ArmorIQ SDK
Complete documentation for the ArmorIQ SDK
ArmorIQ SDK
Welcome to the ArmorIQ SDK documentation. This guide will help you integrate and use the ArmorIQ SDK in your applications.
What is ArmorIQ?
ArmorIQ SDK enables you to build intelligent agents that securely execute actions across multiple services (MCPs - Model Context Providers). Think of it as a secure orchestration layer for AI agents.
Key Benefits:
- Secure by Design: Cryptographically verified action execution
- Intent-Based: Declare what you want to do, not how
- Multi-Service: Connect to multiple MCPs with one SDK
- Production Ready: Built-in authentication, rate limiting, and monitoring
Core Concepts
Intent-Based Execution
Instead of directly calling services, you declare your intent (what you want to do) upfront. This intent becomes a cryptographically verified contract.
The ArmorIQ Innovation: LLM + Cryptographic Security
ArmorIQ bridges two worlds:
- AI Agents that use LLMs to reason and plan dynamically
- Zero-Trust Security that cryptographically verifies every action
Traditional Approach:
# Direct calls - no verification
api.call("service1", "action1")
api.call("service2", "action2")
api.call("service3", "action3") # Could be malicious!// Direct calls - no verification
api.call('service1', 'action1');
api.call('service2', 'action2');
api.call('service3', 'action3'); // Could be malicious!ArmorIQ Approach:
# Step 1: Agent captures intent with explicit plan
plan = {
"goal": "Fetch sales data and analyze Q4 performance",
"steps": [
{"action": "fetch_sales", "mcp": "data-mcp", "params": {"quarter": "Q4"}},
{"action": "analyze", "mcp": "analytics-mcp", "params": {"metrics": ["revenue"]}}
]
}
captured_plan = client.capture_plan(
llm="gpt-4",
prompt="Fetch sales data and analyze Q4 performance",
plan=plan # Explicit plan structure required
)
# Step 2: Get cryptographic proof for the plan
token = client.get_intent_token(captured_plan)
# Step 3: Only declared actions can execute
client.invoke(
mcp="data-mcp",
action="fetch_sales",
intent_token=token,
params={"quarter": "Q4"}
) # ✓ Verified (in plan)
client.invoke(
mcp="analytics-mcp",
action="analyze",
intent_token=token,
params={"metrics": ["revenue"]}
) # ✓ Verified (in plan)
client.invoke(
mcp="data-mcp",
action="delete_all",
intent_token=token,
params={}
) # ✗ Fails - Not in plan!import { ArmorIQClient } from '@armoriq/sdk';
// Step 1: Agent captures intent with explicit plan
const plan = {
goal: 'Fetch sales data and analyze Q4 performance',
steps: [
{ action: 'fetch_sales', mcp: 'data-mcp', params: { quarter: 'Q4' } },
{ action: 'analyze', mcp: 'analytics-mcp', params: { metrics: ['revenue'] } }
]
};
const capturedPlan = client.capturePlan(
'gpt-4',
'Fetch sales data and analyze Q4 performance',
plan // Explicit plan structure required
);
// Step 2: Get cryptographic proof for the plan
const token = await client.getIntentToken(capturedPlan);
// Step 3: Only declared actions can execute
await client.invoke(
'data-mcp',
'fetch_sales',
token,
{ quarter: 'Q4' }
); // ✓ Verified (in plan)
await client.invoke(
'analytics-mcp',
'analyze',
token,
{ metrics: ['revenue'] }
); // ✓ Verified (in plan)
await client.invoke(
'data-mcp',
'delete_all',
token,
{}
); // ✗ Fails - Not in plan!Key Insight: You define the exact plan upfront, and every action is cryptographically verified against that plan. This prevents:
- Prompt injection attacks (malicious prompts can't execute unplanned actions)
- Unauthorized action execution
- Plan tampering or modification
The SDK validates your plan structure, then CSRG-IAP creates the cryptographic proof (plan_hash, merkle_root, step_proofs). Each invoke() call is verified against this proof at the Proxy.
Getting Started
Installation
Learn how to install and set up the ArmorIQ SDK
Client Initialization
Learn how to initialize and configure the ArmorIQ client
Core Methods
Explore the core methods of the ArmorIQ SDK
Documentation Sections
- Installation - Installation and setup instructions
- Client Initialization - How to initialize the ArmorIQ client
- Core Methods - Core SDK methods and usage
- Data Models - Data structures and models
- MCP Directory - MCP directory structure
- Error Handling - Error handling patterns
- Advanced Usage - Advanced usage patterns
- Configuration - Configuration options
- Troubleshooting - Common issues and solutions
- Best Practices - Best practices and recommendations