@continum/sdk 0.5.1 → 0.6.1

package/README.md

@@ -1,894 +1,348 @@
-# @continum/sdk
+# @continum/sdk v0.6.0
 
-> Governed Execution Framework for LLM Applications
+**Protection-first AI compliance in one line**
 
-**Current Version**: 0.1.0
+Zero-latency compliance auditing for every LLM call in your application. Wrap any LLM call with `protect()` and get automatic PII detection, bias monitoring, security auditing, and compliance reporting.
 
-**Latest Changes (v0.1.0)**:
-- ✨ Runtime metadata enrichment for compliance tracking
-- ✨ Batch operations for parallel LLM calls
-- ✨ Smart retry with exponential backoff
-- ✨ Provider fallback configuration
-- ✨ Organization context support
-- ✨ Enhanced error handling and resilience
-- 🔧 Improved streaming utilities
-- 📚 Comprehensive documentation updates
-
-## Quick Start
-
-### Installation
+## Installation
 
 ```bash
-# Install the Continum SDK
 npm install @continum/sdk
-
-# Install LLM providers you plan to use (choose one or more)
-npm install openai                    # For OpenAI GPT models
-npm install @anthropic-ai/sdk         # For Claude models  
-npm install @google/generative-ai     # For Gemini models
 ```
 
-### Basic Usage
+## Quick Start
 
 ```typescript
-import { Continum } from '@continum/sdk';
+import { protect } from '@continum/sdk';
+import OpenAI from 'openai';
 
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: {
-    openai: process.env.OPENAI_API_KEY,
-    anthropic: process.env.ANTHROPIC_API_KEY,
-    gemini: process.env.GEMINI_API_KEY
+const openai = new OpenAI();
+
+// Wrap your LLM call with protect()
+const response = await protect(
+  () => openai.chat.completions.create({
+    model: 'gpt-4',
+    messages: [{ role: 'user', content: 'Hello!' }]
+  }),
+  {
+    apiKey: process.env.CONTINUM_API_KEY!,
+    preset: 'customer-support'
   }
-});
+);
 
-// OpenAI - use snake_case model names
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello world' }],
-  sandbox: 'my_sandbox'  // Required: specify sandbox
-});
+// Use the response normally
+console.log(response.choices[0].message.content);
+```
 
-// Anthropic - use model family names (opus, sonnet, haiku)
-const response2 = await continum.llm.anthropic.opus_4_6.chat({
-  messages: [{ role: 'user', content: 'Review this code' }]
-});
-// Also supports: sonnet_4_6, sonnet_4, haiku_4_5, haiku_3_5, sonnet_3_7
-// Legacy format also works: claude_3_5_sonnet
+That's it. Every LLM call is now audited for compliance violations with zero latency impact.
 
-// Gemini - use snake_case with underscores
-const response3 = await continum.llm.gemini.gemini_2_5_pro.chat({
-  messages: [{ role: 'user', content: 'Summarize this' }]
-});
+## Features
 
-// ✅ Guardian checks for PII (pre-execution)
-// ✅ User gets response instantly
-// ✅ Shadow Audit runs in background (post-execution)
-```
+- **Zero Latency**: Fire-and-forget auditing doesn't slow down your application
+- **Auto-Configuration**: Presets automatically configure the right detection types
+- **Framework Compliance**: Specify `comply: ['GDPR', 'SOC2']` and get the right checks
+- **Local Dev Mode**: Automatic local auditing in development without API calls
+- **Blocking Mode**: Optional synchronous auditing when safety > speed
+- **Violation Handlers**: React to specific violations in real-time
 
-### Sandbox Management (NEW in v0.1.0)
+## Configuration
 
-Create and manage sandboxes programmatically:
+### Global Configuration
 
 ```typescript
-// Create a sandbox
-const sandbox = await continum.sandboxes.create({
-  slug: 'pii_strict',
-  name: 'Strict PII Detection',
-  sandboxType: 'PII_DETECTION',
-  guardianAction: 'BLOCK_ON_DETECT',
-  alertThreshold: 'HIGH',
-  region: 'EU',
-  regulations: ['GDPR', 'EU_AI_ACT']
-});
-
-// List all sandboxes
-const sandboxes = await continum.sandboxes.list();
+import { continum } from '@continum/sdk';
 
-// Get sandbox details
-const config = await continum.sandboxes.get('pii_strict');
-
-// Update sandbox
-await continum.sandboxes.update('pii_strict', {
-  alertThreshold: 'CRITICAL'
+continum.configure({
+  apiKey: process.env.CONTINUM_API_KEY!,
+  preset: 'customer-support',
+  comply: ['GDPR', 'SOC2'],
+  environment: 'production'
 });
 
