npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@sentry402/eliza-plugin

v0.1.1

Published

ElizaOS plugin: pre-flight sanctions firewall for AI agents. Wraps native transfer actions with a $0.02 x402 call to Sentry402 — every agent gets allow / warn / block before signing. Multi-chain (EVM + Solana) via GoldRush + Helius DAS.

Downloads

242

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sentry402sentry402

Keywords

elizaoselizaos-plugineliza-pluginai-agentagent-firewallagent-compliancecompliancesanctionsofacx402sentry402wallet-risksolanaevm

Readme

@sentry402/eliza-plugin

npm License Engine

A pre-flight sanctions firewall plugin for ElizaOS agents.

Wraps every native transfer action (TRANSFER_SOL, TRANSFER_ETH, TRANSFER_BASE, …) with a $0.02 x402 call to Sentry402. The agent gets allow / warn / block before it signs anything, citation-bound to OFAC SDN, FATF, FinCEN, and MiCA.

Why

An ElizaOS agent that holds a wallet can pay a sanctioned address in milliseconds. Treasury added three DPRK wallets on March 12, 2026 (SB0416). Without a pre-flight check, an autonomous agent has no way to know.

This plugin gives every ElizaOS agent the same compliance reflex a regulated VASP would require: every outbound transfer must clear sanctions screening before signing.

Install

ElizaOS uses Bun by default. Both work:

bun add @sentry402/eliza-plugin     # ElizaOS default
# or
npm install @sentry402/eliza-plugin

If you don't have an agent yet, scaffold one in three commands per the official ElizaOS quickstart:

bun i -g @elizaos/cli
elizaos create my-agent
cd my-agent && bun add @sentry402/eliza-plugin

Then add the plugin to your character file as below. Plugin Registry submission to https://docs.elizaos.ai/plugin-registry/overview is on the roadmap.

Use — character file

{
  "name": "MyAgent",
  "plugins": [
    [
      "@sentry402/eliza-plugin",
      {
        "apiUrl": "https://sentry402.vercel.app",
        "mode": "screen",
        "chains": ["solana-mainnet", "eth-mainnet", "base-mainnet"]
      }
    ]
  ],
  "system": "Always use SAFE_TRANSFER_* actions instead of TRANSFER_* when sending funds. If a SAFE_TRANSFER returns block, do not retry. If it returns warn, escalate to a human operator."
}

Use — programmatic

import { sentry402Plugin } from "@sentry402/eliza-plugin";

const plugin = sentry402Plugin({
  apiUrl: "https://sentry402.vercel.app",
  mode: "preflight", // x402-gated, $0.02 per call
  signX402Payment: async () => {
    // your wallet provider's x402 signing flow
    return await myWallet.signX402();
  },
  onEscalate: async ({ to, reason }) => {
    // route warn verdicts to a human approval queue
    return await mySlackBot.askForApproval({ to, reason });
  },
});

// register actions with your ElizaOS runtime
runtime.registerPlugin(plugin);

Actions registered

| Action | Wraps | When verdict = block | When verdict = warn | |---|---|---|---| | SAFE_TRANSFER_SOL | TRANSFER_SOL | abort | onEscalate or block | | SAFE_TRANSFER_ETH | TRANSFER_ETH | abort | onEscalate or block | | SAFE_TRANSFER_BASE | TRANSFER_BASE | abort | onEscalate or block | | SAFE_TRANSFER_MATIC | TRANSFER_MATIC | abort | onEscalate or block | | SAFE_TRANSFER_ARBITRUM | TRANSFER_ARBITRUM | abort | onEscalate or block | | SAFE_TRANSFER_OPTIMISM | TRANSFER_OPTIMISM | abort | onEscalate or block | | SAFE_TRANSFER_BSC | TRANSFER_BSC | abort | onEscalate or block | | CHECK_DESTINATION | (none — read-only) | returns verdict | returns verdict |

Modes

  • screen — calls the free /api/screen endpoint. Same engine, same response shape. Use during dev or for evaluation.
  • preflight — calls /api/preflight with x402 USDC payment ($0.02 USDC on Base Sepolia). Production agent endpoint. Requires a signX402Payment callback wired to the agent's wallet provider.

Smoke test

SENTRY402_URL=https://sentry402.vercel.app node scripts/smoke.mjs

Expected output: BLOCK for the OFAC SDN case, ALLOW for vitalik.eth, BLOCK for the DPRK Solana cluster, and a clean ALLOW for Tornado Cash historic (with informational signal).

Engine

Plugin actions call the Sentry402 risk engine. As of rule pack 0.4.0-mvp (May 2026) the engine runs 16 cited rules across EVM (GoldRush) + Solana (Helius DAS), including:

  • ofac_direct_match — destination on active OFAC SDN
  • sanctions_adjacency — direct counterparty on SDN (1-hop, EVM + Solana)
  • sanctions_indirect_exposure — 2-hop materially-gated exposure (EVM)
  • stablecoin_dprk_cluster_proximity — SB0416 USDT cluster contact
  • drainer_pattern — ≥3 unlimited approvals to one spender
  • 11 more — see the Sentry402 engine inventory

Every signal carries fatf_reference + fincen_reference fields. Every dossier carries rule_pack_sha256 and pinned dataset versions for FCA 2024 reproducibility.

License

MIT — see LICENSE.

Links