npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@blocksifr/cortextrace

v0.1.1

Published

Know what a PR or repo can now execute before merge. CortexTrace scans production paths, workflow authority, identity expansion, rollback gaps, and emits shareable evidence reports.

Readme

CortexTrace

CortexTrace governs the right to cause consequence inside software delivery.

The product promise is:

Check authority. Govern consequence. Prove execution.

CortexTrace is the public product for Agentic Software Execution Governance: it discovers dangerous software-delivery execution paths, evaluates whether a human, agent, workflow, credential, or automation has authority to perform a specific action against a specific resource, and produces evidence of the decision and result.

The model is not the security boundary. The execution boundary is.

Fast Start

Run a no-setup scan in any repo:

npx -y @blocksifr/cortextrace scan
npx -y @blocksifr/cortextrace scan --out cortextrace-report.md
npx -y @blocksifr/cortextrace scan --badge

The free scan tells you whether a repo or PR contains production execution paths, workflow authority expansion, OIDC token issuance, public exposure, destructive commands, rollback gaps, or AI/agent-authored high-consequence changes.

The paid wedge starts when teams need the result to affect the workflow:

  • GitHub PR comments
  • team policy
  • hosted signed receipts
  • approval routing
  • evidence retention
  • enforce mode
  • BlockSiFr Runtime Authority handoff

Subscribe: https://cortextrace.io/pricing?src=readme

Authority Check

Every consequential action starts with an Authority Check.

An Authority Check evaluates:

  • actor
  • agent or workload
  • execution intent
  • requested action
  • target resource
  • input trust
  • identity
  • credential
  • authority source
  • context
  • risk
  • consequence
  • policy
  • approval state
  • evidence
  • time validity

It returns an enforceable decision:

  • ALLOW
  • CONSTRAIN
  • STEP_UP
  • DENY
  • ESCALATE
  • THROTTLE
  • REVOKE

Valid identity is not valid authority. Valid token is not valid authority. Trusted application is not valid authority. Approved model is not valid authority.

Untrusted input may influence analysis. It must not inherit authority to read, export, publish, modify, approve, merge, deploy, or execute against protected resources.

Public Demonstration

CortexTrace includes a GitLost-class reference scenario:

Public GitHub issue
-> untrusted content is introduced
-> agentic workflow consumes the content
-> agent operates with private repository or organization access
-> agent attempts to read protected source code
-> agent attempts to export or publish protected data
-> CortexTrace detects authority expansion
-> Authority Check returns DENY or STEP_UP
-> Execution Exchange enforces the decision
-> protected data is not released
-> ExecutionReceipt proves what occurred

The failure is not merely prompt injection. It is untrusted-context contamination combined with privilege inheritance, authority confusion, excessive credential scope, missing execution control, absent independent authorization, and failure to evaluate consequence.

Demo page: https://cortextrace.io/gitlost-demo

Run the fixture locally:

npx -y @blocksifr/cortextrace scan examples/gitlost-class-demo

Expected scan output:

  • recommendedDecision: DENY
  • authorityCheckGaps greater than 0
  • gitlost_class_path finding present
  • protected actions include source.read_private, data.export, and authority.check.required

Product Packages

CortexTrace Scan

  • repository discovery
  • workflow discovery
  • agentic execution indicators
  • identity and credential findings
  • execution exposure map
  • authority-gap findings
  • read-only assessment
  • remediation guidance

CortexTrace Protect

  • real-time Authority Checks
  • Runtime Authority decisions
  • constraints
  • step-up
  • deny
  • revocation
  • enforcement connectors
  • NullEdge Shield integration where applicable

CortexTrace Evidence

  • ExecutionReceipts
  • artifact provenance
  • compliance export
  • audit evidence
  • forensic reconstruction
  • retention controls

CortexTrace Enterprise

  • multi-organization administration
  • IdP and SCIM
  • SIEM and ITSM
  • private deployment
  • MSP/MSSP controls
  • advanced policy
  • data residency

Architecture Records

Zero Trust controlled who could connect.

Runtime Authority controls what may execute.

CortexTrace is the GitHub-native Runtime Authority wedge for AI-assisted engineering, GitHub Actions, CI/CD, Terraform, Bicep, autonomous agents, and non-human identity execution.

Provenance proves where code came from.

Authority decides whether it may act.

[!IMPORTANT] Protected Execution must fail closed when Runtime Trust, Authority Evaluation, Execution Consequence Intelligence, or Execution Receipt generation is unavailable in enforce mode.

Repo access is not authority.

A passing pipeline is not proof of trust.

Authenticated execution is not authorized execution.

CortexTrace is the GitHub-native Protected Execution surface for BlockSiFr Runtime Authority Infrastructure. It evaluates Runtime Trust, Execution Consequence Intelligence, authority boundaries, and evidence before merge, deploy, or release. It emits Execution Receipts that prove the Execution Decision.

GitHub shows the diff. CortexTrace shows what can now execute because of it.

BlockSiFr is the Runtime Authority Infrastructure company. Execution Exchange mediates Protected Execution. Runtime Authority decides. CortexTrace brings that gate to GitHub.

