npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@privacypillar/pii-shield-opencode

v0.0.1-alpha.6

Published

Privacy-first PII and secret detection plugin for OpenCode. Blocks API keys, passwords, SSNs, credit cards, and 25+ other sensitive data types from reaching any LLM. All detection is local — no data ever leaves your machine.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dpprivacypillardpprivacypillarshraddha1002_shraddha1002_rahuljerahulje

Keywords

opencodeprivacypiisecretssecuritygdprhipaaai-safety

Readme

@privacypillar/pii-shield-opencode

Privacy-first PII and secret detection plugin for OpenCode.

Blocks API keys, passwords, SSNs, credit cards, and 25+ other sensitive data types from reaching any LLM. All detection is local — no data ever leaves your machine.

Install

npm install -g @privacypillar/pii-shield-opencode

The postinstall script automatically copies the plugin to ~/.config/opencode/plugins/pii-shield/. OpenCode picks it up on the next session start — no further configuration needed.

What it protects against

| Severity | Examples | |---|---| | CRITICAL | OpenAI / Anthropic / Google API keys, AWS credentials, GitHub tokens, private keys, Stripe live keys, database URLs, SSNs, credit cards | | HIGH | JWTs, Bearer tokens, Slack tokens, SendGrid keys, Twilio SIDs, passport numbers, URLs with embedded credentials | | MEDIUM | Emails, US phone numbers, public IPs, dates of birth, Stripe test keys | | LOW | Private IP addresses |

How it works

  • Before every write/edit/bash tool call: scans content and throws an error to block the call if CRITICAL or HIGH secrets are found
  • After every read/bash/webfetch/grep tool call: scans output and appends a warning so the LLM does not echo the secret
  • Session start: initialises a volatile JSONL audit log in os.tmpdir()

Optional: forbidden terms

Add project-specific sensitive terms (codenames, internal hostnames, etc.) to:

  • ~/.config/opencode/plugins/pii-shield/forbidden.txt — applies to all projects
  • .opencode/forbidden.txt in any project root — project-specific
  • ~/.pii-shield/forbidden.txt — user-global

Skills

| Skill | What it does | |---|---| | Load pii-shield-scan skill | Scan a file or text for PII and secrets | | Load pii-shield-report skill | Read the session log and produce a privacy report | | Load pii-shield-redact skill | Redact secrets from a file in-place |

Deep audit agent

@pii-guardian audit the src/ directory

Performs a comprehensive multi-file privacy audit, reporting file paths, line numbers, and remediation steps.

Privacy guarantees

  • Zero network calls — pure JavaScript regex + Luhn algorithm
  • No external npm dependencies
  • Session log stores only redacted snippets (never full secret values)
  • Log is volatile — destroyed when OS recycles temp files

License

MIT — Copyright © 2025 Privacy Pillar