npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@neurosec/sentry

v1.0.15

Published

NeuroShield Sentry — host-level agent protection daemon. Detects and blocks malicious AI agent actions at the OS level.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

support_neurosecsupport_neurosec

Keywords

ai-securityagent-securityllm-guardneurosecneuroshieldmcp-securityai-governance

Readme

NeuroShield Sentry

Host-level agent protection daemon. Detects AI agent processes running on your infrastructure, sandboxes them with kernel-level isolation, and enforces policies on filesystem access, network egress, syscalls, and skill/tool execution.

npm install -g @neurosec/sentry
neuroshield-sentry setup
sudo neuroshield-sentry install

How It Works

The Sentry daemon runs on each host and connects to your NeuroSec security platform:

  1. Discovery — scans /proc/* for processes matching agent framework signatures (LangChain, CrewAI, Claude Code, MCP, AutoGen, etc.)
  2. Sandbox — applies cgroups v2 (CPU/memory limits), seccomp (syscall allowlist), and Landlock (filesystem path restrictions) to each agent process
  3. Enforcement — evaluates every file access, network connection, and syscall against policy. Monitor mode = log-only. Enforce mode = block violations. Quarantine mode = kill on repeat offenses
  4. Skill Authorization — detects tool definitions from MCP manifests, env vars, and process args. High-risk skills (shell exec, file write, database queries) require approval or are blocked
  5. Audit — all decisions are logged as JSON Lines with auto-rotation and SIEM-ready format

Quick Start

# Install globally
npm install -g @neurosec/sentry

# Interactive setup (prompts for NeuroSec URL, org ID, token)
neuroshield-sentry setup

# Or non-interactive for automation
neuroshield-sentry setup \
  --org=org_abc123 \
  --token=nst_yourtoken \
  --mode=enforce \
  --url=https://api.neurosec.ai

# Install as system service (systemd on Linux, launchd on macOS)
sudo neuroshield-sentry install

# Check status
neuroshield-sentry status

# View real-time enforcement decisions
neuroshield-sentry logs -f

# Start the daemon manually
sudo neuroshield-sentryd

CLI Reference

| Command | Description | |---------|-------------| | setup | Generate sentry.yaml configuration | | install | Install system service (systemd/launchd) | | status | Show daemon status and active processes | | logs | Tail the audit log (-f to follow, -n 100 for lines) | | version | Print version | | help | Show usage |

Local API

When running, the daemon exposes a local HTTP API on 127.0.0.1:9191:

GET  /api/v1/status         — Daemon status
GET  /api/v1/processes      — Tagged agent processes
GET  /api/v1/processes/:pid — Single process detail
GET  /api/v1/decisions      — Recent enforcement decisions
GET  /api/v1/policy         — Active policy
POST /api/v1/policy/reload  — Force policy sync
GET  /api/v1/approvals      — Pending skill approvals
POST /api/v1/approve/:id    — Approve a skill invocation
POST /api/v1/deny/:id       — Deny a skill invocation

Requirements

  • Linux (kernel 5.4+ for cgroups v2, seccomp, Landlock) or macOS (Ventura+)
  • Node.js >= 20
  • Systemd (Linux) or launchd (macOS) for service installation
  • Root/sudo access for sandbox (cgroups, seccomp) and /proc scanning

Configuration

Config is at /etc/neuroshield/sentry.yaml. Key settings:

neurosec:
  endpoint: "https://api.neurosec.ai"
  org_id: "your-org-id"
  token_path: /etc/neuroshield/sentry.token

enforcement:
  mode: "monitor"   # monitor | enforce | quarantine

All settings are also configurable via environment variables (NEUROSEC_ORG_ID, SENTRY_ENFORCEMENT_MODE, etc.)

Platform Backends

| Feature | Linux | macOS | |---------|-------|-------| | Cgroups CPU/memory limits | ✓ cgroups v2 | — | | Seccomp syscall filtering | ✓ BPF | — | | Landlock FS restrictions | ✓ kernel 5.13+ | — | | Seatbelt sandbox profile | — | ✓ sandbox-exec | | Endpoint Security monitor | — | ✓ ES framework | | Process discovery (/proc) | ✓ | limited | | Network monitoring | ✓ nftables/iptables | ✓ pf |

Kubernetes

Deploy as a DaemonSet for per-node enforcement:

kubectl apply -f https://raw.githubusercontent.com/neurosec-ai/neurosec/main/packages/sentry/k8s/daemonset.yaml