-// Pause/resume sandbox
-await continum.sandboxes.toggle('pii_strict');
-
-// Delete sandbox
-await continum.sandboxes.delete('old_sandbox');
+// Now use protect() without passing config every time
+const response = await continum.protect(
+  () => openai.chat.completions.create({...})
+);
 ```
 
-### Runtime Metadata Enrichment (NEW in v0.1.0)
-
-Capture runtime context for compliance tracking:
+### Per-Call Configuration
 
 ```typescript
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Process this order' }],
-  metadata: {
+const response = await protect(
+  () => openai.chat.completions.create({...}),
+  {
+    apiKey: process.env.CONTINUM_API_KEY!,
+    preset: 'fintech-ai',
+    comply: ['FINRA', 'SOC2'],
     userId: 'user_123',
-    sessionId: 'sess_abc',
-    applicationContext: 'checkout_flow',
-    userRole: 'customer',
-    ipAddress: req.ip,
-    tags: ['ecommerce', 'payment'],
-    customFields: {
-      orderId: 'order_456',
-      amount: 99.99,
-      currency: 'USD'
-    }
+    sessionId: 'session_456',
+    metadata: { feature: 'chat' }
   }
-});
-
-// Metadata is automatically included in compliance signals
-// View in dashboard: Evidence → Signals → Filter by metadata
-```
-
-## Model Name Format
-
-The SDK uses snake_case model names that get automatically transformed to the correct API format:
-
-### Anthropic Models
-
-```typescript
-// Recommended format - use model family names
-continum.llm.anthropic.opus_4_6.chat()      // → claude-opus-4-6
-continum.llm.anthropic.sonnet_4_6.chat()    // → claude-sonnet-4-6
-continum.llm.anthropic.sonnet_4.chat()      // → claude-sonnet-4-5
-continum.llm.anthropic.haiku_4_5.chat()     // → claude-haiku-4-5-20251001
-continum.llm.anthropic.haiku_3_5.chat()     // → claude-haiku-3-5-20241022
-continum.llm.anthropic.sonnet_3_7.chat()    // → claude-sonnet-3-7-20250219
-
-// Legacy format also supported (v0.0.4+)
-continum.llm.anthropic.claude_3_5_sonnet.chat()  // → claude-3-5-sonnet-20241022
-
-// Alias: claude and anthropic are interchangeable
-continum.llm.claude.opus_4_6.chat()  // Same as anthropic.opus_4_6
-```
-
-### OpenAI Models
-
-```typescript
-continum.llm.openai.gpt_5.chat()       // → gpt-5
-continum.llm.openai.gpt_4o.chat()      // → gpt-4o
-continum.llm.openai.gpt_4_turbo.chat() // → gpt-4-turbo
-continum.llm.openai.o3.chat()          // → o3
-continum.llm.openai.o3_mini.chat()     // → o3-mini
-continum.llm.openai.o1.chat()          // → o1
+);
 ```
 
-### Gemini Models
+## Presets
 
-```typescript
-continum.llm.gemini.gemini_2_5_pro.chat()   // → gemini-2.5-pro
-continum.llm.gemini.gemini_2_5_flash.chat() // → gemini-2.5-flash
-continum.llm.gemini.gemini_2_0_flash.chat() // → gemini-2.0-flash
-continum.llm.gemini.gemini_1_5_pro.chat()   // → gemini-1.5-pro
-```
+Presets automatically configure the right detection types for your use case:
 
-## Architecture
-
-### Two-Tier Protection System
-
-**Guardian (Pre-Execution)**
-- Blocks or redacts threats BEFORE they reach the LLM
-- < 100ms latency with local pattern matching
-- Protects against: Prompt Injection, Data Exfiltration, PII leakage
-- Action: BLOCK (high risk) or REDACT (medium risk)
-
-**Shadow Audit (Post-Execution)**
-- Monitors and logs AFTER LLM responds
-- Zero user-facing latency (fire-and-forget)
-- Detects: Bias, Hallucinations, Compliance violations, Security issues
-- Action: LOG and ALERT (never blocks users)
-
-### Sandbox Types
-
-#### Guardian Sandboxes (Pre-Execution)
-- `PROMPT_INJECTION` - Detect and block prompt injection attacks
-- `DATA_EXFILTRATION` - Prevent sensitive data leakage
-- `PII_DETECTION` - Identify and redact personal information
-- `CONTENT_POLICY` - Enforce content guidelines
-
-#### Shadow Audit Sandboxes (Post-Execution)
-- `BIAS_DETECTION` - Monitor for biased outputs
-- `SECURITY_AUDIT` - Audit security compliance
-- `REGULATORY_COMPLIANCE` - Track regulatory adherence
-- `AGENT_SAFETY` - Monitor agent behavior
-- `HALLUCINATION_DETECTION` - Detect factual inaccuracies
-- `FINANCIAL_COMPLIANCE` - Ensure financial regulations
-- `LEGAL_COMPLIANCE` - Monitor legal compliance
-- `MULTI_TURN_ATTACK` - Detect multi-step attacks
-- `SUPPLY_CHAIN_INTEGRITY` - Verify supply chain security
-- `FULL_SPECTRUM` - Comprehensive monitoring
-- `CUSTOM` - Custom audit rules
+- `customer-support` — PII detection, content policy, bias detection
+- `legal-ai` — PII, legal compliance, hallucination detection, bias
+- `fintech-ai` — PII, financial compliance, security audit, bias
+- `healthcare-ai` — PII, content policy, bias, hallucination detection
+- `coding-assistant` — Security audit, supply chain integrity, prompt injection
+- `agent` — Agent safety, prompt injection, data exfiltration, security
+- `content-generation` — Content policy, bias, hallucination detection
+- `internal-tool` — PII detection, security audit
+- `data-pipeline` — PII, data exfiltration, security audit
+- `education-ai` — Content policy, bias, hallucination detection
 
-## Advanced Configuration
+## Compliance Frameworks
 
-### Organization Context (NEW in v0.1.0)
-
-Configure organization-level features:
+Specify compliance frameworks and get automatic detection configuration:
 
