npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@nik1t7n/context-firewall

v0.3.0

Published

Local-first context firewall for coding agents

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

nik1t7nnik1t7n

Keywords

Readme

Context Firewall

Stop wasting agent context on terminal noise.

Coding agents waste scarce context on terminal noise: logs, diffs, test output, and search results crowd out the code they need to understand.

Context Firewall solves this by giving agents the compact signal and keeping raw evidence available for precise retrieval, saving up to 94.6% of noisy command context for useful work.

Rust 2024 Local First Agent Ready License

Less noise in context. More room for the work.

Real release audit: 300k raw tokens became 16k agent-visible tokens while every full command output stayed retrievable on disk.

The Problem

Coding agents are powerful until your context gets filled with junk:

  • 500 lines of test output to find one failed assertion
  • giant rg results where only the file map matters
  • huge diffs pasted into the model again and again
  • logs, generated files, lockfiles, snapshots, and JSON blobs
  • repeated commands that say the same thing twice

Every wasted token competes with the code, plan, bug, or decision you actually needed the agent to understand.

Context Firewall puts a clean boundary between command output and agent context.

What It Does

Your command
    |
    v
cfw run -- cargo test
    |
    +-- stores full stdout/stderr locally
    |
    +-- returns the useful summary to the agent
    |
    +-- gives you a span handle for exact retrieval

The agent sees the signal. You keep the evidence.

Need the full command reference? See the usage guide. Maintaining releases? Follow the release protocol.

Features

  • Less context waste: agents see the useful part of tests, diffs, searches, logs, and big files instead of the whole wall of output.
  • Full evidence stays safe: raw stdout/stderr is kept locally, so the agent can pull the exact proof later.
  • Automatic routing: supported agents can route noisy commands through Context Firewall without relying on memory or discipline.
  • Searchable history: find the error, line, JSON value, or old command output without rerunning the command.
  • Clear value numbers: see how many tokens were saved, which commands burn context, and whether agents are actually using the tool.
  • Self-improving workflow: Context Firewall can point out repeated misses and suggest better project rules.
  • Update reminders: the CLI can check the latest release and nudge users when a newer version is available.
  • Works with real coding noise: tests, diffs, search results, logs, JSON, Docker, Kubernetes, Terraform, TypeScript, ESLint, and GitHub CLI output.
  • Local by default: no cloud account, no hosted proxy, no raw output loss.

Quick Start For Agents

If you are a human, paste this prompt into the coding agent you use for your repo. If you are the agent, read it and execute it.

Set up Context Firewall for this repository.

Goal: from now on, route noisy terminal output through Context Firewall so I
keep compact signal in context and raw stdout/stderr on disk for exact
retrieval.

1. Check whether `cfw` is installed:
   - Run `cfw --version`.
   - If it works, continue.
   - If it is missing, install it through the first real path available here:
     - In the Context Firewall source checkout: `cargo install --path crates/cfw-cli`
     - macOS/Linux after release: `brew install nik1t7n/tap/cfw`
     - npm/npx after release: `npm install -g @nik1t7n/context-firewall`
     - GitHub release installer:
       `curl --proto '=https' --tlsv1.2 -LsSf https://github.com/nik1t7n/context-firewall/releases/latest/download/cfw-installer.sh | sh`
     - Windows PowerShell after release:
       `irm https://github.com/nik1t7n/context-firewall/releases/latest/download/cfw-installer.ps1 | iex`
   - Do not pretend it worked. If every real install path fails, stop and
     report the exact blocker.

2. Install the adapter for the agent host you are running in:
   - Codex wrapper guidance: `cfw install codex --write-agents`
   - Codex hook-native rewrite where supported:
     `cfw install codex --mode hook-native --write-agents`
   - Gemini CLI: `cfw install gemini`
   - Antigravity: `cfw install antigravity`
   - Claude Code: `cfw install claude`
   - Cursor: `cfw install cursor`
   - Unknown or generic agent: `cfw install agent`

3. Verify the setup:
   - Run `cfw receipt --json`.
   - If MCP tools are available, call `cfw_receipt`.
   - Confirm that `cfw_run`, `cfw_show`, `cfw_search`, `cfw_gain`,
     `cfw_discover`, `cfw_session`, `cfw_spans`, and `cfw_receipt` are
     available, or that `cfw run -- <command>` works from the shell.

4. Use Context Firewall from now on:
   - Tests: `cfw_run` or `cfw run -- cargo test`
   - Search: `cfw_run` or `cfw run -- rg -n "TODO|FIXME" .`
   - Diffs: `cfw_run` or `cfw run -- git diff`
   - Logs and large files: `cfw_run` or `cfw run -- cat app.log`

5. When exact output is needed:
   - List spans: `cfw_spans` or `cfw spans`
   - Retrieve lines: `cfw_show` or `cfw show <span-id> --lines 120:180`
   - Search raw evidence: `cfw show <span-id> --grep "panic" --around 3`
   - Extract JSON: `cfw show <span-id> --json-path '$.errors[0]'`
   - Check savings: `cfw_gain`, `cfw_session`, or `cfw receipt --json`

Context Firewall uses MCP over stdio, so compatible agent clients can run cfw mcp locally and call the tools directly.

