@keeptrusts/agent 0.1.0 adoption status
:::danger Do not adopt version 0.1.0
This unlisted page is retained as a version-specific compatibility record. It is not a current SDK overview. Use the supported TypeScript Agent Workflow for new integrations.
:::
@keeptrusts/agent is a preview TypeScript package that combines gateway
transport helpers with control-plane client code. The 0.1.0 release has useful
implemented pieces, but it does not yet provide the end-to-end agent lifecycle,
observability, evidence, permission, and MCP workflow previously described by
these docs.
Adoption decision
Do not adopt 0.1.0 for an ordinary Node.js application or a production agent workflow:
- its entrypoint throws during a normal Node.js import because of the
server-onlymarker dependency; - several exported helpers call routes that do not exist;
- several other helpers expect request or response shapes that differ from the current API.
Use the supported TypeScript Agent Workflow for direct gateway traffic and event correlation.
Package boundaries
The package contains four distinct kinds of code:
| Area | Purpose | Current status |
|---|---|---|
| Gateway transport | Send OpenAI-compatible or fetch-based traffic with agent and trace headers. | Implemented and unit-tested; blocked by the ordinary Node entrypoint issue. |
| Control-plane client | Authenticate agent, event, and trail API calls. | Client transport is implemented; individual high-level helpers vary in compatibility. |
| Configuration builders | Produce Claude, Codex, and MCP-shaped configuration objects. | Object construction only; no external adapter process or MCP protocol client is included. |
| Browser export | Fail fast when imported in a browser bundle. | Intentionally unsupported. |
Two credentials, two destinations
| Credential | Sent to | SDK option |
|---|---|---|
| Control-plane bearer token | API routes such as /v1/agents, /v1/events, and /v1/trail/* | bearerToken |
| Gateway access token | Gateway model routes such as /v1/chat/completions and /v1/responses | gatewayApiKey |
The SDK's environment fallback uses KEEPTRUSTS_API_TOKEN for both options.
That convenience does not make the credentials equivalent. Pass separate
values explicitly in any deployed runtime.
Correct field vocabulary
The live APIs use:
event_id,request_id, andtimestampon decision events, with gateway UUID request IDs represented as 32 lowercase hexadecimal characters without hyphens;event_attribution.agent_idfor agent attribution;event_cost_attributionfor request cost and token details;{ "events": [...] }for event queries;{ "agents": [...] }for agent lists;- flat agent statistics such as
total_events,block_count, andavg_quality_percent.
SDK types that expose id, occurred_at, top-level event agent_id, a
data wrapper, or stats.totals do not reflect those live responses.