 ```typescript
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  organizationId: 'org_123',
-  accountType: 'ORGANIZATION',
-  apiKeys: { openai: process.env.OPENAI_API_KEY },
+continum.configure({
+  apiKey: process.env.CONTINUM_API_KEY!,
+  comply: ['GDPR', 'HIPAA', 'SOC2']
 });
-
-// Organization context is automatically included in all API calls
-// Enables team-wide pattern sharing and compliance tracking
 ```
 
-### Batch Operations (NEW in v0.1.0)
+Supported frameworks:
+- `GDPR`, `CCPA`, `HIPAA`, `SOC2`, `ISO_27001`
+- `EU_AI_ACT`, `FINRA`, `FCA`, `PCI_DSS`
+- `PDPA`, `PIPEDA`, `UK_DPA_2018`, `NIST_AI_RMF`
 
-Process multiple LLM calls efficiently:
+## Blocking Mode
 
-```typescript
-// Execute multiple calls in parallel
-const results = await continum.batchChat([
-  {
-    provider: 'openai',
-    model: 'gpt_4o',
-    params: {
-      messages: [{ role: 'user', content: 'Analyze sentiment' }],
-      metadata: { batchId: 'batch_1', index: 0 }
-    }
-  },
-  {
-    provider: 'anthropic',
-    model: 'opus_4_6',
-    params: {
-      messages: [{ role: 'user', content: 'Extract entities' }],
-      metadata: { batchId: 'batch_1', index: 1 }
-    }
-  },
-  {
-    provider: 'gemini',
-    model: 'gemini_2_5_pro',
-    params: {
-      messages: [{ role: 'user', content: 'Summarize text' }],
-      metadata: { batchId: 'batch_1', index: 2 }
-    }
-  }
-]);
-
-// All calls execute in parallel with Guardian protection
-// All results are audited in background
-console.log(`Processed ${results.length} calls`);
-```
-
-### Smart Retry with Fallback (NEW in v0.1.0)
-
-Automatic retry and provider fallback:
+By default, `protect()` uses fire-and-forget auditing (zero latency). For high-risk scenarios, use blocking mode:
 
 ```typescript
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: {
-    openai: process.env.OPENAI_API_KEY,
-    anthropic: process.env.ANTHROPIC_API_KEY
-  },
-  retryConfig: {
-    enabled: true,
-    maxAttempts: 3,
-    initialDelayMs: 1000,
-    backoffMultiplier: 2
-  },
-  fallbackConfig: {
-    enabled: true,
-    fallbackOrder: [
-      { provider: 'anthropic', model: 'opus_4_6' },
-      { provider: 'openai', model: 'gpt_4o' }
-    ]
+const response = await protect(
+  () => openai.chat.completions.create({...}),
+  {
+    apiKey: process.env.CONTINUM_API_KEY!,
+    blockOn: 'HIGH' // Block if risk level is HIGH or CRITICAL
   }
-});
-
-// Automatically retries on transient errors
-// Falls back to alternative providers if primary fails
-const response = await continum.smartChat('openai', 'gpt_4o', {
-  messages: [{ role: 'user', content: 'Hello' }]
-});
-
-// Disable retry for specific calls
-const response2 = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello' }],
-  skipRetry: true
-});
+);
 ```
 
-### Guardian Configuration
+This will throw `ContinumBlockedError` if a violation is detected:
 