Category Demos

The CortexTrace surface exists to support three category demos:

  1. Malicious execution denied.
  2. Legitimate execution allowed.
  3. Legitimate authenticated execution denied because it exceeded authority boundaries.

Hero sentence:

This package was legitimate.

The action was not authorized.

Execution was stopped before it ran.

The receipt proves it.

Runtime Positioning

AI agents, developers, contractors, workflows, and pipelines can all change software. Repo access alone cannot prove authority.

Sensitive changes can alter workflows, signing logic, dependencies, infrastructure, IAM, policy, or deployment paths before anyone has a trusted record of why the change was allowed.

The enterprise must move from "who had access?" to "was this execution authorized at the moment it mattered?"

CortexTrace evaluates sensitive changes, produces Execution Receipts, enforces required evidence, and blocks unauthorized changes from becoming trusted software.

What It Is

CortexTrace is:

  • Runtime Authority OSS wedge.
  • Runtime Trust visibility layer.
  • Execution Consequence Intelligence engine.
  • GitHub-native Protected Execution surface.
  • deny-before-execution and deny-before-deploy proof rail.

What It Is Not

CortexTrace is not:

  • issue-detection tooling.
  • a telemetry product.
  • generic DevSecOps reporting.
  • a compliance certification product.
  • a package trust score.
  • a lint layer.

Architecture Flow

GitHub identity
  -> provenance evidence
  -> Runtime Trust
  -> Execution Consequence Intelligence
  -> Authority Evaluation
  -> Execution Decision
  -> Execution Receipt

Execution Exchange receives governed execution events in hosted or Proof Mode.

Safety Guarantees

  • Enforce mode fails closed when authority evidence is missing.
  • Protected paths require attestation before merge.
  • Terraform and Bicep changes receive infrastructure consequence modeling.
  • Credential-accessible execution receives deny-before-execution treatment.
  • Execution Receipts bind evidence, decision, hash, and receipt integrity.

Enforcement Modes

cortextrace xray --mode xray
cortextrace xray --mode observe
cortextrace xray --mode enforce-local
cortextrace xray --mode governed-team
cortextrace xray --mode enterprise

Governed Team and Enterprise modes require hosted configuration. Without credentials, the CLI fails safely:

Governed Team mode requires a BlockSiFr API key. Run in X-Ray Mode locally or configure BLOCKSIFR_API_KEY to enable hosted enforcement.

10-Minute Buyer Path

Until the npm package is published, run CortexTrace from the public source checkout:

git clone https://github.com/BlockSiFr/cortextrace.git
cd cortextrace
npm install
npm run build
npm run demo:protected-execution
node dist/cli.js verify

That path runs the real Protected Execution gate through the three Runtime Authority category demos, emits signed local Execution Receipts, and verifies the latest receipt signature.

Real Execution Examples

cortextrace run -- npm test
cortextrace run -- terraform plan
cortextrace run -- terraform apply
cortextrace verify

Example ECI language:

  • This execution would create credential-accessible CI execution paths.
  • This execution would permit destructive infrastructure mutation.
  • This execution would expand privilege or secret-accessible runtime authority.

Production Mode

Production Protected Execution requires hosted configuration:

  • BLOCKSIFR_API_KEY
  • Proof Mode signing
  • GitHub App installation
  • repository policy
  • receipt retention

Operational Commands

cortextrace init
cortextrace run -- npm test
cortextrace findings
cortextrace attest findings --finding <finding_id> --status remediated --evidence "what changed"
cortextrace verify-attestations --mode merge-gate
cortextrace report
cortextrace verify

Environment Variables

BLOCKSIFR_API_KEY=
GITHUB_TOKEN=
CORTEXTRACE_MODE=oss

Demo

npm run demo:protected-execution runs the three category demos through local Authority Evaluation:

| Demo | Action | Runtime Trust | Execution Decision | Execution Consequence Intelligence | |---|---|---|---|---| | Malicious execution denied | installMaliciousPackage | UNTRUSTED | DENY | This execution would run untrusted package code inside credential-accessible CI before authority could be established. | | Legitimate execution allowed | runUnitTests | TRUSTED | ALLOW | This execution would run authorized validation without mutating production, secrets, identity, or deployment state. | | Hero category moment | terraformProdIamExpansion | TRUSTED | DENY | This execution would expand production IAM authority beyond the deployment grant and permit destructive infrastructure mutation. |

The hero receipt proves that identity was authenticated, provenance was valid, Runtime Trust was trusted, and execution was denied because the action crossed the production IAM authority boundary.

Example Output

CortexTrace Agent X-Ray

CortexTrace Protected Execution runs the three Runtime Authority category demos.
X-Ray Mode performs local Authority Evaluation and emits signed local Execution Receipts.

Demo                                 Action                       Runtime Trust Execution Decision Execution Consequence Intelligence
malicious-execution-denied           installMaliciousPackage      UNTRUSTED   DENY     This execution would run untrusted package code inside credential-accessible CI before authority could be established.
legitimate-execution-allowed         runUnitTests                 TRUSTED     ALLOW    This execution would run authorized validation without mutating production, secrets, identity, or deployment state.
hero-authority-boundary-denied       terraformProdIamExpansion    TRUSTED     DENY     This execution would expand production IAM authority beyond the deployment grant and permit destructive infrastructure mutation.

