Skip to main content
@complior/sdk accepts a MiddlewareConfig object at initialization. Every field is optional — sensible defaults are applied. 
import { complior } from '@complior/sdk';
import OpenAI from 'openai';

const client = complior(new OpenAI(), {
  jurisdictions: ['EU'],
  role: 'provider',
  domain: 'hr',
  strict: true,
});

Core

FieldTypeDefaultDescription
jurisdictions('EU' | 'US' | 'UK' | 'CA' | 'AU' | 'GLOBAL')[]undefinedActive jurisdictions for compliance checks
role'provider' | 'deployer' | 'both'undefinedEU AI Act role classification
domainDomain | Domain[]undefinedActivates domain-specific hooks (hr, finance, healthcare, education, legal, content)
loggingbooleanfalseEnable request/response logging
strictbooleanfalseThrow on any compliance violation (vs. warn)

PII / Sanitize

FieldTypeDefaultDescription
sanitizeMode'replace' | 'block' | 'warn''replace'How to handle detected PII
const client = complior(new OpenAI(), {
  sanitizeMode: 'block', // Throw PIIDetectedError instead of redacting
});
  • replace — redacts PII with labels like [PII:SSN], [PII:EMAIL], [PII:IBAN]
  • block — throws PIIDetectedError on first PII match
  • warn — passes through unmodified, adds piiDetected to metadata
See PII Detection for the full list of 50+ detectable types and checksum validators.

Disclosure

FieldTypeDefaultDescription
disclosureInjectionbooleanfalseInject “I am AI” disclosure into system messages
disclosureTextstringBuilt-in per languageCustom disclosure text
disclosurePosition'prepend' | 'append' | 'header''prepend'Where to inject disclosure
disclosureFrequency'every' | 'session-start''every'Injection frequency
disclosureLanguages('EN' | 'DE' | 'FR' | 'ES')[]['EN']Languages for disclosure verification
disclosureMode'warn-only' | 'block''warn-only'Action when disclosure is missing from response
customDisclosurePhrasesRegExp[]undefinedAdditional patterns to accept as valid disclosure
const client = complior(new OpenAI(), {
  disclosureInjection: true,
  disclosureText: 'This response is generated by an AI system.',
  disclosurePosition: 'prepend',
  disclosureLanguages: ['EN', 'DE'],
  disclosureMode: 'block',
});

Bias Detection

FieldTypeDefaultDescription
biasThresholdnumber (0–1)0.3 (general), 0.15 (HR)Aggregate score threshold — findings above this trigger action
biasAction'warn' | 'block''warn'Throw BiasDetectedError (block) or add to metadata (warn)
The threshold depends on the active domain profile. See Bias Detection for domain-specific weights.

Safety Filter

FieldTypeDefaultDescription
safetyFilterbooleanfalseEnable safety pattern scanning on responses
safetyMode'block' | 'warn' | 'log''block'Action on safety violation
safetyThresholdnumber (0–1)0.5Aggregate score threshold
const client = complior(new OpenAI(), {
  safetyFilter: true,
  safetyMode: 'warn',    // Don't throw, add to metadata
  safetyThreshold: 0.3,  // Lower = stricter
});

Human-in-the-Loop Gate

FieldTypeDefaultDescription
hitlGatebooleanfalseEnable HITL gate for critical actions
hitlGateTimeoutMsnumber300000 (5 min)Timeout before auto-deny
hitlGateRulesGateRule[]4 built-in rulesCustom gate trigger rules
onGateTriggered(req: GateRequest) => Promise<GateDecision>undefinedApproval callback — if absent, auto-deny (fail-safe)
const client = complior(new OpenAI(), {
  hitlGate: true,
  hitlGateTimeoutMs: 60_000,
  onGateTriggered: async (request) => {
    const approved = await askHumanOperator(request);
    return approved
      ? { approved: true }
      : { approved: false, reason: 'Operator denied' };
  },
});
See Safety & HITL for built-in rules and types.

Interaction Logging

FieldTypeDefaultDescription
interactionLoggerbooleanfalseEnable structured JSONL logging
interactionLogPathstring.complior/logs/interactions.jsonlLog file path
Logs include provider, model, prompt/response hashes, token counts, latency, and compliance check results. Auto-rotates at 100 MB.

Runtime

FieldTypeDefaultDescription
configPathstring | false.complior/proxy.tomlTOML config file path, or false to disable hot-reload
retryRetryConfigSee belowRetry configuration for transient errors

RetryConfig

FieldTypeDefaultDescription
enabledbooleantrueEnable automatic retries
maxRetriesnumber3Maximum retry attempts
baseDelayMsnumber1000Base delay (exponential backoff)
maxDelayMsnumber30000Maximum delay cap
Retries apply to status codes 429, 500504 and network errors (ECONNREFUSED, ECONNRESET, ETIMEDOUT, EPIPE, EAI_AGAIN). Compliance errors (MiddlewareError subclasses) are never retried.

TOML File Configuration

Create .complior/proxy.toml for file-based configuration with hot-reload (100ms debounce): 
[hooks]
logging = true
safety_filter = true
hitl_gate = false
interaction_logger = true
disclosure_injection = true

[thresholds]
bias_threshold = 0.2
bias_action = "block"
safety_threshold = 0.3
safety_mode = "warn"

[sanitize]
mode = "replace"

[disclosure]
mode = "block"
languages = ["EN", "DE"]
text = "This response is AI-generated."
position = "prepend"
frequency = "every"

[hitl]
timeout_ms = 60000

[logging]
interaction_log_path = ".complior/logs/interactions.jsonl"

[retry]
enabled = true
max_retries = 5
base_delay_ms = 2000
max_delay_ms = 60000
Programmatic config takes precedence over file-based config on conflicts.

AgentConfig

AgentConfig extends MiddlewareConfig with passport enforcement fields. See Agent Mode for the full reference.
FieldTypeDescription
passportRecord<string, unknown>Agent Passport JSON (loaded from .complior/agents/)
budgetLimitUsdnumberSession budget cap
onBudgetExceeded'warn' | 'block'Action when budget exceeded
onPermissionDenied'warn' | 'block'Action on denied method
toolCallActionToolCallActionHow to handle denied tool calls
onToolCallDenied(denied: DeniedToolCall[]) => voidCallback for denied tools
onAction(entry: ActionLogEntry) => voidAudit callback for each LLM call
circuitBreakerCircuitBreakerConfigCircuit breaker settings

Agent Mode

Passport enforcement, budget, rate limits.

Advanced Features

Hot-reload, retry, streaming, logging.