npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@sentinelseed/solana-agent-kit

v1.0.1

Published

Sentinel safety validation plugin for Solana Agent Kit - THSP protocol for AI agent transaction safety

Downloads

194

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sentinel-seedsentinel-seed

Keywords

solanasolana-agent-kitai-safetysentinelthsptransaction-validationai-agentblockchain-safetyweb3defi-safety

Readme

@sentinelseed/solana-agent-kit

npm version License: MIT

Sentinel Safety Plugin for Solana Agent Kit — AI safety validation for Solana transactions using the THSP protocol.

Protect your AI agents from executing harmful, unauthorized, or suspicious transactions on Solana.

Features

  • THSP Protocol: Four-gate validation (Truth, Harm, Scope, Purpose)
  • Transaction Limits: Configurable max amounts and confirmation thresholds
  • Address Blocklist: Block known scam addresses
  • Purpose Verification: Require explicit justification for sensitive operations
  • Pattern Detection: Catch suspicious transaction patterns
  • LLM Actions: Native integration with Solana Agent Kit action system
  • Statistics: Track validation history and block rates

Installation

npm install @sentinelseed/solana-agent-kit

Peer Dependencies:

npm install solana-agent-kit @solana/web3.js

Quick Start

import { SolanaAgentKit } from "solana-agent-kit";
import SentinelPlugin from "@sentinelseed/solana-agent-kit";

const agent = new SolanaAgentKit(privateKey, rpcUrl)
  .use(SentinelPlugin());

// Validate before any transaction
const result = await agent.methods.validateTransaction({
  action: "transfer",
  amount: 50,
  recipient: "9WzDXwBbmkg8ZTbNMqUxvQRAyrZzDsGYdLVL9zYtAWWM",
  purpose: "Payment for NFT purchase",
});

if (result.shouldProceed) {
  // Safe to execute
} else {
  console.log("Blocked:", result.concerns);
}

Configuration

import SentinelPlugin from "@sentinelseed/solana-agent-kit";

const agent = new SolanaAgentKit(privateKey, rpcUrl)
  .use(SentinelPlugin({
    // Maximum amount per transaction (default: 100)
    maxTransactionAmount: 100,

    // Require confirmation above this amount (default: 10)
    confirmationThreshold: 10,

    // Actions requiring explicit purpose (default shown)
    requirePurposeFor: ["transfer", "swap", "approve", "bridge", "withdraw", "stake"],

    // Block all transactions with any concerns (default: false)
    strictMode: false,

    // Known scam addresses to block
    blockedAddresses: [
      "ScamWa11etAddress111111111111111111111111111",
    ],

    // Only allow these programs (empty = all allowed)
    allowedPrograms: [],

    // Custom patterns to detect
    customPatterns: [
      {
        name: "high_slippage",
        pattern: /slippage.*(?:[5-9]\d|100)%/i,
        riskLevel: "high",
        message: "High slippage tolerance detected",
      },
    ],

    // Callback for monitoring
    onValidation: (result) => {
      console.log(`[Sentinel] ${result.metadata.action}: ${result.riskLevel}`);
    },
  }));

THSP Protocol

Every transaction is validated against four gates:

| Gate | Question | Checks | |------|----------|--------| | Truth | Is the data accurate? | Address format, valid amounts, program IDs | | Harm | Could this cause damage? | Blocked addresses, high-risk actions, program whitelist | | Scope | Is this within limits? | Amount limits, rate limits | | Purpose | Is there legitimate benefit? | Explicit justification for sensitive operations |

All gates must pass for a transaction to be approved.

Available Actions

These actions are automatically available when using the plugin:

VALIDATE_TRANSACTION

Full validation with detailed gate analysis.

const result = await agent.methods.validateTransaction({
  action: "transfer",
  amount: 50,
  recipient: "...",
  purpose: "Payment for services",
});

// Returns:
{
  safe: boolean,
  shouldProceed: boolean,
  requiresConfirmation: boolean,
  riskLevel: "low" | "medium" | "high" | "critical",
  concerns: string[],
  recommendations: string[],
  gateResults: [
    { gate: "truth", passed: true },
    { gate: "harm", passed: true },
    { gate: "scope", passed: true },
    { gate: "purpose", passed: true },
  ],
}

CHECK_SAFETY

Quick pass/fail check.

const isSafe = await agent.methods.checkSafety("transfer", 10, recipient);

GET_SAFETY_STATS

Validation statistics and configuration.

const status = await agent.methods.getSafetyStatus();
console.log(status.stats.blockRate); // e.g., 0.05 (5%)

BLOCK_ADDRESS / UNBLOCK_ADDRESS

Manage the address blocklist.

await agent.methods.blockAddress("ScamAddress...");
await agent.methods.unblockAddress("VerifiedAddress...");

LangChain Integration

The plugin works seamlessly with LangChain agents:

import { SolanaAgentKit, createSolanaTools } from "solana-agent-kit";
import TokenPlugin from "@solana-agent-kit/plugin-token";
import SentinelPlugin from "@sentinelseed/solana-agent-kit";

const agent = new SolanaAgentKit(privateKey, rpcUrl)
  .use(TokenPlugin)
  .use(SentinelPlugin());

// Create tools including Sentinel actions
const tools = createSolanaTools(agent);

// Use with your LangChain agent
const executor = new AgentExecutor({ agent: reactAgent, tools });

await executor.invoke({
  input: `
    Before sending 10 SOL to [address]:
    1. Use VALIDATE_TRANSACTION to check safety
    2. Only proceed if shouldProceed is true
    Purpose: Payment for freelance work
  `,
});

Risk Levels

| Level | Description | Action | |-------|-------------|--------| | low | No concerns detected | Proceed | | medium | Minor concerns | Proceed with caution | | high | Significant concerns | Review carefully | | critical | Serious issues detected | Blocked |

Default Suspicious Patterns

The plugin detects these patterns automatically:

  • Drain operations: drain, sweep, empty
  • Unlimited approvals: unlimited, infinite approval
  • Bulk transfers: transfer all, send entire
  • Private key exposure: private key, seed phrase, mnemonic
  • Suspicious urgency: urgent, immediately, asap

API Reference

SentinelPlugin(config?)

Creates the plugin instance.

SentinelValidator

Core validation engine, available for direct use:

import { SentinelValidator } from "@sentinelseed/solana-agent-kit";

const validator = new SentinelValidator({
  maxTransactionAmount: 100,
});

const result = validator.validate({
  action: "transfer",
  amount: 50,
  recipient: "...",
});

Types

import type {
  SafetyValidationResult,
  ValidationInput,
  SentinelPluginConfig,
  RiskLevel,
  THSPGate,
} from "@sentinelseed/solana-agent-kit";

Examples

See the examples directory:

  • basic-usage.ts - Simple integration
  • langchain-integration.ts - LangChain agent setup
  • defi-safety.ts - DeFi-specific configuration

Why Sentinel?

AI agents executing blockchain transactions face unique risks:

  1. Prompt Injection: Malicious inputs can trick agents into harmful actions
  2. Memory Manipulation: Attackers can inject false context
  3. Excessive Autonomy: Agents may execute unintended transactions
  4. Missing Intent Verification: No check for legitimate purpose

Sentinel addresses these by requiring every transaction to pass through the THSP validation protocol before execution.

Links

License

MIT License - see LICENSE

Built by Sentinel Team