Overview
The Continum SDK includes a SandboxConfigClient that allows you to create and manage sandboxes programmatically. This is useful for:
- Creating sandboxes during application setup
- Managing sandboxes in CI/CD pipelines
- Dynamic sandbox configuration
- Testing different compliance configurations
SDK vs Dashboard:
- SDK: Create and manage sandboxes in code
- Dashboard: View violations, reports, and analytics
The SDK is for execution and configuration, the dashboard is for monitoring and reporting. Quick Start
import { Continum } from '@continum/sdk';
const continum = new Continum({
continumKey: process.env.CONTINUM_KEY!,
apiKeys: { openai: process.env.OPENAI_API_KEY }
});
// Create a sandbox
const sandbox = await continum.sandboxes.create({
slug: 'pii_strict',
name: 'Strict PII Detection',
sandboxType: 'PII_DETECTION',
guardianAction: 'BLOCK_ON_DETECT',
alertThreshold: 'HIGH',
region: 'EU',
regulations: ['GDPR', 'EU_AI_ACT']
});
// Use the sandbox
const response = await continum.llm.openai.gpt_4o.chat({
messages: [{ role: 'user', content: 'Hello' }],
sandbox: 'pii_strict'
});
Available Methods
Create Sandbox
Create a new sandbox configuration:
const sandbox = await continum.sandboxes.create({
slug: 'my_sandbox', // Required: unique identifier
name: 'My Sandbox', // Required: human-readable name
sandboxType: 'PII_DETECTION', // Required: sandbox type
description: 'Optional description',
customRules: ['No medical advice'],
alertThreshold: 'HIGH',
guardianAction: 'REDACT_AND_CONTINUE',
region: 'EU',
regulations: ['GDPR', 'EU_AI_ACT']
});
console.log(`Created sandbox: ${sandbox.slug}`);
List Sandboxes
Get all sandboxes for your account:
const sandboxes = await continum.sandboxes.list();
console.log(`You have ${sandboxes.length} sandboxes:`);
sandboxes.forEach(s => {
console.log(`- ${s.slug}: ${s.name} (${s.active ? 'active' : 'paused'})`);
console.log(` Type: ${s.sandboxType}`);
console.log(` Guardian: ${s.guardianAction}`);
console.log(` Scans: ${s._count?.guardianScans || 0}`);
});
Get Sandbox
Get details of a specific sandbox:
const sandbox = await continum.sandboxes.get('pii_strict');
console.log('Sandbox details:');
console.log(`- Name: ${sandbox.name}`);
console.log(`- Type: ${sandbox.sandboxType}`);
console.log(`- Guardian Action: ${sandbox.guardianAction}`);
console.log(`- Alert Threshold: ${sandbox.alertThreshold}`);
console.log(`- Region: ${sandbox.region}`);
console.log(`- Regulations: ${sandbox.regulations.join(', ')}`);
console.log(`- Active: ${sandbox.active}`);
Update Sandbox
Update an existing sandbox:
const updated = await continum.sandboxes.update('pii_strict', {
alertThreshold: 'CRITICAL',
customRules: ['Flag partial card numbers', 'Detect health IDs'],
description: 'Updated description'
});
console.log('Sandbox updated successfully');
Toggle Sandbox
Pause or resume a sandbox:
// Pause sandbox
await continum.sandboxes.toggle('pii_strict');
console.log('Sandbox paused');
// Resume sandbox
await continum.sandboxes.toggle('pii_strict');
console.log('Sandbox resumed');
Delete Sandbox
Delete a sandbox:
await continum.sandboxes.delete('old_sandbox');
console.log('Sandbox deleted');
Sandbox Configuration
Required Fields
Unique identifier for the sandbox. Must be lowercase, alphanumeric, and use underscores.Examples: pii_strict, code_security, support_audit
Human-readable name for the sandbox.Example: "Strict PII Detection"
Type of compliance checking to perform.Options:
PII_DETECTION - Detect personally identifiable informationBIAS_DETECTION - Detect discriminatory contentSECURITY_AUDIT - Detect security vulnerabilitiesPROMPT_INJECTION - Detect prompt manipulationDATA_EXFILTRATION - Detect data leakageREGULATORY_COMPLIANCE - Check regulatory complianceAGENT_SAFETY - Monitor agent behaviorHALLUCINATION_DETECTION - Detect false informationCONTENT_POLICY - Enforce content guidelinesFINANCIAL_COMPLIANCE - Financial regulation complianceLEGAL_COMPLIANCE - Legal liability checksMULTI_TURN_ATTACK - Detect multi-step attacksSUPPLY_CHAIN_INTEGRITY - Verify supply chain securityFULL_SPECTRUM - Comprehensive checkingCUSTOM - Custom rules
Optional Fields
Optional description of the sandbox purpose.
