npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@fozooni/exo

v0.1.1

Published

A strict, type-safe Exoskeleton for AI Agents. Wraps functions into Tools with runtime validation, risk management, and automatic schema generation for OpenAI and Anthropic.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

fozoonifozooni

Keywords

aiagentllmsafetytoolsfunction-callingopenaianthropicvercellangchainzodvalidationtypescriptstructured-outputs

Readme

Why Exo?

AI Agents are unpredictable. They hallucinate arguments, ignore safety rails, and make it difficult to understand what went wrong.

Exo provides a strictly typed, deterministic security layer for your AI tools. Every input is validated, every high-risk action requires permission, and every execution is observable—regardless of which SDK you use.

Features

  • 🛡️ Deterministic Safety — Role-based access control with HIGH/MEDIUM/LOW risk levels and human-in-the-loop confirmation flows.
  • 🔌 Universal Adapters — Works seamlessly with OpenAI SDK, Vercel AI SDK, and LangChain.
  • 👁️ Observability — Zero-dependency lifecycle hooks for logging latency, errors, and custom telemetry.
  • 🔒 Type-Safe — Built on Zod with full TypeScript inference for both inputs and outputs.
  • Lightweight — No external runtime dependencies beyond Zod.

Quick Start

npm install @fozooni/exo zod
import { z } from "zod";
import { createExoTool, RiskLevel } from "@fozooni/exo";

const weatherTool = createExoTool({
  name: "get_weather",
  description: "Gets the current weather for a city.",
  schema: z.object({
    city: z.string().describe("The city name"),
  }),
  executor: async ({ city }) => {
    return { city, temperature: 22, conditions: "sunny" };
  },
  config: {
    riskLevel: RiskLevel.LOW,
  },
});

// Execute directly
const result = await weatherTool.execute({ city: "Istanbul" });
console.log(result.data); // { city: 'Istanbul', temperature: 22, conditions: 'sunny' }

// Or get OpenAI-compatible spec
const spec = weatherTool.getOpenAISpec();
// Use with: openai.chat.completions.create({ tools: [spec] })

Advanced Usage

High-Risk Tools with Role-Based Access

const deleteDatabase = createExoTool({
  name: "delete_database",
  description: "Permanently deletes a database. DANGEROUS.",
  schema: z.object({ confirm: z.literal(true) }),
  executor: async () => ({ deleted: true }),
  config: {
    riskLevel: RiskLevel.HIGH, // Requires admin role
  },
});

// ❌ Throws RiskViolationError
await deleteDatabase.execute(
  { confirm: true },
  { user: { id: "1", role: "guest" } },
);

// ✅ Works
await deleteDatabase.execute(
  { confirm: true },
  { user: { id: "1", role: "admin" } },
);

Vercel AI SDK Integration

import { Exo, toVercelTool } from "@fozooni/exo";
import { streamText } from "ai";

const exo = new Exo([weatherTool, searchTool]);

// Get all tools as Vercel-compatible object
const tools = exo.getVercelTools();

const result = await streamText({
  model: openai("gpt-4o"),
  tools,
  messages,
});

Instant Debugging with Console Logger

import { createExoTool, createConsoleLogger } from "@fozooni/exo";

const tool = createExoTool({
  name: "my_tool",
  schema: z.object({}),
  executor: async () => ({ ok: true }),
  config: {
    hooks: createConsoleLogger(),
  },
});

await tool.execute({});
// [EXO] ▶ START my_tool {}
// [EXO] ✓ SUCCESS my_tool (0.42ms)

OpenAI Structured Outputs (Strict Mode)

// Generate schema with additionalProperties: false
const strictSpec = weatherTool.getOpenAISpec({ strict: true });

API Reference

Core Classes

| Export | Description | | ----------------- | --------------------------------------------------------------- | | ExoTool | Main tool class with validation, execution, and spec generation | | Exo | Registry for managing multiple tools | | createExoTool() | Factory function with better type inference |

Adapters

| Export | Description | | ------------------- | ------------------------------------------------- | | toVercelTool() | Convert to Vercel AI SDK format | | toLangChainTool() | Convert to LangChain DynamicStructuredTool format |

Errors

| Export | Description | | --------------------------- | --------------------------------------------------------- | | ValidationError | Thrown when arguments fail Zod validation | | RiskViolationError | Thrown when a HIGH risk tool is called without permission | | ConfirmationRequiredError | Thrown when confirmation is needed |

Roadmap

  • [x] Middleware pipeline for pre/post processing
  • [x] Built-in rate limiting
  • [ ] Telemetry integrations (OpenTelemetry, Datadog)
  • [ ] Tool versioning and deprecation support

Contributing

Contributions are welcome! Please read our contributing guidelines and submit a PR.

git clone https://github.com/fozooni/exo.git
cd exo
npm install
npm test

License

MIT © Fozooni