 ```typescript
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: { openai: process.env.OPENAI_API_KEY },
-  guardianConfig: {
-    enabled: true,              // Enable pre-LLM protection
-    action: 'REDACT_AND_CONTINUE', // Guardian action mode
-    // Options: 'BLOCK_ON_DETECT', 'REDACT_AND_CONTINUE', 'ALLOW_ALL'
-    localOnly: false,           // Use remote ML for complex cases
-    customPatterns: [
-      {
-        name: 'INTERNAL_ID',
-        pattern: /EMP-\d{6}/g,
-        riskLevel: 'HIGH'
-      }
-    ]
+import { protect, ContinumBlockedError } from '@continum/sdk';
+
+try {
+  const response = await protect(
+    () => openai.chat.completions.create({...}),
+    { apiKey: '...', blockOn: 'HIGH' }
+  );
+} catch (error) {
+  if (error instanceof ContinumBlockedError) {
+    console.log('Blocked:', error.signal.violations);
+    console.log('Risk level:', error.signal.riskLevel);
+    console.log('Reasoning:', error.signal.reasoning);
   }
-});
+}
 ```
 
-#### Guardian Action Modes
+## Violation Handlers
 
-- **BLOCK_ON_DETECT**: Block request immediately if any PII is detected
-- **REDACT_AND_CONTINUE**: Redact PII and continue with LLM call (default)
-- **ALLOW_ALL**: Disable Guardian protection (allow everything)
-
-### Shadow Audit Configuration
+React to specific violations in real-time:
 
 ```typescript
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: { openai: process.env.OPENAI_API_KEY },
-  detonationConfig: {
-    enabled: true  // Enable shadow auditing
+continum.configure({
+  apiKey: process.env.CONTINUM_API_KEY!,
+  onViolation: {
+    PII_LEAK: async (signal) => {
+      await sendAlert('PII detected', signal);
+    },
+    PROMPT_INJECTION: async (signal) => {
+      await logSecurityIncident(signal);
+    }
   },
-  strictMirror: false  // Never block users on audit failures
-});
-```
-
-### Per-Call Overrides
-
-```typescript
-// Skip Guardian for this specific call
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello' }],
-  skipGuardian: true
-});
-
-// Skip Shadow Audit for this specific call
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello' }],
-  skipDetonation: true
-});
-
-// Use a different sandbox for this call
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello' }],
-  sandbox: 'strict_pii_detection'
-});
-
-// Skip retry for this call
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello' }],
-  skipRetry: true
-});
-```
-
-## SDK-Exclusive Features
-
-These features are only available in the SDK and cannot be done in the dashboard:
-
-### 1. Runtime Metadata Enrichment
-
-Capture application context at call-time:
-
-```typescript
-import { getCurrentUser, getSessionInfo } from './auth';
-
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: prompt }],
-  metadata: {
-    userId: getCurrentUser().id,
-    userRole: getCurrentUser().role,
-    sessionId: getSessionInfo().sessionId,
-    ipAddress: req.ip,
-    userAgent: req.headers['user-agent'],
-    applicationVersion: process.env.APP_VERSION,
-    environment: process.env.NODE_ENV,
-    customFields: {
-      tenantId: getCurrentUser().tenantId,
-      featureFlags: getActiveFeatureFlags(),
-      requestId: req.id
+  onRiskLevel: {
+    CRITICAL: async (signal) => {
+      await notifySecurityTeam(signal);
     }
   }
 });
 ```
 
-### 2. CI/CD Integration
+## Local Development Mode
 
-Automated compliance checks in pipelines:
+In development, Continum automatically runs local audits without calling the API:
 
