npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@cynicalsally/cli

v0.1.1

Published

Brutally honest code reviews. Because 'You're absolutely right' is probably absolutely wrong.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

thomasgeelensthomasgeelens

Keywords

code-reviewcliailinterroastcynical-sallydeveloper-toolscode-quality

Readme

Your AI pair programmer is lying to you. Sally isn't.

She's the senior engineer your code hoped it'd never meet. Scores from 0 to 10, real issues backed by evidence, and fixes you can actually use.

Works as a CLI tool and as an MCP server in Claude Code, Cursor, and Windsurf.

Install

npm install -g @cynicalsally/cli

Or run without installing:

npx @cynicalsally/cli roast ./src/

Requirements: Node.js 18+

Privacy Notes

  • Directory scans and repo reviews send selected code to the Sally backend for analysis.
  • Only review code you are allowed to upload.
  • Sensitive files such as .env, SSH keys, certs, and common credential files are skipped, but you should still avoid scanning secrets on purpose.
  • Local reports and cached results may be written to .sally/ in your project or ~/.sally/ on your machine.
  • Add .sally/ to your .gitignore and do not commit review artifacts.
.sally/

Quick Start

# Sally auto-detects what to review
sally roast
# → staged changes? reviews those
# → unstaged changes? reviews those
# → recent commit? reviews that
# → nothing? scans the directory

# Roast a file or directory
sally roast src/utils/auth.ts
sally roast ./src/

# Roast staged changes before you commit
sally roast --staged

# Compare your branch against main
sally roast --diff main

# Deep analysis with issues + actionable fixes
sally roast ./src/ -m full_truth

# Run deep analysis in the background (OS notification when done)
sally roast ./src/ -m full_truth --bg

Roast Options

sally roast [paths...] [options]

  --staged              Review only staged git changes
  --diff <branch>       Compare against another branch (e.g., main)
  -m, --mode <mode>     "quick" (default) or "full_truth" (deep dive)
  --tone <tone>         "cynical" (default), "neutral", or "professional"
  --lang <lang>         Response language code (default: "en")
  --json                Output raw JSON (for piping or scripting)
  --fail-under <score>  Exit code 1 if quality score is below threshold
  --ci                  CI mode: compact output, exit codes
  --bg                  Run Full Truth in background, get OS notification when done

Explain

Sally reads the spaghetti someone left in your codebase and translates it into plain English. Just the cold, clear truth of what it actually does.

sally explain src/utils/auth.ts

# Pipe code directly
cat legacy-module.js | sally explain

# Explain the current directory
sally explain

Refactor

Before and after, side by side. Sally explains why one of them is going to haunt your 3am on-call rotation.

sally refactor src/components/Dashboard.tsx

# Refactor current directory
sally refactor

PR Review

Sally reviews your PR like a senior engineer who has time, opinions, and absolutely no reason to be polite.

# Review PR #42 (requires GitHub CLI)
sally review-pr 42

# Review current branch vs main
sally review-pr

# Pipe a diff
git diff main | sally review-pr

Brainstorm

Pitch your architecture idea and Sally tells you the three ways it falls apart at scale. Cheaper than a post-mortem.

sally brainstorm "Microservices for a 2-person team?"

# Brainstorm about the current project
sally brainstorm

Frontend Review

Sally tells you why your component re-renders on every keystroke and why your z-index is load-bearing.

sally frontend src/components/Header.tsx

# Review all frontend code in a directory
sally frontend ./src/

Marketing Review

Run your copy by Sally before your customers do. They won't be this constructive about it.

sally marketing "Ship faster with AI-powered code reviews"

# Review your README and landing page copy
sally marketing README.md

Every tool accepts file paths, raw text, or piped stdin. Each includes 1 free trial, no account needed.

CI/CD Integration

Gate your pipeline on code quality:

# GitHub Actions
- name: Sally Code Review
  run: npx @cynicalsally/cli roast ./src/ --fail-under=5 --ci

--ci gives compact output with exit codes. --fail-under fails the build when the score drops below your threshold. Add --json for machine-readable output.

MCP Server

Sally works as an MCP server inside Claude Code, Cursor, and Windsurf.

Claude Code

claude mcp add cynical-sally -- npx @cynicalsally/cli mcp

Cursor

Add to ~/.cursor/mcp.json (global) or .cursor/mcp.json (per project):

{
  "mcpServers": {
    "cynical-sally": {
      "command": "npx",
      "args": ["@cynicalsally/cli", "mcp"]
    }
  }
}

Windsurf

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "cynical-sally": {
      "command": "npx",
      "args": ["@cynicalsally/cli", "mcp"]
    }
  }
}

Available tools

| MCP Tool | What it does | |----------|-------------| | sally_roast | Code review with score, issues, and fixes | | sally_explain | Explain code with Sally's personality | | sally_review_pr | Review PR diffs | | sally_refactor | Refactoring suggestions with before/after | | sally_brainstorm | Feedback on ideas and approaches | | sally_frontend | Frontend/UI code review | | sally_marketing | Marketing copy review | | sally_usage | Check quota and account status |

Run sally mcp in your terminal to see setup instructions.

All Commands

| Command | Description | |---------|-------------| | sally roast [paths...] | Review files, directories, or git changes | | sally explain [file] | Explain what code actually does | | sally refactor [file] | Refactoring with before/after code | | sally review-pr [pr] | Review a PR diff | | sally brainstorm "idea" | Feedback on ideas and approaches | | sally frontend [file] | Frontend/UI code review | | sally marketing "copy" | Marketing copy review | | sally login <email> | Log in via magic link | | sally logout | Clear stored session | | sally usage | Check your quota and account status | | sally upgrade | Upgrade to Sally's Full Suite | | sally results | View background review results | | sally mcp | MCP server setup instructions |

Free to Use

90 free roasts per month, no account needed. Every premium tool includes a free trial.

sally usage     # Check your quota
sally upgrade   # Unlock the Full Suite

Privacy & Security

  • Code is transmitted over HTTPS and processed in real-time
  • No source code is stored on our servers. Ever.
  • Analysis results are tied to an anonymous device ID
  • Full Suite members can optionally link an email for account features
  • Config stored locally at ~/.sally/config.json

For full details: cynicalsally.com/privacy

Contributing

Found a bug or have a feature idea? Open an issue. Sally promises to only judge your issue title a little.

License

MIT