npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@araskovalabs/cerberus

v0.2.1

Published

Cerberus — terminal-first agentic security framework by Araskova Labs.

Readme

Cerberus OSS — AI Security Runtime with Global Brain

Built by Araskova Labs

Cerberus is an autonomous security runtime for AI-native developers. It sits inside every project you work on, learns from every finding across every project on your machine, and evolves into a personalized security expert calibrated to your exact stack, patterns, and risk tolerance.

The Difference From Generic Security Tools

| Generic Security Tool | Cerberus | |---|---| | Same advice for everyone | Calibrated to your specific codebase | | Resets to zero each session | Persistent memory across all projects | | Hallucinated findings | Evidence-backed, verifiable findings | | No governance | Policy gates before any intrusive action | | No agent integration | Any AI agent reads .cerberus/CERBERUS.md | | Static rules | Reinforcement learning from your feedback |


🚀 Quick Start

Via NPM (recommended):

npm install -g @araskovalabs/cerberus

Via Cargo:

cargo install cerberus-cli

1. One-time setup

cerberus setup          # configure your LLM provider
cerberus init           # initialise .cerberus/ in your project

cerberus init creates:

.cerberus/
├── CERBERUS.md    ← agent contract — commit this to your repo
├── policy.toml    ← security policy for this project
└── state.db       ← project findings database

CERBERUS.md is the key file. Every AI agent (Antigravity, Cursor, Claude Code, Gemini CLI) that reads it instantly gets current project security state — open findings, what to check before making changes, and how to interact with Cerberus. Works exactly like .prettierrc or .eslintrc.

2. Scan your code

cerberus review .              # review uncommitted changes
cerberus review . --fix        # review + auto-patch vulnerabilities
cerberus review . --ci         # CI mode (structured text output)

3. Verify and train the brain

cerberus findings list                              # view open findings
cerberus verify --finding <id> --evidence "note"   # confirm real finding
cerberus feedback sql-injection --confirmed false   # mark false positive
cerberus learn                                      # feed to global brain

4. See what the brain has learned

cerberus status     # global brain stats across all projects
cerberus profile    # your operator security profile

🧠 The Global Brain

Cerberus maintains a machine-wide SQLite database at ~/.cerberus/brain.db that accumulates knowledge across every project you work on.

How it learns:

  1. Every cerberus review records which vulnerability patterns were detected
  2. When you confirm a finding → that pattern gets a higher confidence score
  3. When you mark a false positive → confidence drops in that context
  4. When you fix a vulnerability → the fix pattern is stored in memory
  5. Next project: confirmed patterns from project A boost confidence in project B

The learning formula is simple reinforcement learning:

new_confidence = old_confidence + 0.1 × (reward − old_confidence)

Where reward = 1.0 (confirmed) or 0.0 (false positive). After ~50 interactions, Cerberus stops being generic and becomes calibrated to you.


🦀 Why Rust?

Rust is not just a performance choice — it is an architectural enforcement mechanism:

  • Policy gates are Rust match statements — the LLM cannot bypass them
  • Brain confidence updates are Rust functions — not prompt instructions the model can ignore
  • Evidence must be attached before verification — enforced by the type system
  • SQLite via rusqlite (bundled) — zero dependencies, no server, single file on disk
  • tokio async — reconnaissance, policy checks, and tool execution run in parallel

🏗 Architecture

crates/
  cerberus-brain     Global RL engine — ~/.cerberus/brain.db
  cerberus-cli       Terminal interface, all commands, CERBERUS.md generator
  cerberus-core      Agent kernel, mission data, plan execution
  cerberus-memory    Project-level SQLite state (per-project .cerberus/state.db)
  cerberus-policy    Risk levels, policy gates, approval workflow
  cerberus-llm       LLM provider connectors (OpenAI, Anthropic, Ollama)
  cerberus-gateway   Telegram and WhatsApp operator bridges

🔑 Bring Your Own Model (BYOM)

Cerberus is completely LLM agnostic:

  • Anthropic / Claude — deep semantic analysis
  • OpenAI / GPT-4o — test script generation
  • Ollama (local) — zero data leaves your machine

🏢 Licensing (Open Core)

| Tier | What's included | |---|---| | OSS | Full brain engine, CLI, review/fix/verify workflow, global brain | | Pro | Operator console, fleet-wide dashboards, compliance packs (SOC2, HIPAA, PCI-DSS), federated brain sync |