Beginner sample for the Squad SDK that demonstrates the four governance hooks, which enforce rules as code rather than as prompt instructions. Hooks run deterministically and can't be bypassed, making them ideal for security and policy enforcement.
- Node.js >= 20
- npm
- The SDK must be built first:
cd ../../ && npm run build
- Install dependencies:
npm install - Run the sample:
npm start
- How to use file-write guards to block writes outside safe zones (e.g., prevent writes to
/etc/passwd) - How PII scrubbing automatically redacts email addresses from tool output
- How reviewer lockout prevents a locked-out agent from editing files after a review rejection
- How rate limiting caps the number of times an agent can prompt the user per session
The sample demonstrates four independent hook demos. The first demo creates a hook pipeline with allowed write paths and shows how attempts to write to prohibited paths are blocked. The second demo scrubs personally identifiable information (emails) from tool output strings and nested objects. The third demo simulates a reviewer lockout: once an agent is locked out of a file, attempts to edit that file are denied, but other agents can still access it. The fourth demo implements a per-session rate limiter that allows three user prompts and blocks any additional ones. Each demo shows the allow/block decision and the reason it was made.
π‘οΈ hook-governance β Squad SDK governance hooks sample
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Demo 1 β File-Write Guards
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Write to src/utils/helper.ts: allow β
Write to /etc/passwd: block π«
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Demo 2 β PII Scrubbing
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Before: Deploy fix by brady@example.com β cc: alice@company.io
After: Deploy fix by [EMAIL_REDACTED] β cc: [EMAIL_REDACTED]
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Demo 3 β Reviewer Lockout
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Backend edits src/auth.ts: block π«
Frontend edits src/auth.ts: allow β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Demo 4 β Ask-User Rate Limiter
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Ask #1: allow β
Ask #2: allow β
Ask #3: allow β
Ask #4: block π«
| File | Purpose |
|---|---|
index.ts |
Main demo script running all four hook scenarios |
tests/hook-governance.test.ts |
Acceptance tests validating each hook behavior |
TEST-SCRIPT.md |
Manual test walkthrough |
- Move on to streaming-chat to see agents interact in real time
- Read about the Hook Pipeline API in the main documentation
- See rock-paper-scissors for advanced multi-agent scenarios