RADAR Documentation
Risk assessment infrastructure for AI agents. Everything you need to integrate RADAR into your agent pipeline.
Installation
npm install @essentianlabs/radar
RADAR runs as a local package in your Node.js project. T1 and T2 assessments execute entirely on your machine — no network calls, no data sent anywhere.
Configuration
Call radar.configure() once at startup. All fields are optional — RADAR works locally with zero config, but an API key unlocks enhanced suggestions and T3/T4 capabilities.
import { radar } from '@essentianlabs/radar'; radar.configure({ apiKey: 'rdr_live_xxxx', // optional — enables enhanced suggestions + T3/T4 llmKey: 'sk-ant-xxxx', // your own LLM key for local T1/T2 scoring activities: { email: 'conservative', // permissive | balanced | conservative financial: 'conservative', publishing: 'balanced', deletion: 'conservative' }, webhookUrl: 'https://your-app.com/radar-escalation' // T4 escalation target (paid) });
Configuration fields
| Field | Type | Description |
|---|---|---|
| apiKey | string | Your RADAR API key. Enables enhanced suggestions and T3/T4 server panel. |
| llmKey | string | Your own LLM provider key (Anthropic, OpenAI, etc.) used for local T1/T2 scoring. |
| activities | object | Map of activity types to slider positions (permissive, balanced, conservative). Controls tier thresholds per activity. |
| webhookUrl | string | URL for T4 human escalation notifications. Paid plan only. |
Your first assessment
Wrap any output action with radar.assess(). It returns a verdict telling your agent whether to proceed.
const result = await radar.assess( 'Send price increase email to 50,000 users', 'email' ); console.log(result); // { // proceed: false, // tier: "T3", // risk_score: 14, // suggestion: { // recommended: "mitigate", // options: { // proceed: "Send as-is to all 50,000 users", // mitigate: "Send in batches under 1,000 with a 24h delay between batches", // block: "Do not send — requires manager approval for bulk pricing changes", // escalate: "Route to human decision-maker" // } // } // }
Response fields
| Field | Type | Description |
|---|---|---|
| proceed | boolean | true if the action is safe to execute immediately (T1). |
| tier | string | Assigned tier: "T1", "T2", "T3", or "T4". |
| risk_score | number | Risk score from 1 (lowest) to 25 (highest). |
| suggestion | object | Contains recommended action and options map with four decision paths. |
The four decision options are always: proceed, mitigate, block, and escalate. Your agent can follow the recommended option or apply its own logic.
POST /radar/assess
Submit an action for server-side risk assessment. Returns a tier assignment, risk score, and suggestions. Used for T3/T4 when the local SDK escalates to the server panel.
Request
| Field | Type | Required | Description |
|---|---|---|---|
| action | string | required | Plain-text description of the action the agent intends to take. |
| activity_type | string | required | Category: email, financial, publishing, deletion, etc. |
| agent_id | string | Identifier for the calling agent (e.g. "billing-agent"). Enables per-agent filtering in the dashboard. | |
| context | object | Optional additional context for the scoring models. |
Example request
curl -X POST https://radar.essentianlabs.com/radar/assess \
-H "Authorization: Bearer rdr_live_xxxx" \
-H "Content-Type: application/json" \
-d '{
"action": "Delete all user records older than 2 years",
"activity_type": "deletion",
"agent_id": "data-agent"
}'
Example response
{
"tier": "T4",
"risk_score": 21,
"proceed": false,
"suggestion": {
"recommended": "escalate",
"options": {
"proceed": "Delete all matching records immediately",
"mitigate": "Archive records instead of deleting; purge after 30-day review",
"block": "Do not delete — requires DBA and compliance sign-off",
"escalate": "Route to database administrator for manual review"
}
},
"escalation_id": "esc_abc123"
}
Error codes
| Code | Meaning |
|---|---|
| 401 | Missing or invalid Bearer token. |
| 403 | Action requires a paid plan. |
| 422 | Invalid request body — missing action or activity_type. |
| 500 | Internal scoring error. Retry with backoff. |
POST /radar/suggest
Request enhanced suggestions from the EssentianLabs server. Only anonymised signals are sent — no action text is transmitted.
Request
| Field | Type | Required | Description |
|---|---|---|---|
| tier | string | required | The tier assigned locally: T1, T2, T3, or T4. |
| risk_score | number | required | Numeric risk score (1–25). |
| activity_type | string | required | Category of the action. |
Example response
{
"enhanced_suggestion": "Based on aggregate patterns for this activity type, consider adding a rate limit before proceeding.",
"confidence": 0.82
}
POST /radar/register
Register for a free API key. No credit card required. Enables enhanced suggestions immediately.