Agent Integrations

Context Firewall speaks MCP and ships installers that agents can run inside the project they are working on.

# Generic AGENTS.md instructions
cfw install agent

# Gemini CLI: .gemini/settings.json + GEMINI.md
cfw install gemini

# Google Antigravity: project config + local Antigravity MCP configs
cfw install antigravity

# Claude Code: .mcp.json + AGENTS.md + CLAUDE.md import
cfw install claude

# Cursor: .cursor/mcp.json + .cursor/rules/context-firewall.mdc + AGENTS.md
cfw install cursor

All MCP clients connect to the same local server:

cfw mcp

Tools exposed over MCP:

| Tool | Purpose | | --- | --- | | cfw_run | run commands without flooding context | | cfw_show | pull exact proof from stored output | | cfw_search | search previous command output | | cfw_gain | show saved context | | cfw_discover | find commands that waste context | | cfw_session | show adoption and quality | | cfw_spans | list recent command outputs | | cfw_receipt | show token accounting |

The Aha Moment

Instead of feeding the agent a wall of output:

README.md:...
INSTALL.md:...
crates/cfw-cli/src/main.rs:...
crates/cfw-cli/tests/cli.rs:...
... hundreds of lines ...

Context Firewall returns the shape of the result:

[context-firewall: search summary]
files matched: 18
raw match lines: 318

README.md
  3:# Context Firewall
  40:Context Firewall puts a clean boundary...

crates/cfw-cli/src/main.rs
  10:use cfw_core::receipt::{...}
  54:Run a guided local command...

[context-firewall]
span: cfw://span/019ecaf492c07370a55c6943fc98021b
raw: 26,989 bytes, estimated 6,748 tokens
returned: 4,353 bytes, estimated 1,089 tokens
full output stored locally
[/context-firewall]

If the agent needs more, it asks for the exact span lines instead of rerunning the command or flooding the conversation.

Outstanding In A Real Agent Run

Measured on this repository with the public cfw 0.1.0 release.

The benchmark used the kind of noisy commands agents actually run during a release audit: repo-wide search, a full release patch, cargo metadata, source file dumps, workspace tests, clippy, and GitHub Actions job JSON.

| Run | Raw estimated tokens | Agent-visible tokens | Saved | Reduction | | --- | ---: | ---: | ---: | ---: | | Direct CFW benchmark | 300,794 | 16,448 | 284,346 | 94.53% | | Codex CLI agent | 300,156 | 16,073 | 284,083 | 94.65% | | Gemini CLI agent | 300,191 | 16,097 | 284,094 | 94.64% |

That is the point: the agent keeps the compact signal in context, and the full raw stdout/stderr stays on disk for exact cfw show <span-id> retrieval.

One standout span:

cargo metadata --format-version 1 --all-features
raw:      160,887 estimated tokens
returned:   5,617 estimated tokens
saved:    155,270 estimated tokens

Why Developers Use It

| Without Context Firewall | With Context Firewall | | --- | --- | | Agent context fills with command noise | Agent sees compact, task-relevant output | | Raw evidence disappears into scrollback | Raw evidence is stored locally | | Repeated commands waste more tokens | Duplicate output can collapse to a handle | | Big diffs and logs derail the turn | Summaries stay readable | | Debugging requires reruns | Exact lines are retrievable by span |

Built For Coding Agents

Context Firewall is agent-facing infrastructure, not a log viewer.

  • Agent tools and installers for common coding agents
  • Automatic command routing where supported
  • Real command execution, never pretend output
  • Local raw evidence
  • Compact summaries for noisy commands
  • Exact retrieval when the agent needs proof
  • Search across previous command output
  • Analytics for savings, adoption, and weak spots
  • Suggestions from repeated misses
  • Guardrails for obvious context waste
  • No cloud account
  • No hosted proxy
  • No raw output loss

How It Handles Noise

Context Firewall does not try to perfectly understand every possible terminal format. That would be brittle.

Instead, it keeps the important signals, stores the full evidence, and measures when the summary was not good enough. If agents keep asking for the raw output or rerunning the same command, that is a sign the project rules should improve.

Common Workflow

# run the real command
cfw run -- cargo test

# inspect recent spans
cfw spans

# retrieve exact evidence
cfw show 019ecaf49aab746395d2e02d31fa5d76 --lines 40:90

# search raw evidence without knowing line numbers
cfw show 019ecaf49aab746395d2e02d31fa5d76 --grep "panic" --around 3

# extract JSON from stored raw output
cfw show 019ecaf49aab746395d2e02d31fa5d76 --json-path '$.errors[0]'

# see context savings and adoption
cfw gain
cfw session --reducers

# discover weak spots and suggested rules
cfw discover
cfw learn

Install For Development

cargo build -p cfw
cargo test
cargo clippy -- -D warnings

Release smoke:

scripts/release-smoke.sh target/debug/cfw

See INSTALL.md for Homebrew, npm/npx, shell installer, PowerShell, Rust, and maintainer release setup.

Project Status

Context Firewall is early, useful, and intentionally small. It is built for the loop every coding agent lives in: read, search, test, diff, fix, repeat.

The broader goal is simple:

Give every coding agent a clean context boundary for terminal output.

Links

License

Apache-2.0