npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@axiorank/coding-guard

v0.1.2

Published

Govern AI coding agents (Claude Code, Cursor, Codex, GitHub Copilot CLI) from a hook. It blocks dangerous tool calls locally and offline (destructive commands, secret exfiltration, prompt-injected tool results), then optionally reports the session to Axio

Readme

@axiorank/coding-guard

Govern your AI coding agents the same way AxioRank governs production agents.

coding-guard is a hook for Claude Code, Cursor, OpenAI Codex CLI, and GitHub Copilot CLI. On every tool-call lifecycle event the agent hands the action to the guard, which scores it with the AxioRank detection engine and answers allow, deny, or ask in the agent's own response format. It blocks the things you do not want an autonomous agent doing on your machine:

  • destructive commands (rm -rf, git push --force, DROP TABLE, curl ... | sh)
  • secret exfiltration (a command or file write that ships an API key, token, or .env)
  • prompt-injected tool results (a poisoned MCP reply or fetched page steering the agent, the "agentjacking" class of attack)

Local blocking runs fully offline with no API key and no signup. Add an API key and the guard also reports the session to AxioRank, applies your workspace's real policy, and mints a signed Coding Session Seal you can verify offline.

Install

# wire the guard into this repo's coding-agent configs (idempotent)
npx -y @axiorank/coding-guard init

That merges a hook entry into .claude/settings.json (Claude Code), .codex/hooks.json (Codex), .cursor/hooks.json (Cursor), and .github/hooks/copilot-cli-policy.json (Copilot CLI). Each command carries an explicit --agent so the session is labeled correctly (Codex and Claude Code share an event schema). Prefer to paste it yourself?

npx -y @axiorank/coding-guard print

Cursor users: instead of editing .cursor/hooks.json by hand, install the AxioRank Cursor plugin (packages/cursor-plugin/), which ships these governance hooks plus a governance rule, the AxioRank MCP server, and /verify-seal + /governance commands as a first-class, one-click Cursor plugin.

How it decides

The guard reuses @axiorank/detectors, the exact engine AxioRank's hosted gateway runs, so a coding agent is held to the same default posture as a production agent: deny on a live secret, deny on a destructive operation, deny at risk >= 75, and ask for review in the 50 to 74 band. A deny blocks the call; an ask prompts you in the editor; everything else proceeds.

Central reporting + Coding Session Seal (optional)

Set an API key and the guard reports each governed call to your AxioRank workspace:

export AXIORANK_API_KEY="axr_live_..."

Now the session shows up under Coding Sessions in the dashboard, raises alerts on high-risk activity, and applies your workspace policy (which can only tighten the local decision, never loosen a local block). When the agent finishes, the guard mints a Coding Session Seal: an Ed25519-signed, offline-verifiable attestation of how many tool calls were governed, how many were blocked, which detector categories fired, and a Merkle root over the session's audit log. It is written to <repo>/.axiorank/session-<id>.seal.json.

Verify it with no trust in AxioRank:

npx -y @axiorank/audit-verify coding-seal .axiorank/session-*.seal.json

Session seals require a Team plan or higher. Local blocking is always free.

Configuration

| Env var | Default | Purpose | | --- | --- | --- | | AXIORANK_API_KEY | unset | Report sessions centrally and mint seals. Unset = local-only. | | AXIORANK_BASE_URL | https://app.axiorank.com | Your AxioRank deployment. | | AXIORANK_CODING_GUARD_TIMEOUT_MS | 2500 | Timeout for the central call (fails open on timeout). | | AXIORANK_CODING_GUARD_DISABLE_REMOTE | unset | Force local-only mode even with a key set. |

Design notes

  • Fail-open. A crash, a malformed payload, or an unreachable gateway never blocks the editor. Security tightening comes from explicit deny verdicts, not from the guard failing closed.
  • No raw secrets leave your machine. The detectors redact in place; only the redacted payload is ever reported, exactly like the SDK.
  • Local-first blocking. The local verdict is authoritative for blocking even when offline; the central call can only add stricter org rules.

MIT licensed. Part of AxioRank.