npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@firstpick/pi-extension-safety-guard

v0.2.4

Published

Interactive guardrails for dangerous bash commands and protected file edits in Pi.

Readme

pi-extension-safety-guard

Interactive safety prompts for high-risk operations in Pi.

Safety guard confirmation prompt

What it does

  • Intercepts risky bash commands and requires confirmation.
  • Intercepts write/edit on protected paths and requires confirmation.
  • In non-interactive mode, blocks risky operations with explicit reasons.
  • Can be toggled per session with /safety-guard on|off|status.
  • Supports exact allow entries for the current session or permanently per cwd.

Guarded command categories

Git destruction / history rewriting

Examples:

  • git reset --hard
  • git reset --soft, git reset --mixed, git reset --merge, git reset --keep
  • git reset HEAD~..., git reset HEAD^..., git reset <commit>
  • git clean -f, including git clean -fd / git clean -xdf
  • git checkout -- <path>, git switch ..., and git restore ...
  • git branch -d/-D, git tag -d
  • git push --force, git push --force-with-lease
  • git push --delete, git push :refs/heads/...
  • git rebase, including interactive rebases
  • git commit --amend, git commit --fixup, git commit --squash
  • git filter-branch, git filter-repo
  • git replace, git update-ref
  • git notes remove, git notes prune
  • git reflog expire, git gc --prune, git prune

Filesystem deletion / overwrite

Examples:

  • recursive or force rm
  • rm targeting /, ~, $HOME, ., or globs
  • find ... -delete
  • find ... -exec rm ...
  • xargs ... rm
  • truncate -s 0
  • shred
  • dd
  • mkfs, wipefs, parted, fdisk, sfdisk, sgdisk

Docker / Podman destruction

Examples:

  • docker rm, docker rmi
  • docker volume rm, docker volume prune
  • docker system prune
  • docker compose down -v / --volumes
  • docker-compose down -v / --volumes
  • podman rm, podman rmi, podman system prune

Package removal

Examples:

  • npm uninstall/remove/rm/prune
  • pnpm remove/prune
  • yarn remove/autoclean
  • bun remove
  • pip uninstall, uv remove, cargo remove
  • pacman -R, paru -R, yay -R
  • apt remove/purge/autoremove, dnf remove

System state / permissions

Examples:

  • sudo
  • shutdown, reboot, poweroff
  • systemctl stop/disable/mask/restart
  • killall, pkill, kill -9
  • mount, umount, swapon, swapoff
  • recursive chmod / chown
  • chmod 777
  • setfacl
  • common fork-bomb signature

Dangerous SQL

Examples:

  • DROP DATABASE, DROP SCHEMA
  • DROP TABLE, DROP INDEX
  • TRUNCATE / TRUNCATE TABLE
  • DELETE FROM ... without WHERE
  • UPDATE ... SET ... without WHERE
  • ALTER TABLE ... DROP COLUMN/CONSTRAINT

SQL rules are matched against the full bash command, including heredoc bodies, so database client calls like psql <<SQL ... SQL can still be guarded.

Secret file access

Examples of commands that may reveal or copy secrets are prompted when targeting sensitive files:

  • cat, grep, rg, awk, sed, cp
  • .env, .env.*, .git-credentials, auth.json
  • id_rsa, id_ed25519
  • .npmrc, .pypirc, .netrc
  • .aws/credentials, .aws/config, .kube/config
  • .config/gh/hosts.yml, .config/gcloud/...
  • *.pem, *.key, *.p12, *.kdbx

Protected paths

write and edit prompts are triggered for sensitive paths including:

  • .ssh/
  • .git-credentials
  • auth.json
  • id_rsa, id_ed25519, and matching .pub files
  • .env, .env.*, .envrc
  • .npmrc, .pypirc, .netrc
  • .kube/config
  • .aws/credentials, .aws/config
  • .config/gh/hosts.yml
  • .config/gcloud/
  • *.pem, *.key, *.p12, *.kdbx

Install

pi install npm:@firstpick/pi-extension-safety-guard

Configuration

No required configuration.

Permanent allows are stored in:

~/.pi/agent/safety-guard-allow.json

Allow entries are exact matches scoped to the current working directory:

  • bash: exact command string + cwd
  • write/edit: resolved protected path + cwd

When a guard prompt appears, choose one of:

  • Block
  • Allow once
  • Allow for this session
  • Always allow in this cwd

Commands

/safety-guard status
/safety-guard on
/safety-guard off
/safety-guard allow-list
/safety-guard allow-clear-session
/safety-guard allow-clear-permanent

When disabled, the status bar shows 🔓!.

allow-list shows both session and permanent entries. allow-clear-session clears only the in-memory list. allow-clear-permanent empties the persisted allow file.

Tools

None.

Example view

!git reset --hard
Safety guard: high-risk git command detected
Allow this command?  No / Yes

edit .env
Safety guard: protected path detected (.env)
Allow edit?  No / Yes

The guard adds a pause before risky shell commands or sensitive file edits, while still letting you proceed intentionally.