 ```typescript
-// In GitHub Actions, Jenkins, etc.
-import { Continum } from '@continum/sdk';
-
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: { openai: process.env.OPENAI_API_KEY }
-});
-
-// Run compliance test suite
-const testResults = await continum.batchChat(
-  testCases.map(test => ({
-    provider: 'openai',
-    model: 'gpt_4o',
-    params: {
-      messages: test.messages,
-      metadata: { testId: test.id, pipeline: 'ci' }
-    }
-  }))
+// Automatically enabled when NODE_ENV=development
+const response = await protect(
+  () => openai.chat.completions.create({...}),
+  { apiKey: '...', preset: 'customer-support' }
 );
 
-// Fail build if any violations detected
-const violations = testResults.filter(r => r.violations?.length > 0);
-if (violations.length > 0) {
-  throw new Error(`${violations.length} compliance violations detected`);
-}
+// Output:
+// [CONTINUM] ✓ audit:clean — LOW — gpt-4 — 45ms
 ```
 
-### 3. Custom Application Logic
-
-Embed compliance in business logic:
+Force local mode:
 
 ```typescript
-async function processOrder(order: Order) {
-  // Only use AI for high-value orders
-  if (order.amount > 1000) {
-    const response = await continum.llm.openai.gpt_4o.chat({
-      messages: [{ role: 'user', content: `Analyze order ${order.id}` }],
-      metadata: {
-        orderId: order.id,
-        amount: order.amount,
-        customerId: order.customerId,
-        riskLevel: order.amount > 10000 ? 'HIGH' : 'MEDIUM'
-      }
-    });
-    
-    // Custom incident handling
-    if (response.violations?.length > 0) {
-      await notifySecurityTeam(response.violations);
-      await createIncident(order.id, response.violations);
-    }
-    
-    return response;
-  }
-}
+continum.configure({
+  apiKey: process.env.CONTINUM_API_KEY!,
+  local: true
+});
 ```
 
-### 4. Multi-Provider Orchestration
+## Multi-Turn Conversations
 
-Runtime provider selection and fallback:
+Track conversations across multiple turns:
 
 ```typescript
-async function smartLLMCall(prompt: string, complexity: 'simple' | 'complex') {
-  try {
-    // Use cheaper model for simple tasks
-    if (complexity === 'simple') {
-      return await continum.llm.openai.gpt_4o_mini.chat({
-        messages: [{ role: 'user', content: prompt }]
-      });
+const sessionId = 'session_' + Date.now();
+
+for (const userMessage of conversation) {
+  const response = await protect(
+    () => openai.chat.completions.create({
+      model: 'gpt-4',
+      messages: [...history, { role: 'user', content: userMessage }]
+    }),
+    {
+      apiKey: process.env.CONTINUM_API_KEY!,
+      sessionId,
+      userId: 'user_123'
     }
-    
-    // Use powerful model for complex tasks
-    return await continum.llm.anthropic.opus_4_6.chat({
-      messages: [{ role: 'user', content: prompt }]
-    });
-  } catch (error) {
-    // Fallback to alternative provider
-    console.warn('Primary provider failed, using fallback');
-    return await continum.llm.gemini.gemini_2_5_pro.chat({
-      messages: [{ role: 'user', content: prompt }]
-    });
-  }
-}
-```
+  );
 
