Installation

Veto supports two integration modes. Choose the one that fits your setup.

Claude Code Plugin

The plugin installs as a Claude Code plugin that intercepts tool calls before execution.

Prerequisites

  • Claude Code installed and working
  • Python 3.8+ (uses only stdlib — no pip dependencies)
  • A Veto account with an API key (from Settings → API Keys in the dashboard)

Install the plugin

Install from the Claude Code plugin marketplace:

Linux / macOS:

/plugin marketplace add damhau/veto-claude-plugin
/plugin install veto-linux

Windows:

/plugin marketplace add damhau/veto-claude-plugin
/plugin install veto-windows

Then run the setup command:

/veto:setup

This will prompt you for:

  1. API key — your Veto API key from the dashboard
  2. Fail policyopen (allow on error) or closed (deny on error)

Configuration is saved to ~/.veto/config.json.

Configuration options

FieldDefaultDescription
server_urlhttps://api.vetoapp.ioVeto server URL
api_keyYour Veto API key from the dashboard
fail_policyopenWhat to do when the server is unreachable: open (allow) or closed (deny)
timeout25Request timeout in seconds

How the plugin works

The plugin registers a PermissionRequest hook in Claude Code. Every tool call is intercepted before execution and sent to the Veto API for evaluation. The server returns allow, deny, or ask (escalate to human review).

Verify the installation

/veto:status

This checks the connection to the server and reports the active rule count.

LLM Proxy

Veto includes a built-in LLM proxy powered by LiteLLM. It intercepts tool calls in the LLM response stream before they reach the coding agent, enforcing your rules at the network level. No plugin required — any tool that supports a custom base URL works out of the box.

The proxy is already deployed as part of Veto (both SaaS and self-hosted). You just need to enable it and configure your coding tool.

Step 1 — Enable the proxy

In the Veto dashboard, go to Settings → LLM Proxy and click Enable LLM Proxy.

Choose a mode:

ModeHow it worksBest for
PassthroughUsers keep their own API keys (e.g. Claude Max). The proxy forwards their credentials to the upstream provider.Teams where each developer has their own subscription
BYOKThe org provides LLM API keys. All users share the org's keys via a virtual key.Teams with a shared Anthropic/OpenAI account

You can switch between modes at any time from the dashboard.

Step 2 — Get your proxy key

Passthrough mode: Each user generates a personal proxy key from Settings → LLM Proxy Keys in the dashboard.

BYOK mode: A virtual key is shown once when you enable the proxy. Copy it immediately — it won't be shown again. You can rotate it from the dashboard at any time.

Step 3 — Configure Claude Code

Passthrough mode — users keep their own ANTHROPIC_API_KEY and route through the proxy:

export ANTHROPIC_BASE_URL="https://proxy.vetoapp.io"
export ANTHROPIC_CUSTOM_HEADERS="x-litellm-api-key: Bearer <your-proxy-key>"

BYOK mode — users replace their API key with the virtual key:

export ANTHROPIC_API_KEY="<your-virtual-key>"
export ANTHROPIC_BASE_URL="https://proxy.vetoapp.io"

For self-hosted deployments, replace https://proxy.vetoapp.io with your LiteLLM proxy URL (default: http://localhost:4000).

Configure other tools

The proxy is compatible with any tool that supports a custom base URL:

Aider (Passthrough):

export ANTHROPIC_API_BASE="https://proxy.vetoapp.io"
export ANTHROPIC_EXTRA_HEADERS="x-litellm-api-key: Bearer <your-proxy-key>"
aider --model anthropic/claude-sonnet-4-20250514

Aider (BYOK):

export ANTHROPIC_API_KEY="<your-virtual-key>"
export ANTHROPIC_API_BASE="https://proxy.vetoapp.io"
aider --model anthropic/claude-sonnet-4-20250514

Cursor (BYOK): In Cursor Settings → Models → OpenAI API Key:

  • API Key: <your-virtual-key>
  • Base URL: https://proxy.vetoapp.io

How the proxy works

  1. The coding tool sends a request through the Veto proxy to the LLM provider
  2. The LLM response streams back through the proxy
  3. The guardrail intercepts the stream:
    • Text-only responses — passed through immediately (zero added latency)
    • Tool call responses — buffered, evaluated against your Veto rules, then either forwarded (allowed) or replaced with a denial message (blocked)
  4. Keepalive pings are sent during evaluation to prevent connection timeouts

Self-hosted deployment

See the Architecture page for the full deployment topology. Veto can be deployed via Docker Compose or Kubernetes.

Docker Compose (quickstart)

cp .env.example .env
# Edit .env with your settings
docker-compose up -d

This starts:

  • PostgreSQL — database
  • Redis — caching and sessions
  • Veto Server — FastAPI backend (port 8000)
  • Dashboard — Next.js frontend (port 3000)
  • LiteLLM Proxy — with Veto guardrail (port 4000)