npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@sigmashake/ssg

v0.12.1

Published

AI Agent Governance CLI — evaluate tool calls against rules, block dangerous operations, and surface blocked commands

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sigmashake-ownersigmashake-owner

Keywords

aigovernanceagentsafetyrulescli

Readme

sigmashake-gov

AI Agent Governance System — Evaluate tool calls, block dangerous operations, and approve via dashboard.

Incident Highlight: Claude Code Source Code Leak (March 31, 2026)

One rule. Zero source leaks.

On March 31, 2026, Claude Code's TypeScript source code was exposed because "sourceMap": true was set in tsconfig.json. Source map files (.map) map compiled JavaScript back to the original TypeScript source — if served in production, anyone can reconstruct private code.

The rules-typescript ruleset on the SigmaShake Hub includes no-sourcemap-in-tsconfig, which blocks any AI agent from enabling source maps in production tsconfig files:

rule no-sourcemap-in-tsconfig {
  priority 95
  severity error
  DENY write
  IF path GLOB "**/tsconfig.json"
     AND content LINE_REGEX "\"sourceMap\"\\s*:\\s*true"
  MESSAGE "sourceMap: true exposes your TypeScript source via .map files.
           This configuration caused the Claude Code source code leak (March 31, 2026)."
}
ssg hub pull rules-typescript   # Install the TypeScript ruleset

This is precisely the category of silent misconfiguration AI agents introduce — and exactly what SigmaShake governance rules are built to prevent.

Quick Start

# Install dependencies
bun install

# Initialize configuration
ssg init

# Test a rule (blocks rm -rf)
echo '{"tool":"Bash","input":{"command":"rm -rf /"}}' | ssg eval
# → {"decision":"block", "rule_id":"no-destructive-ops", ...}

# Start approval dashboard
ssg serve

Overview

sigmashake-gov provides runtime safety for AI agents by:

  1. Evaluating tool calls against configurable rules (e.g., block rm -rf, restrict file access)
  2. Dashboard approval workflow for uncertain cases (ASK decisions)
  3. Local SQLite storage with audit logging

Architecture

CLI → Engine (Parser/Evaluate/DB) → Decision
          ↓
     Dashboard (if ASK)
          ↓
     Audit Log
  • CLI Layer: ssg binary — commands for eval, check, serve, sync
  • Engine Core: Rules parser, evaluation logic, SQLite database
  • Server: Local dashboard with in-memory pending approvals

Commands

| Command | Description | |---------|-------------| | ssg eval | Evaluate tool call from stdin JSON | | ssg check [path] | Scan files for rule violations | | ssg serve | Start local dashboard (port 5599) | | ssg sync | Pull rules from edge API to SQLite | | ssg push | Push local .rules files to edge API | | ssg init | Initialize .sigmashake/ directory | | ssg lint | Validate .rules file syntax | | ssg format | Format .rules files (normalize + split oversized rules) | | ssg new | Scaffold a new .rules file | | ssg man | Print .rules DSL syntax reference | | ssg list | Show all loaded rules | | ssg status | Check setup and dashboard health | | ssg setup | Interactive setup wizard (re-runnable) | | ssg test-rule | Test rule matching with --explain trace | | ssg metrics | Show session metrics (evals, blocked) | | ssg blocked | Show blocked/forced commands from this session | | ssg usage | Show eval usage, storage, and plan limits | | ssg dedupe | Detect duplicate rules (exact/structural/semantic) | | ssg flight | Flight recorder stats (latency, memory, CPU) | | ssg profile | Eval latency profiling | | ssg daemon | Persistent eval daemon (Unix socket, ~5ms eval) | | ssg install | Install ssg binary to ~/.local/bin | | ssg publish | Publish local .rules to GitHub and hub | | ssg certify | Run scenario files and produce certification report | | ssg insights | Analyze conversation history for governance patterns |

Rule Syntax

rule no-destructive-ops {
  priority 100
  severity error
  DENY execution
  IF command CONTAINS "rm -rf"
  OR command CONTAINS "git push --force"
  MESSAGE "Destructive command blocked."
}

Key fields:

  • priority: Higher = checked first (short-circuit evaluation)
  • decision: allow | block | log | shadow | ask
  • target: execution | read | write | edit | any
  • IF/OR: Group conditions with AND/OR logic
  • MESSAGE: Required human-readable description

See RULE_SYNTAX.md for full DSL reference.

Configuration

.sigmashake/config.toml:

[project]
name = "sigmashake-gov"

[api]
url = ""  # Set via SSG_API_URL env var

[dashboard]
port = 5599
bind = "127.0.0.1"

[eval]
ask_timeout_ms = 60000
ask_fallback = "block"

[agents]
claude = true

Hot Reload

Rules from .sigmashake/rules/*.rules are loaded fresh on every ssg eval invocation. Adding, editing, or removing a .rules file takes effect on the very next tool call — no restart needed.

Note: If rules were loaded into SQLite via ssg sync, file changes are ignored until you re-run ssg sync. Use ssg list to verify which rules are active.

Agent Integration

ssg enforces governance for multiple AI coding agents from a single rule set:

  • Claude Code: PreToolUse hook in .claude/hooks/ssg-check.sh — pipes tool calls to ./ssg eval

Both agents share the same rules from .sigmashake/rules/ and log to the same SQLite audit database.

Safety Features

  • Loop guard: Blocks identical Bash commands repeated 3 times consecutively (prevents agent loops)
  • Circuit breaker: After 5 consecutive denies in Claude Code hook, auto-allows to prevent lockout. Reset by deleting /tmp/ssg-deny-count.
  • Fail-open: If the ssg binary is missing or crashes, tool calls are allowed through — governance never blocks the agent entirely.

Build

bun build --compile src/cli.ts --outfile ssg    # Local binary
bun build:linux                                   # Linux x64
bun build:macos                                   # macOS ARM

Tests

bun test                         # All 63 tests
bun test test/engine.test.ts     # Engine only
npx gts fix                      # Format + lint

Tests: engine, parser, evaluate_operators, db, server, html, integration.

License: Proprietary — Copyright (c) 2024 Sigma Shake. All rights reserved.