npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@portcullis-ai/codex-cli

v0.1.1

Published

Portcullis AI Code Guardian integration for OpenAI Codex CLI

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

justin-portcullisjustin-portcullis

Keywords

codexopenaimcpportculliscode-safetyai-guardrailscode-intelligence

Readme

@portcullis-ai/codex-cli

Portcullis AI Code Guardian integration for OpenAI Codex CLI.

Overview

This package provides an MCP (Model Context Protocol) server that integrates Portcullis's code intelligence and safety analysis tools with the Codex CLI. It enables Codex to perform safety checks, risk assessments, and historical code analysis before making changes.

Installation

npm install -g @portcullis-ai/codex-cli

Setup

1. Install Python Dependencies

Portcullis requires Python 3.10+ and several dependencies:

portcullis install

2. Configure Codex CLI

Add Portcullis as an MCP server in your Codex configuration:

portcullis setup

This adds the following to ~/.codex/config.toml and installs the Portcullis agent definition at ~/.codex/AGENTS.md:

[mcp_servers.portcullis-ai-guardrails]
command = "npx"
args = ["-y", "@portcullis-ai/codex-cli", "serve"]
startup_timeout_sec = 60
tool_timeout_sec = 120

3. Verify Installation

Run diagnostics to ensure everything is configured correctly:

portcullis doctor

Usage

Once configured, Portcullis launches automatically when you start Codex CLI. The following MCP tools become available:

Agentic Tools (High-Level)

  • historepo_quick_safety_check - Pre-flight safety assessment
  • historepo_why_does_this_exist - Chesterton's Fence analysis
  • historepo_architecture_audit - Architectural review
  • historepo_file_deep_dive - Complete file history
  • historepo_get_edit_context - Pre-task context injection

Sentinel Tools (Safety)

  • analyze_patch_risk - Diff risk assessment
  • get_symbol_risk_profile - Historical risk analysis
  • check_zombie_pattern - Reintroduced code detection
  • get_revert_history - Past revert tracking
  • get_chestertons_fences - Load-bearing code detection

Temporal Tools (Evolution)

  • get_symbol_evolution - Symbol timeline tracking
  • predict_change_impact - Blast radius analysis
  • get_breaking_changes_since - Breaking change detection

CLI Commands

portcullis serve      # Start MCP server (used by Codex)
portcullis install    # Install Python dependencies
portcullis setup      # Configure ~/.codex/config.toml
portcullis doctor     # Diagnose installation
portcullis version    # Show version

Python Runtime

Portcullis requires Python 3.10+ to run the MCP server backend. The CLI resolves Python in this order:

  1. System Python - Checks python3, python, and well-known paths for Python 3.10+
  2. Bundled Python - Uses pre-bundled runtime from python/runtime/ (included in full bundles)
  3. Auto-download - Downloads Python 3.10.13 from python-build-standalone if no local Python is available

The portcullis doctor command shows which Python source is in use.

Building & Bundling

For development:

npm run build                  # Compile TypeScript
npm run bundle:server          # Bundle historepo_ai server code only
npm run bundle:full            # Bundle server code + Python runtime

For publishing:

npm run prepublishOnly         # clean + build + bundle:server (runs automatically on npm publish)

The bundle:server script copies the historepo_ai Python backend into python/historepo_ai/, filtering out tests, __pycache__, and dev-only files. The bundle:full variant also downloads a platform-specific Python runtime into python/runtime/.

Requirements

  • Node.js 18+
  • Python 3.10+ (auto-downloaded if not available)
  • Git (for repository analysis)

License

MIT