-### 5. Error Handling and Retry Logic
-
-Programmatic control flow:
-
-```typescript
-async function robustLLMCall(prompt: string) {
-  let attempts = 0;
-  const maxAttempts = 3;
-  
-  while (attempts < maxAttempts) {
-    try {
-      return await continum.llm.openai.gpt_4o.chat({
-        messages: [{ role: 'user', content: prompt }]
-      });
-    } catch (error: any) {
-      attempts++;
-      
-      if (error.message?.includes('Guardian blocked')) {
-        // Custom handling for Guardian blocks
-        const sanitized = await sanitizePrompt(prompt);
-        prompt = sanitized;
-      } else if (error.message?.includes('rate limit')) {
-        // Exponential backoff
-        await sleep(Math.pow(2, attempts) * 1000);
-      } else {
-        throw error;
-      }
-    }
-  }
+  history.push({ role: 'assistant', content: response.choices[0].message.content });
 }
 ```
 
-### 6. Batch Processing with Progress
+## Supported Providers
 
-Process large datasets efficiently:
+`protect()` automatically detects and audits calls to:
 
-```typescript
-import { executeBatch } from '@continum/sdk/utils/batch';
-
-const calls = documents.map(doc => ({
-  provider: 'openai' as const,
-  model: 'gpt_4o',
-  params: {
-    messages: [{ role: 'user', content: `Analyze: ${doc.content}` }],
-    metadata: { documentId: doc.id }
-  }
-}));
+- OpenAI (GPT-4, GPT-4o, o1, o3)
+- Anthropic (Claude Opus, Sonnet, Haiku)
+- Google (Gemini Pro, Gemini Flash)
+- Azure OpenAI
+- AWS Bedrock
 
-const results = await executeBatch(
-  calls,
-  call => continum.llm[call.provider][call.model].chat(call.params),
-  {
-    concurrency: 5,
-    onProgress: (completed, total) => {
-      console.log(`Progress: ${completed}/${total}`);
-    }
-  }
-);
+## Advanced Configuration
 
-console.log(`Processed ${results.length} documents`);
-console.log(`Success: ${results.filter(r => r.success).length}`);
-console.log(`Failed: ${results.filter(r => !r.success).length}`);
-```
+### Direct Sandbox Configuration
 
-## Features
+For power users who want full control:
 
-### Core Features
-- **Zero Latency**: Users get responses instantly
-- **Privacy First**: Your API keys never leave your server
-- **Dual Protection**: Guardian blocks threats, Shadow Audit monitors
-- **Comprehensive Detection**: PII, bias, security, prompt injection
-- **Real-time Dashboard**: Monitor violations and compliance
-- **Sandbox Management**: Create and configure sandboxes programmatically
-
-### SDK-Exclusive Features (v0.1.0)
-- **Runtime Metadata Enrichment**: Capture application context at call-time
-- **Batch Operations**: Process multiple LLM calls in parallel
-- **Smart Retry**: Automatic retry with exponential backoff
-- **Provider Fallback**: Automatic failover to alternative providers
-- **CI/CD Integration**: Automated compliance checks in pipelines
-- **Custom Logic Integration**: Embed compliance in business workflows
-- **Multi-Provider Orchestration**: Runtime provider selection
-- **Error Handling**: Programmatic control flow and recovery
-- **Organization Context**: Team-wide pattern sharing and tracking
-- **Offline Mode**: Local pattern matching without API calls
-- **Programmatic Sandbox Management**: CRUD operations for sandboxes
-
-### What Dashboard Does Better
-- Visual data exploration and filtering
-- Manual incident management workflows
-- Team collaboration and approvals
-- Configuration management UI
-- Reporting and analytics dashboards
-- Evidence package generation (manual)
-- Violation viewing and management
-- Pattern approval workflows
-- API key management (security)
-
-### What SDK Does Better
-- Runtime interception and protection
-- Programmatic automation and orchestration
-- CI/CD pipeline integration
-- Custom application logic embedding
-- Batch processing with concurrency control
-- Real-time metadata enrichment
-- Error handling and retry logic
-- Provider fallback and routing
-- Sandbox creation during development
-
-## Use Cases
-
-### 1. E-commerce Platform
 ```typescript
-// Protect customer data in AI-powered support
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: customerQuery }],
-  metadata: {
-    userId: customer.id,
-    orderId: order.id,
-    applicationContext: 'customer_support',
-    tags: ['support', 'order_inquiry']
+continum.configure({
+  apiKey: process.env.CONTINUM_API_KEY!,
+  sandbox: {
+    types: ['PII_DETECTION', 'SECURITY_AUDIT', 'PROMPT_INJECTION'],
+    frameworks: ['GDPR', 'SOC2'],
+    customRules: ['CUSTOM_RULE_1'],
+    region: 'eu-west-1',
+    blockOn: 'HIGH'
   }
 });
 ```
 
-### Healthcare Application
-```typescript
-// HIPAA-compliant AI interactions
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: { openai: process.env.OPENAI_API_KEY },
-  guardianConfig: {
-    action: 'BLOCK_ON_DETECT',
-    customPatterns: [
-      { name: 'MRN', pattern: /MRN[:\s]*\d{6,}/gi, riskLevel: 'HIGH' }
-    ]
-  }
-});
-
-// Always specify sandbox
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: userInput }],
-  sandbox: 'hipaa_compliance'  // Required
-});
-```
+### Error Handling
 
-### 3. Financial Services
 ```typescript
-// Multi-provider with fallback for high availability
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: {
-    openai: process.env.OPENAI_API_KEY,
-    anthropic: process.env.ANTHROPIC_API_KEY
-  },
-  fallbackConfig: {
-    enabled: true,
-    fallbackOrder: [
-      { provider: 'anthropic', model: 'opus_4_6' },
-      { provider: 'openai', model: 'gpt_4o' }
-    ]
+continum.configure({
+  apiKey: process.env.CONTINUM_API_KEY!,
+  onError: (error) => {
+    console.error('Audit error:', error);
+    // Never throws — audit failures don't break your app
   }
 });
 ```
 
-### 4. CI/CD Compliance Testing
-```typescript
-// Automated compliance checks in GitHub Actions
-const testResults = await continum.batchChat(
-  complianceTests.map(test => ({
-    provider: 'openai',
-    model: 'gpt_4o',
-    params: {
-      messages: test.messages,
-      metadata: { testId: test.id, pipeline: 'ci' }
-    }
-  }))
-);
+### Alerts
 
-if (testResults.some(r => r.violations?.length > 0)) {
-  process.exit(1); // Fail build
-}
-```
-
-## Configuration Reference
-
-### ContinumConfig
+Receive compliance violation alerts directly in Slack, PagerDuty, Discord, or custom webhooks without visiting the dashboard:
 