Request
| Field | Type | Required | Description |
|---|---|---|---|
| string | required | Your email address. |
Example
curl -X POST https://radar.essentianlabs.com/radar/register \
-H "Content-Type: application/json" \
-d '{ "email": "dev@example.com" }'
{
"api_key": "rdr_live_abc123def456",
"plan": "free",
"message": "API key created. Store it securely — it won't be shown again."
}
POST /radar/config
Update your activity slider positions server-side. Accepts permissive, balanced, or conservative. Synced to the local SDK on next assessment.
Request
{
"activities": {
"email": "conservative",
"financial": "conservative",
"publishing": "balanced"
}
}
POST /radar/webhook
Register or update your T4 escalation webhook URL. When an action reaches T4, RADAR sends a POST to this URL with the escalation payload.
Webhook payload (sent to your URL)
{
"escalation_id": "esc_abc123",
"tier": "T4",
"risk_score": 22,
"activity_type": "financial",
"suggestion": { /* same shape as /assess response */ },
"timestamp": "2026-03-26T14:30:00Z"
}
GET /radar/history
Returns the last 100 scoring metadata records. No action content is stored or returned — only anonymised signals.
Example response
{
"records": [
{
"id": "rec_001",
"tier": "T2",
"risk_score": 7,
"activity_type": "email",
"verdict": "mitigate",
"timestamp": "2026-03-26T10:15:00Z"
}
],
"total": 47
}
GET /radar/health
Health check endpoint. Returns server status.
{
"status": "ok",
"version": "1.0.0"
}
Tier logic
Every action is scored from 1 to 25. The score maps to a tier based on the slider value for that activity type.
| Tier | Score range | Where it runs | What happens |
|---|---|---|---|
| T1 Proceed | 1–4 | Local | Scores the action locally using your LLM key. Instant. Free. |
| T2 Consult | 5–9 | Local | Second model reviews. Uses your LLM key. Free. |
| T3 Deliberate | 10–16 | Server | GPT-4o, Gemini, and Grok deliberate guided by Vela. Industry-calibrated. Majority rules. Paid. |
| T4 Escalate | 17–25 | Server + human | Vela synthesises panel verdict and fires escalation webhook. Designated human must review. Paid. |
Score ranges above are defaults at the Balanced slider position. The slider shifts these thresholds:
Slider configuration
Each activity type has a slider with three positions: Permissive, Balanced, and Conservative. The slider controls where the tier boundaries fall.
| Position | T2 starts at | T3 starts at | T4 starts at |
|---|---|---|---|
| Permissive | 7 | 13 | 20 |
| Balanced | 5 | 10 | 17 |
| Conservative | 3 | 7 | 12 |
At conservative settings, more actions escalate to higher tiers. At permissive settings, only the riskiest actions leave T1.
Local risk register
RADAR maintains a local SQLite database at .radar/register.db in your project directory. This register:
• Stores action hashes (SHA-256), never action text
• Feeds context into future assessments (repeat detection, pattern analysis)
• Is entirely under your control — delete it, back it up, or inspect it anytime
• Never synced to any server
Privacy model
T1 and T2 are fully local. No action content ever reaches EssentianLabs servers. Scoring happens on your machine using your own LLM key.
T3 and T4 transmit action text to the EssentianLabs server panel for multi-model deliberation. This text is processed in memory and immediately discarded — never written to disk, never stored in any database, never used for training.
What we store (all plans): anonymised scoring metadata only.
| Field | Type | Description |
|---|---|---|
| id | uuid | Record identifier. |
| api_key_hash | string | SHA-256 hash of the API key (not the key itself). |
| tier | string | T1, T2, T3, or T4. |
| risk_score | number | 1–25. |
| activity_type | string | Category of the action. |
| verdict | string | proceed, mitigate, block, or escalate. |
| timestamp | datetime | When the assessment occurred. |
Nothing in this schema can identify your users or reveal what your agent was doing.
Pricing
Free tier includes T1/T2 local assessment, local risk register, and enhanced suggestions with an API key. No limits.
Paid tier adds T3 multi-model deliberation, T4 human escalation via webhook, hosted risk register, and the risk register dashboard.
Early access pricing — contact hello@essentianlabs.com