Developers > Docs > Hello world integration

Hello world integration

TrigGuard is execution authorization infrastructure for AI agents. This page shows the smallest Express path that enforces deterministic decisions: PERMIT, DENY, or SILENCE.

1Install packages

npm install \
+@trigguard/execution-sdk \
+@trigguard/intent-sdk \
+@trigguard/surface-registry \
+@trigguard/express-middleware

2Run a minimal middleware gate

import express from "express";
+import { trigguardMiddleware } from "@trigguard/express-middleware";
+import { defineSurface } from "@trigguard/surface-registry";
+
+const app = express();
+app.use(express.json());
+
+const spendCommit = defineSurface({
+  id: "payments.spendCommit",
+  description: "Commit outbound payment"
+});
+
+app.post("/payments/commit",
+  trigguardMiddleware({
+    surface: spendCommit,
+    onDecision: (decision) => {
+      if (decision !== "PERMIT") return;
+      throw new Error(`Execution denied by TrigGuard: ${decision}`);
+    }
+  }),
+  (_req, res) => {
+    res.json({ ok: true, committed: true });
+  }
+);
+
+app.listen(3000, () => console.log("listening on :3000"));

3Decision contract

Decision	Outcome
PERMIT	Execution proceeds.
DENY	Execution stops.
SILENCE	No authorization; execution stops.

Keep this mapping explicit in integration code. Do not model decisions with alternate terms.

Navigate by protocol surface

Protocol Architecture Quickstart Offline verify Governance Request access

Execution semantics

TrigGuard enforces authorization before irreversible work happens.

PERMIT -> execution proceeds

DENY -> execution stops

SILENCE -> no authorization; execution stops

At a glance

Deterministic: same request + same policy = same decision
Fail-closed: anything except PERMIT blocks execution
Verifiable: decisions are signed and offline-verifiable
Minimal integration: add middleware/SDK, keep your stack