 ```typescript
-interface ContinumConfig {
-  // Required
-  continumKey: string;
-  
-  // API Keys (provide only what you need)
-  apiKeys?: {
-    openai?: string;
-    anthropic?: string;
-    gemini?: string;
-  };
-  
-  // Organization context
-  organizationId?: string;
-  accountType?: 'INDIVIDUAL' | 'ORGANIZATION';
-  
-  // Guardian configuration
-  guardianConfig?: {
-    enabled?: boolean;
-    action?: 'BLOCK_ON_DETECT' | 'REDACT_AND_CONTINUE' | 'ALLOW_ALL';
-    localOnly?: boolean;
-    customPatterns?: Array<{
-      name: string;
-      pattern: RegExp;
-      riskLevel: 'LOW' | 'MEDIUM' | 'HIGH';
-    }>;
-  };
-  
-  // Detonation configuration
-  detonationConfig?: {
-    enabled?: boolean;
-  };
-  
-  // Retry configuration
-  retryConfig?: {
-    enabled?: boolean;
-    maxAttempts?: number;
-    backoffMultiplier?: number;
-    initialDelayMs?: number;
-  };
-  
-  // Fallback configuration
-  fallbackConfig?: {
-    enabled?: boolean;
-    fallbackOrder?: Array<{
-      provider: 'openai' | 'anthropic' | 'gemini';
-      model: string;
-    }>;
-  };
-  
-  // Strict mode
-  strictMirror?: boolean;
-}
-```
-
-### CallOptions
-
-```typescript
-interface CallOptions {
-  // Required
-  messages: Message[];
-  
-  // Optional LLM parameters
-  temperature?: number;
-  maxTokens?: number;
-  systemPrompt?: string;
-  stream?: boolean;
-  tools?: any[];
-  tool_choice?: any;
-  response_format?: any;
-  top_p?: number;
-  frequency_penalty?: number;
-  presence_penalty?: number;
-  stop?: string | string[];
-  reasoning_effort?: 'low' | 'medium' | 'high';
-  
-  // Continum-specific options
-  sandbox?: string;
-  skipGuardian?: boolean;
-  skipDetonation?: boolean;
-  skipRetry?: boolean;
-  
-  // Runtime metadata
-  metadata?: {
-    userId?: string;
-    sessionId?: string;
-    applicationContext?: string;
-    userRole?: string;
-    ipAddress?: string;
-    tags?: string[];
-    customFields?: Record<string, any>;
-  };
-}
-```
-
-## API Reference
-
-### Main SDK Class
-
-#### `new Continum(config: ContinumConfig)`
-Create a new Continum SDK instance.
-
-#### `continum.llm.{provider}.{model}.chat(params: CallOptions): Promise<ChatResult>`
-Execute an LLM call with Guardian protection and Shadow Audit.
-
-#### `continum.batchChat(calls: BatchCallConfig[]): Promise<ChatResult[]>`
-Execute multiple LLM calls in parallel.
-
-#### `continum.smartChat(provider, model, params): Promise<ChatResult>`
-Execute an LLM call with automatic retry and fallback.
-
-#### `continum.scanPrompt(prompt, options?): Promise<GuardianResult>`
-Manually scan a prompt for PII before sending to LLM.
-
-#### `continum.shadowAudit(sandbox, triplet): void`
-Manually trigger a shadow audit (fire-and-forget).
-
-### Utility Functions
-
-#### `executeBatch(calls, executor, options): Promise<BatchResult[]>`
-Execute batch calls with concurrency control and progress tracking.
-
-#### `retryWithBackoff(fn, options): Promise<T>`
-Retry a function with exponential backoff.
-
-### Types
-
-See [Type Definitions](./src/types/index.ts) for complete type reference.
-
-## Environment Variables
-
-```bash
-# Required
-CONTINUM_KEY=your_continum_key
-
-# Provider API Keys (provide only what you need)
-OPENAI_API_KEY=your_openai_key
-ANTHROPIC_API_KEY=your_anthropic_key
-GEMINI_API_KEY=your_gemini_key
-
-# Optional: Enable debug logging
-CONTINUM_DEBUG=true
+continum.configure({
+  apiKey: process.env.CONTINUM_API_KEY!,
+  alerts: {
+    slack: process.env.SLACK_WEBHOOK_URL,
+    pagerduty: process.env.PAGERDUTY_KEY,
+    discord: process.env.DISCORD_WEBHOOK_URL,
+    webhook: process.env.CUSTOM_WEBHOOK_URL
+  }
+});
 ```
 
-## Migration Guide
+Alerts are automatically routed by risk level:
+- **CRITICAL** violations → PagerDuty (if configured)
+- **HIGH/CRITICAL** violations → Slack (if configured)
+- **MEDIUM/LOW** violations → Discord (if configured)
+- **All violations** → Custom webhook (if configured)
 
-### From v0.0.5 to v0.1.0
+For detailed alert configuration, see the [Alert Setup Guide](../../docs/alert-setup-guide.md).
 
-No breaking changes! All new features are opt-in.
+## Migration from v1
 
-**New features you can adopt:**
+If you're using the old SDK:
 
-1. **Runtime Metadata**:
 ```typescript
-// Before
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello' }]
+// Old (v1)
+const continum = new Continum({
+  continumKey: process.env.CONTINUM_KEY,
+  apiKeys: { openai: process.env.OPENAI_API_KEY }
 });
 