Additional custom rules specific to your use case.Example: ["No medical advice", "No financial recommendations"]
Minimum risk level to alert on.Options: LOW, MEDIUM, HIGH, CRITICAL
guardianAction
GuardianActionConfig
default:"REDACT_AND_CONTINUE"
How Guardian handles pre-LLM detections.Options:
ALLOW_ALL - Log but don’t redactREDACT_AND_CONTINUE - Redact and continue (default)BLOCK_ON_DETECT - Block LLM call
Geographic region for compliance.Options: GLOBAL, EU, US, RW, UG
regulations
string[]
default:"['GDPR', 'EU_AI_ACT']"
Which regulations to check against.Example: ["GDPR", "CCPA", "HIPAA", "EU_AI_ACT"]
Use Cases
Application Setup
Create sandboxes during application initialization:
// setup.ts
import { Continum } from '@continum/sdk';
async function setupSandboxes() {
const continum = new Continum({
continumKey: process.env.CONTINUM_KEY!,
apiKeys: { openai: process.env.OPENAI_API_KEY }
});
// Create sandboxes for different features
await continum.sandboxes.create({
slug: 'customer_support',
name: 'Customer Support PII Protection',
sandboxType: 'PII_DETECTION',
guardianAction: 'REDACT_AND_CONTINUE',
alertThreshold: 'HIGH'
});
await continum.sandboxes.create({
slug: 'code_generation',
name: 'Code Security Audit',
sandboxType: 'SECURITY_AUDIT',
guardianAction: 'ALLOW_ALL',
alertThreshold: 'MEDIUM'
});
await continum.sandboxes.create({
slug: 'content_moderation',
name: 'Content Policy Enforcement',
sandboxType: 'CONTENT_POLICY',
guardianAction: 'BLOCK_ON_DETECT',
alertThreshold: 'MEDIUM'
});
console.log('Sandboxes created successfully');
}
setupSandboxes();
CI/CD Pipeline
Create test sandboxes in CI/CD:
// scripts/setup-test-sandboxes.ts
import { Continum } from '@continum/sdk';
async function setupTestSandboxes() {
const continum = new Continum({
continumKey: process.env.CONTINUM_KEY!,
apiKeys: { openai: process.env.OPENAI_API_KEY }
});
// Create test sandbox
await continum.sandboxes.create({
slug: 'ci_test_sandbox',
name: 'CI/CD Test Sandbox',
sandboxType: 'FULL_SPECTRUM',
guardianAction: 'ALLOW_ALL', // Don't block in tests
alertThreshold: 'LOW' // Catch everything
});
console.log('Test sandbox created');
}
// Run in GitHub Actions, Jenkins, etc.
