IntegrationsAI Agents

AI Agents Integration

SilentAuth is designed for agentic workflows. When an AI agent — whether LangChain, AutoGPT, CrewAI, or a custom agent loop — needs to perform a destructive or irreversible action, SilentAuth ensures a human reviews and approves before execution.

LangChain Tool Example

Wrap any high-risk tool with a SilentAuth approval gate:

import { Tool } from 'langchain/tools';
import { SilentAuth } from '@silentauth/sdk';

const sa = new SilentAuth({
  projectId: process.env.SA_PROJECT_ID,
  secretKey:  process.env.SA_SECRET_KEY,
});

const deleteUserTool = new Tool({
  name: 'delete_user',
  description: 'Permanently deletes a user account',
  func: async (input: string) => {
    const { userId } = JSON.parse(input);

    // Declare intent — blocks until approved
    const intent = await sa.createIntent({
      action: 'delete_user',
      params: { userId },
      approvers: ['admin-team'],
    });

    const permit = await intent.waitForApproval({ timeout: 300_000 });
    if (permit.status !== 'approved') {
      return 'Action denied by approver.';
    }

    // Validate permit before executing
    const valid = sa.validatePermit(permit.token);
    if (!valid.valid) throw new Error('Invalid permit');

    await deleteUser(userId);
    return `User ${userId} deleted successfully.`;
  },
});

Webhook-Based (Async) Pattern

For long-running agent workflows, use webhooks instead of blocking polls:

// 1. Create intent and store its ID
const intent = await sa.createIntent({
  action: 'bulk_delete_records',
  params: { table: 'users', filter: { inactive: true } },
  approvers: ['dba-team'],
  metadata: { agentRunId: run.id },
});

await db.saveIntentId(run.id, intent.id);

// 2. Your webhook endpoint receives the decision
// POST /webhooks/silentauth
app.post('/webhooks/silentauth', async (req) => {
  const event = sa.verifyWebhook(req.body, req.headers['sa-signature']);

  if (event.type === 'intent.approved') {
    const { agentRunId } = event.intent.metadata;
    const permit = event.permit;

    // Resume the agent run with the permit token
    await agentQueue.resume(agentRunId, { permitToken: permit.token });
  }

  if (event.type === 'intent.denied') {
    await agentQueue.cancel(event.intent.metadata.agentRunId);
  }
});

Recommended Actions to Gate

•Database record deletion or truncation

•Sending emails to large user lists

•Creating or deleting cloud infrastructure

•Rotating API keys or secrets

•Making payments or financial transactions

•Exporting user PII or sensitive data

VINAC-FM Acoustic Step-Up

v0.9 Beta

For high-risk agent actions, add an acoustic proximity challenge via VINAC-FM. The agent requests a Layer 4 challenge; the user's device emits an ultrasonic nonce that must be captured and verified before execution proceeds.

import { requestChallenge, submitProof } from '@silentauth/vinac-fm';

async function gateWithAcousticProof(agentAction: () => Promise<void>) {
  // 1. Request acoustic challenge from VINAC-FM edge function
  const challenge = await requestChallenge(
    process.env.SA_PROJECT_ID,
    process.env.SA_PUBLIC_KEY,
  );

  // challenge.frequency_hz  — ultrasonic frequency to emit
  // challenge.duration_ms   — emission window
  // challenge.expires_at    — challenge expiry

  // 2. Emit the nonce on the user's device speaker (18 kHz by default)
  await emitUltrasonicNonce(challenge);

  // 3. Capture the nonce via device microphone
  const capturedNonce = await captureAcousticNonce(challenge);

  // 4. Submit proof — receive VINAC certificate
  const result = await submitProof(
    challenge.vinac_session_id,
    capturedNonce,
    process.env.SA_PUBLIC_KEY,
  );

  if (!result.verified) {
    throw new Error(`Acoustic verification failed: ${result.error}`);
  }

  // 5. Certificate issued — proceed with gated action
  console.log('VINAC certificate:', result.certificate.token);
  await agentAction();
}

The VINAC certificate can also be resolved against the CSIV vocabulary to determine the exact action policy before execution:

import { resolveToken } from '@silentauth/vinac-fm';

// Resolve CSIV_EXEC_001 — confirms execution gate layer requirement
const resolved = await resolveToken(
  result.certificate.token,
  'CSIV_EXEC_001',
  process.env.SA_PUBLIC_KEY,
);

// resolved.action.risk_tier       → "high"
// resolved.action.required_layer  → 4
// resolved.action.execution_policy → { require_human_review: true, ... }

if (resolved.action.execution_policy.require_human_review) {
  await requestHumanApproval(agentAction);
} else {
  await agentAction();
}

← Permit Validation GitHub Actions →