Hero sentence:
This package was legitimate.
The action was not authorized.
Execution was stopped before it ran.
The receipt proves it.

Receipts

Every CortexTrace run emits a local Execution Receipt under .cortextrace/receipts/.

OSS receipts are signed local proof:

  • signatureStatus: "valid"
  • hostedStatus: "local_only"
  • billable: false
  • signature.algorithm: "Ed25519"

Proof Mode provides signed retained receipts.

Receipts include Runtime Trust, provenance signals, authority boundary, Execution Decision, Execution Consequence Intelligence, evidence, decision reason, policy reference, receipt hash, previous receipt hash, and Ed25519 signature for local verification.

Governance Semantics

Legitimate is not authorized.

Authority governs execution.

Receipts prove the decision.

Finding Attestation Gate

CortexTrace does not only report risky AI-assisted work. It can require an attestation before push or merge proceeds. Critical findings, secrets, dependency changes, protected paths, and missing validation evidence become governed merge conditions.

Use the gate locally or in GitHub required checks:

cortextrace findings
cortextrace attest findings --finding <finding_id> --status remediated --evidence "what changed" --verification "npm test && npm run build"
cortextrace verify-attestations --mode merge-gate

Every merge decision is traceable to findings, attestations, policy, and receipt integrity.

Evidence Preview

CortexTrace Compliance Evidence Preview explains:

  • what changed
  • what can now execute
  • what operational consequence was introduced
  • what evidence exists
  • what is missing
  • whether the receipt is OSS-local or Proof Mode signed

OSS Mode provides local evidence preview. Proof Mode provides signed receipts, retention, team policy, customer reports, SIEM/GRC export, and MSP/MSSP multi-tenant management.

Free vs Paid

| Layer | Customer Promise | What It Does | |---|---|---| | CortexTrace Agent X-Ray | See what your AI agents can do before they do it. | Run Protected Execution demos with signed local Execution Receipts and GitHub-native proof. | | Governed by BlockSiFr | Stop unauthorized agent actions before they execute. | Enforce Runtime Authority, deny unauthorized actions, route approvals, apply shared policy, and retain hosted signed receipts. | | Execution Exchange | One authority layer for autonomous actions across the enterprise. | Route protected execution requests across GitHub, MCP, CI/CD, cloud, SaaS, and business systems. |

Governed by BlockSiFr turns X-Ray findings into enforced authority controls. It supports pre-execution blocking, approval routing, shared team policy, GitHub PR checks, hosted signed receipts, and cross-repo visibility.

Execution Exchange is the enterprise authority layer for autonomous execution. Every governed action becomes a decision, a receipt, and an auditable proof event. GitHub Actions and GitHub PRs are the wedge. Execution Exchange is the infrastructure.

Architecture

Agent / SDK / tool
  -> Governed wrapper
  -> Execution request
  -> Authority decision
  -> Execution receipt
  -> Usage event
  -> Execution Exchange
  -> TTP trust layer

Execution Exchange binds governed execution to:

  • EERS, the Execution Evidence Receipt Schema
  • SCIM-RE identity, authority, attestation, and decision objects
  • TTP, the portable trust layer

Security and Privacy

OSS mode does not send telemetry by default.

Secrets must never be printed. Environment variable values, tokens, keys, credentials, passwords, and secret-like values are redacted from user-facing errors.

Receipts must redact sensitive values. Paid-ready fields may exist, but they do not falsely claim hosted verification.

Enforcement paths fail closed when required policy cannot be loaded. X-Ray and observe modes can fail open because they are discovery modes, not enforcement modes.

Compliance language is evidence support only. CortexTrace supports audit-ready evidence and can support SOC 2, ISO 27001, NIST, FFIEC, SOX, HIPAA, and EU AI Act evidence workflows when configured in enterprise mode. It is not a certification claim.

Roadmap

  • Hosted receipts
  • GitHub App checks
  • Approvals
  • Shared policy
  • Execution Exchange routing
  • TTP-backed trust verification

MSP/MSSP Founding Partner Program

BlockSiFr offers a $15,000 six-month Founding Partner Program for MSPs and MSSPs launching GitHub-native AI engineering governance as a managed service.

The program includes up to 10 customer tenants, 50 protected GitHub repos, CortexTrace reports, FrontDesk partner portal access, customer policy packs, step-up approvals, monthly evidence exports, and Proof Mode signed receipt preview.

For MSPs, CortexTrace becomes the evidence engine behind a billable managed governance service.

MSP/MSSP Partner Use

This product is part of the BlockSiFr Managed Execution Governance rail for MSSPs and MSPs.

Partners use it to help customers govern AI agents, GitHub workflows, MCP tools, PR risk, and protected execution before action occurs.

Free mode proves value locally. Team and Enterprise modes enable hosted receipts, team policy, approval routing, and compliance evidence.