npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@vorionsys/basis-gate-spec

v0.1.0

Published

BASIS Gate v1 — open specification for composable, adaptive AI agent governance pipelines. Defines the layer interface, execution modes, and two-stage proof-chain commit protocol.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

brnxfinestbrnxfinestvorion_llcvorion_llctetramondetetramondehighdragonhighdragon

Keywords

basisai-governanceagent-trustgatevorionopen-standard

Readme

BASIS Gate v1 — Specification

An open specification for AI agent governance pipelines.

What this is

When an AI agent tries to take an action — call a tool, send an email, move money, read a file — something needs to decide whether that action is allowed. That decision is rarely one check; it is usually many checks in sequence. Identity. Authorization. Safety. Policy. Rate limits. Budget. Audit trail. Human approval in high-risk cases.

BASIS Gate is an open specification for how those checks compose.

It defines:

  1. A common interface every check ("layer") implements, so checks written by different teams compose without surprises.
  2. A three-mode execution model — block, inline, or deferred — so fast actions stay fast and high-risk actions get the scrutiny they require.
  3. A preset system — Lite, Standard, Strict, Full — so operators can pick a posture without hand-configuring every layer.
  4. A two-stage proof-chain protocol so every decision, synchronous or deferred, produces signed, tamper-evident evidence.
  5. An industry-profile mechanism so regulated sectors (finance, healthcare, legal) can require specific layers to run synchronously.

Who this is for

  • Agent developers who want their agents to work inside any governance-aware runtime.
  • Governance runtime authors who want to implement the specification and be interoperable with any compliant layer or profile.
  • Compliance and audit teams who want a defined, auditable mechanism to point regulators at.
  • Anyone publishing a governance layer (jurisdiction-specific, industry-specific, policy-specific) who wants that layer to plug into compliant runtimes without custom integration.

What this is not

  • A runtime. The runtime is a separate package. This is only the specification.
  • A replacement for identity, authorization, or compliance frameworks. It is a composition mechanism on top of them.
  • A legal compliance certification. Publishing a profile does not make it legally sufficient for any jurisdiction. Operators remain responsible for their compliance posture.

Status

  • Version: v1.0-draft
  • Read the full specification: SPEC.md
  • TypeScript types: src/index.ts
  • License: Apache-2.0

Reference

  • Canonical trust parameters (risk levels, tier definitions, penalty formulas) are defined in the @vorionsys/basis package (packages/basis/src/canonical.ts). This specification refers to those values; it does not redefine them.
  • Industry profiles ship in @vorionsys/basis-gate-industry.
  • Reference runtime ships in @vorionsys/basis-gate-runtime (separate release).

Contributing

Comments, critique, and counter-proposals are welcome. Open an issue at the repository or write to the addresses listed in SPEC.md § 12.

Published by Vorion LLC. Apache License, Version 2.0.