npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@jcil/cli

v2.14.0

Published

Project Culpepper — the Grok-native autonomous coding agent xAI hasn't shipped yet. Idea to deployed in under two minutes.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

themusashimaruthemusashimaru

Keywords

aiagentsterminalautomationclaude

Readme

Project Culpepper

The Grok-native autonomous coding agent xAI hasn't shipped yet. So Matt Marren built it.

Idea-to-deployed in under two minutes — real GitHub, real Vercel, real production. Feature-complete enough to use today, open-source enough for xAI to fork tomorrow.

npm install -g @jcil/cli
jcil

Why this exists

xAI has not shipped a first-party autonomous coding agent for Grok. Project Culpepper is what one looks like when you build it from first principles using Grok 4.2 Reasoning under the hood and the architectural patterns from Anthropic's Claude Code as the scaffolding.

It is not affiliated with xAI. It is what one developer built while waiting for the official version. If xAI ships one tomorrow, fork this and take what's useful. Until then, this is the placeholder — and the placeholder already ships real apps to real production.

What it actually does

In one prompt, autonomously:

  • Reads, writes, edits, and refactors source files
  • Runs shell commands, builds projects, runs tests, fixes failures, re-runs
  • Spins up background processes (dev servers, builds, deploys) and monitors them
  • Drives your local CLI ecosystem to push code, file issues, open and merge PRs, and deploy to production
  • Generates documents, spreadsheets, images, and videos
  • Spawns focused, hard-isolated sub-agents for parallel work
  • Speaks the standard external-tool-server protocol — drop-in compatible with the entire ecosystem
  • Tracks its own work in a persistent task queue, checkpoints to disk when budgets are reached, and resumes across sessions

Built for overnight runs

Most coding agents make you sit there and watch. Culpepper is built for the opposite use case: set a budget, hand it a brief, walk away. It works while you sleep. When the budget runs low it warns at 75%, slows down at 90%, and gracefully checkpoints to disk at 100% so you can pick up exactly where it left off in the morning.

You can also drive it from a cron job, CI script, or shell pipeline:

# One-shot, headless, JSON output for piping into other tools
jcil --prompt "review the diff and post a summary to #eng" \
     --budget 5 \
     --format json

The showcase

You: Build and ship a "Quote of the Day" service.
     API + tests + landing page + deploy + repo + tracking issue.
[~80 seconds, autonomous]

  * Source repo created and pushed
  * Live in production at a public URL
  * Tracking issue filed with the URL
  * Tests written and passing
  * Server, landing page, deploy config all verified

Real run. Real platforms. Real cleanup afterward.

Two ways to run it

Culpepper has two tiers, and you can switch between them at any time.

Managed mode (recommended for most users)

Sign in with your JCIL.AI account on first launch. No API key required. Billed through JCIL with full session, rate-limit, and cost safety nets in place.

jcil

BYOK mode (for power users)

Bring your own xAI API key. Hit api.x.ai directly with no markup, no JCIL session, and no rate limits beyond xAI's own quota. Your key, your bill, your unlimited overnight runs.

export XAI_API_KEY=xai-...
jcil --byok                    # interactive
jcil --byok --prompt "..."     # headless

How it compares on cost

Grok 4.2 Reasoning powers it: roughly 7-12× cheaper than Claude Opus 4.6 ($2 input + $6 output per 1M tokens vs $15 + $75) with comparable autonomy depth. The full end-to-end production showcase costs about a dollar.

Quick start

npm install -g @jcil/cli
jcil

Sign in on first launch, then talk to it. Or:

jcil resume <session-id>       # resume a saved session
jcil --prompt "..."            # one-shot headless run
jcil --help                    # all flags

Common commands inside the REPL

Type /help for the full list. Most-used:

/auto              autonomous mode (requires explicit confirmation)
/budget 5          cap session spend; auto-checkpoint when reached
/save              manually save a session checkpoint
/sessions          list saved sessions
/resume <id>       resume a saved session
/tasks             persistent task queue
/cost              running session cost
/exit              quit

Security

Culpepper is built for autonomous agents handling real credentials on real machines. The stack includes:

  • A multi-tier permission model that requires explicit confirmation for autonomous operation
  • A command and path validator that blocks destructive and credential-exfiltration patterns
  • SSRF and DNS-rebinding protection on every outbound request
  • Subprocess credential scrubbing
  • Hard tool restrictions for sandboxed sub-agents (filtered at the API boundary, not just the prompt)
  • Indirect prompt-injection detection on file and URL contents
  • Loop guards and runaway-call detection
  • An append-only audit log of every tool call

Specific defense details are intentionally not documented here.

Verification

The release process runs a full test arsenal — unit tests, capability tests, real engineering scenarios, real platform integration against GitHub and Vercel, an end-to-end MCP test against the official filesystem server, the budget mode + checkpoint resume test, and an idea-to-deployed showcase — all green before publish.

Author

Matt Marren · [email protected]

License

MIT