AuthorityLayer is organized as a small npm workspace around a single published core package.
packages/core/src/: core runtime, CLI, enforcement primitives, integrity helpers, and typesexamples/: runnable examples and minimal integration flowsdocs/: concepts, enforcement, API, integrity, and contributor notestests/: workspace smoke testssrc/: contributor-facing source map for the top-level workspace
The package exposes three main integration points:
AuthorityLayer: runtime controller configured with enforcement primitivesauthority.wrap(fn): run boundary that resets per-run stateauthority.tool(name, fn): tool-call boundary used by loop guard and rate limitingauthority.recordSpend(usd): explicit cost-reporting hook for budget enforcement
The design keeps limits explicit and local. Callers decide what tools are available, when human approval is required, and how spend is calculated.