npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@pact-community/pact-kit

v0.3.0

Published

Domain knowledge and workflow automation for Pact 5 / KDA-CE smart contract development.

Readme

Pact Kit

Domain knowledge and workflow automation for Pact 5 / KDA-CE smart contract development — packaged for Claude Code, Codex, and Gemini CLI.

License: Apache-2.0 npm Release


Requirements

  • Claude Code, Codex, or Gemini CLI — see Tool Support for per-host details
  • git and bash — only needed for the curl-pipe installer
  • Pact 5.4ce — the KDA-CE fork of kadena-io/pact-5

Install

Claude Code

claude plugins add Pact-Community-Organization/pact-kit

Codex

codex plugins add Pact-Community-Organization/pact-kit

Gemini CLI

gemini extension install https://github.com/Pact-Community-Organization/pact-kit

Any host — installs directly into ~/.claude/

bash <(curl -fsSL https://raw.githubusercontent.com/Pact-Community-Organization/pact-kit/main/scripts/install.sh)

The installer merges into ~/.claude/ and never removes existing files. Safe to run again after updates.


Getting Started

After installing, open a Pact project in Claude Code:

/new-pact-module          scaffold a new module with REPL tests and a deploy script
/validate-pact-module     run the 4-phase validation: REPL analysis → devnet deploy → verify
/gas-analysis             measure gas per function against the 150k ceiling
security review           invoke the independent auditor before shipping any module

Copy the starter configuration and fill in the identity placeholder:

cp ~/.claude/CLAUDE.md.template ~/.claude/CLAUDE.md

Then add the hooks snippet from ~/.claude/CLAUDE.md.template to ~/.claude/settings.json to enable automatic static analysis on every .pact and .repl edit.


What's Included

Skills

25 domain skills covering the full Pact 5 / KDA-CE surface. Loaded on demand — your AI assistant draws on precise, current knowledge for the task without carrying it in every session.

| Area | What it covers | |---|---| | Core language | Capabilities, guards, schema design, module architecture, interfaces, defpacts, events, invariants | | Testing & validation | REPL test patterns, devnet workflows, 4-phase module validation, CLI tooling, debugging | | Security & correctness | Security review, capability audits, fungible-v2 / xchain-v1 compliance, formal verification, offensive red-team testing | | Gas & cross-chain | Gas analysis against the 150k ceiling, gas station design, cross-chain transfer patterns | | Platform | KDA-CE network compliance, devnet lifecycle management |

Slash Commands

21 commands covering the full development lifecycle. Type /command-name in Claude Code.

| Command | What it does | |---|---| | /new-pact-module | Scaffold module + REPL tests + deploy script | | /design-defpact | defpact steps, yield/resume, SPV, rollback, and test plan | | /generate-repl-tests | REPL test suite from an ADR or acceptance criteria | | /generate-integration-stubs | TypeScript @kadena/client stubs for a module | | /validate-pact-module | 4-phase validation: REPL analysis → REPL exec → devnet deploy → verify | | /verify-pact-module | Formal verification and typecheck | | /capability-audit | Capability hierarchy map with bypass path analysis | | /pact-security-audit | Security-focused code review checklist | | /full-security-audit | 5-phase audit (in-session; use pact-auditor for pre-ship reviews) | | /red-team | Executable offensive pass: runs real .repl attacks and proves HELD/BROKEN | | /security-assessment | STRIDE per public function with attack simulation | | /threat-model | STRIDE threat model with attack trees and mitigations | | /analyze-feature | 7-step impact analysis before implementing a feature | | /architecture-lockdown | Architecture freeze: options → decision → ADR outputs | | /architecture-review | Review an ADR or proposal for gas, DAG acyclicity, KDA-CE compliance | | /design-test-suite | Test suite design from ADRs and acceptance criteria | | /deploy-to-devnet | Ordered deploy with gas tracking and a verification report | | /gas-analysis | Gas per function vs. 150k ceiling with baseline comparison | | /migrate-pact-schema | New table, admin migration functions, bless list, row-count test | | /developer-handoff | Implementation spec: schemas, capabilities, gas estimate, deploy notes | | /review-pr | Dual-scope review: isolated diff + full regression |

Behavioral Instructions

16 instruction files that load automatically based on the files you're editing. Opening a .pact or .repl file activates Pact language rules, trap avoidance, and security checklists. Deployment, testing, gas, and refactoring rules activate for their respective contexts.

Security Agents

Two fresh-context agents with no implementation history, one defensive and one offensive.

pact-auditor reviews. Invoke it by saying security review or ready to ship in Claude Code. It runs a 5-step protocol — static analysis, capability audit, Pact 5.4ce trap check, security checklist, and STRIDE per public function — and returns a structured finding table.

red-team-attacker attacks. Given one module and one front, it writes and executes real .repl attacks (20 mutations per front) with the pact CLI, applies the REPL-artifact filter, and reports HELD or BROKEN with reproducible proof — the offensive counterpart driven by the /red-team command.

Examples

examples/example-token.pact + examples/example-token.repl — a runnable, CI-verified reference module demonstrating the conventions the kit enforces (capability layering, managed caps, principal discipline, trust-boundary validation, node-safe enforce patterns).

Reference Repositories

docs/reference-repos.md — the vetted primary sources (language repo, official docs, pact-util-lib, production contracts) and the idioms they agree on. When in doubt, primary sources beat web search results and model memory.

CI Scripts

pact-static-check.sh is a two-tier static analysis gate (Pact CLI + semantic greps). Configure it as a PostToolUse hook to run automatically on every .pact and .repl edit. session-end-secrets-scan.sh scans modified files for credential patterns at session end. The hooks configuration snippet is in ~/.claude/CLAUDE.md.template.


Contributing

Open an issue or discussion before submitting a PR. See CONTRIBUTING.md.


Apache-2.0 License · Changelog · Security Policy · Code of Conduct