-// After (optional)
-const response = await continum.llm.openai.gpt_4o.chat({
-  messages: [{ role: 'user', content: 'Hello' }],
-  metadata: { userId: 'user_123', sessionId: 'sess_abc' }
+const response = await continum.llm.openai.gpt_4.chat({
+  messages: [...]
 });
 ```
 
-2. **Batch Operations**:
 ```typescript
-// Before
-const results = await Promise.all([
-  continum.llm.openai.gpt_4o.chat({...}),
-  continum.llm.anthropic.opus_4_6.chat({...})
-]);
-
-// After (better)
-const results = await continum.batchChat([
-  { provider: 'openai', model: 'gpt_4o', params: {...} },
-  { provider: 'anthropic', model: 'opus_4_6', params: {...} }
-]);
-```
+// New (v2)
+import { protect } from '@continum/sdk';
+import OpenAI from 'openai';
 
-3. **Smart Retry**:
-```typescript
-// Before
-let result;
-for (let i = 0; i < 3; i++) {
-  try {
-    result = await continum.llm.openai.gpt_4o.chat({...});
-    break;
-  } catch (error) {
-    if (i === 2) throw error;
-    await sleep(1000 * Math.pow(2, i));
+const openai = new OpenAI();
+
+const response = await protect(
+  () => openai.chat.completions.create({
+    model: 'gpt-4',
+    messages: [...]
+  }),
+  {
+    apiKey: process.env.CONTINUM_API_KEY!,
+    preset: 'customer-support'
   }
-}
+);
+```
 
-// After (automatic)
-const continum = new Continum({
-  continumKey: process.env.CONTINUM_KEY!,
-  apiKeys: { openai: process.env.OPENAI_API_KEY },
-  retryConfig: { enabled: true, maxAttempts: 3 }
-});
+Benefits of v2:
+- Use official provider SDKs directly
+- Zero-latency by default
+- Automatic sandbox resolution
+- Preset-based configuration
+- Local dev mode
+
+## TypeScript Support
 
-const result = await continum.llm.openai.gpt_4o.chat({...});
-// Retries automatically!
+Full TypeScript support with comprehensive types:
+
+```typescript
+import type {
+  RiskLevel,
+  ViolationCode,
+  ComplianceFramework,
+  Preset,
+  AuditSignal
+} from '@continum/sdk';
 ```
 
-## Documentation
+## License
 
-- [Setup Guide](https://docs.continum.co/setup)
-- [API Reference](https://docs.continum.co/api)
-- [Examples](https://docs.continum.co/examples)
+MIT
 
 ## Support
 
-- [GitHub Issues](https://github.com/Continum-Agency/continum-sdk/issues)
-- [Documentation](https://docs.continum.co)
-- Email: support@continum.co 
+- Documentation: https://docs.continum.co
+- Dashboard: https://app.continum.co
+- Email: support@continum.co