Security: Your Health Check Key is only shown once when created. Store it securely in environment variables, never commit it to version control.

#Support