npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@agentkeychain/cli

v0.1.0

Published

Command-line tool to credential autonomous agents against AgentKeychain.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

mnakadamnakada

Keywords

agentkeychainauthoauthagentcli

Readme

@agentkeychain/cli

Bootstrap autonomous agents (OpenClaw, Claude Code, Devin, custom) against AgentKeychain without copy-pasting tokens.

npm install -g @agentkeychain/cli
akc login

This opens a browser to AgentKeychain, you click Authorize, a one-time code lands on a short-lived 127.0.0.1 callback the CLI is listening on, and the CLI trades it for an agent refresh token. The token is written to ~/.agentkeychain/tokens.json (mode 0600). Your autonomous agent reads from that file via the @agentkeychain/agent SDK.

The default flow is RFC 8252 + PKCE — the same pattern used by gcloud auth login, gh auth login, and stripe login.

Commands

  • akc login — authorize a new agent on this machine (loopback flow, falls back to device flow automatically when loopback binding fails)
  • akc login --device — force the RFC 8628 device flow (see below)
  • akc status — show the current agent ID and token state
  • akc logout — delete the local credential file

Headless environments: akc login --device

On machines without a browser or where loopback ports can't be bound (EC2, Docker containers, CI runners, SSH sessions), the loopback flow doesn't work. Pass --device (or let the CLI auto-fall-back) to use the RFC 8628 device authorization grant instead — the same pattern gh auth login uses on headless machines:

$ akc login --device

To authorize this CLI, visit:
  https://agentkeychain.com/device

and enter code:  BCDF-GHJK

(or open: https://agentkeychain.com/device?user_code=BCDF-GHJK)

Waiting for approval…

You open the URL in any browser (on your laptop, phone, wherever you can sign in), type the 8-letter code, and approve. The CLI polls until the server confirms, then writes tokens as usual. The two machines never talk to each other directly — each one independently talks to AgentKeychain.

Phishing-resistance

The consent page on /device displays the requester IP and a client hint (hostname@platform) for the machine that ran akc login --device. If someone DMs you a user_code and asks you to approve it, those fields will show a machine that isn't yours — cancel in that case. The page includes an explicit warning: "Only approve if YOU started this process."

Env vars

  • AKC_AUTH_SERVER — auth server URL. Default: https://agentkeychain.com.
  • AKC_DASHBOARD_URL/cli-login page URL. Defaults to AKC_AUTH_SERVER. Only set this if the dashboard is on a different origin from the API (e.g. local dev).

Local dev

AKC_AUTH_SERVER=http://localhost:3000 \
AKC_DASHBOARD_URL=https://app.lvh.me:5173 \
  node dist/index.js login