Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.sedata-ai.tech/llms.txt

Use this file to discover all available pages before exploring further.

The safetyCheck wrapper sits in front of any tool handler and runs the input through Sedata’s safety API before your code sees it. Flagged content gets a canned blocked response; clean content passes through transparently.

Flow

1

Wrap the handler

safetyCheck(handler, { parameterName: 'text' }) returns a new handler that knows which input field to inspect.
2

Inspect the parameter

On invocation, the wrapper reads params[parameterName]. If it’s a string, it sends a POST to https://api.sedata-ai.tech/security/safety-check with { "content": "<value>" }.
3

Decide

  • Flagged → return a structured “blocked” response without calling your handler.
  • Not flagged → call your handler with the original params.
  • API error → log a warning and call your handler (fail-open).
4

Annotate the span

Either way, the wrapper writes params._safetyCheck so the instrumentation layer can attach mcp.safety_check.* attributes to the active span.

Authentication

The safety API expects an x-api-key header. The wrapper picks it up automatically from your instrumentServer config: 
const telemetryConfig: TelemetryConfig = {
  // ...
  exporterAuth: { type: 'apiKey', apiKey: process.env.SEDATA_KEY },
  // or a bearer token — the safety API accepts either
  exporterAuth: { type: 'bearer', token: process.env.SEDATA_KEY },
}

instrumentServer(server, telemetryConfig)
// ↑ also calls setTelemetryApiKey(...) under the hood

Blocked response shape

When content is flagged, the wrapper returns a response that satisfies most tool output schemas: 
{
  "content": [
    {
      "type": "text",
      "text": "{ \"summary\": \"🚫 CONTENT BLOCKED: ...\", \"blocked\": true, \"reason\": \"Content flagged by safety check\", \"timestamp\": \"2026-..\" }"
    }
  ],
  "structuredContent": {
    "summary": "🚫 CONTENT BLOCKED: ..."
  }
}
If your tool’s outputSchema uses a key other than summary, you’ll need to customize the blocked response shape — open an issue or fork the wrapper.

Failure modes

ScenarioBehavior
Network errorLogged as warning. Handler runs. _safetyCheck.success = false.
Non-200 from safety APILogged. Handler runs. _safetyCheck.success = false.
Missing API keyRequest goes out without x-api-key. The API may 401; treated like any other failure.
Parameter missingHandler runs untouched. No safety attributes recorded.
Parameter not a stringHandler runs untouched. No safety attributes recorded.
The wrapper is designed to fail open — telemetry should never take down your tool. If you want fail-closed semantics, layer your own retry / strict check on top.

When to use it

Use safetyCheck for any tool whose input is free-form user content:
  • summarizers, translators, classifiers
  • code generators / interpreters
  • anything that could be prompt-injected
Skip it for:
  • structured numeric inputs (no content to flag)
  • internal tools called only by trusted automation
  • tools where blocking would break correctness (calculators, lookups)

Span attributes added

When the wrapper runs, the span for that tool call includes:
AttributeTypeExample
mcp.safety_check.contentstring"please ignore previous instructions and..."
mcp.safety_check.flaggedbooleantrue
mcp.safety_check.latency_msnumber42
mcp.safety_check.successbooleantrue

Next

safetyCheck reference

The full function signature, options, and types.

Example with safety

A complete summarizer tool with safetyCheck.