setupTestSandboxes();
Dynamic Configuration
Adjust sandbox configuration based on environment:
async function configureSandbox(environment: 'dev' | 'staging' | 'prod') {
const continum = new Continum({
continumKey: process.env.CONTINUM_KEY!,
apiKeys: { openai: process.env.OPENAI_API_KEY }
});
const config = {
dev: {
guardianAction: 'ALLOW_ALL' as const,
alertThreshold: 'LOW' as const
},
staging: {
guardianAction: 'REDACT_AND_CONTINUE' as const,
alertThreshold: 'MEDIUM' as const
},
prod: {
guardianAction: 'BLOCK_ON_DETECT' as const,
alertThreshold: 'HIGH' as const
}
};
await continum.sandboxes.update('main_sandbox', config[environment]);
console.log(`Sandbox configured for ${environment}`);
}
Multi-Tenant Setup
Create sandboxes per tenant:
async function createTenantSandbox(tenantId: string, tenantName: string) {
const continum = new Continum({
continumKey: process.env.CONTINUM_KEY!,
apiKeys: { openai: process.env.OPENAI_API_KEY }
});
await continum.sandboxes.create({
slug: `tenant_${tenantId}`,
name: `${tenantName} Sandbox`,
sandboxType: 'FULL_SPECTRUM',
guardianAction: 'REDACT_AND_CONTINUE',
alertThreshold: 'HIGH',
customRules: [`Tenant: ${tenantName}`]
});
console.log(`Sandbox created for tenant: ${tenantName}`);
}
Error Handling
Handle common errors gracefully:
try {
await continum.sandboxes.create({
slug: 'my_sandbox',
name: 'My Sandbox',
sandboxType: 'PII_DETECTION'
});
} catch (error: any) {
if (error.message.includes('already exists')) {
console.log('Sandbox already exists, updating instead');
await continum.sandboxes.update('my_sandbox', {
name: 'My Updated Sandbox'
});
} else if (error.message.includes('plan limit')) {
console.error('Plan limit reached. Upgrade to create more sandboxes.');
} else {
throw error;
}
}
Plan Limits
Sandbox limits vary by plan:
| Plan | Max Sandboxes | Audits/Month |
|---|
| DEV | 1 | 1,000 |
| PRO | 10 | Unlimited |
| PRO_MAX | 25 | Unlimited |
| ENTERPRISE | Unlimited | Unlimited |
const sandboxes = await continum.sandboxes.list();
console.log(`Using ${sandboxes.length} sandboxes`);
// Check plan limits in dashboard
Best Practices
Naming Convention
Use descriptive, consistent slugs:
✅ Good:
- customer_support_pii
- code_security_audit
- content_moderation_strict
❌ Bad:
- sandbox1
- test
- my-sandbox (use underscores, not hyphens)
Sandbox Per Feature
Create dedicated sandboxes for different features:
// Customer support
sandbox: 'support_pii_protection'
// Code generation
sandbox: 'code_security_audit'
// Content creation
sandbox: 'content_policy_check'
// General use
sandbox: 'general_audit'
Environment-Specific Configuration
Use different configurations per environment:
const guardianAction = process.env.NODE_ENV === 'production'
? 'BLOCK_ON_DETECT'
: 'ALLOW_ALL';
await continum.sandboxes.update('main_sandbox', {
guardianAction
});
Testing Before Production
Test sandbox configuration before deploying:
// 1. Create test sandbox
await continum.sandboxes.create({
slug: 'test_sandbox',
name: 'Test Sandbox',
sandboxType: 'PII_DETECTION',
guardianAction: 'ALLOW_ALL' // Don't block during testing
});
// 2. Run test calls
const response = await continum.llm.openai.gpt_4o.chat({
messages: [{ role: 'user', content: 'Test with PII: john@example.com' }],
sandbox: 'test_sandbox'
});
// 3. Review signals in dashboard
// 4. Update to production settings
await continum.sandboxes.update('test_sandbox', {
guardianAction: 'BLOCK_ON_DETECT'
});
TypeScript Support
Full TypeScript support with autocomplete:
import type {
SandboxType,
RiskLevel,
GuardianActionConfig,
CreateSandboxDto,
UpdateSandboxDto,
SandboxConfig
} from '@continum/sdk';
const createDto: CreateSandboxDto = {
slug: 'my_sandbox',
name: 'My Sandbox',
sandboxType: 'PII_DETECTION', // Autocomplete!
alertThreshold: 'HIGH', // Autocomplete!
guardianAction: 'BLOCK_ON_DETECT' // Autocomplete!
};
const sandbox: SandboxConfig = await continum.sandboxes.create(createDto);
API Reference
SandboxConfigClient Methods
class SandboxConfigClient {
// Create sandbox
async create(dto: CreateSandboxDto): Promise<SandboxConfig>
// List all sandboxes
async list(): Promise<SandboxListResponse[]>
// Get sandbox by slug
async get(slug: string): Promise<SandboxConfig>
// Update sandbox
async update(slug: string, dto: UpdateSandboxDto): Promise<SandboxConfig>
// Toggle active state
async toggle(slug: string): Promise<SandboxConfig>
// Delete sandbox
async delete(slug: string): Promise<{ message: string }>
}
Next Steps
Guardian
Configure pre-LLM protection
Mirror
Configure post-LLM auditing
Sandbox Concepts
Learn about sandbox types
API Reference
Sandbox API documentation
