npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@xlansoftware/agentignore

v0.4.3

Published

FUSE filesystem that hides files matching .agentignore rules from processes - control what agents can see while building apps

Downloads

355

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

skkdevcraftskkdevcraft

Keywords

fuseagentfilesystemclisandbox

Readme

agentignore

Crates.io npm version

Policy-Filtered Filesystem for AI Agents.

agentignore is a FUSE filesystem that provides a filtered virtual view of a real directory tree. Files and directories matching rules in a .agentignore file are completely hidden from processes interacting with the mounted filesystem — they don't appear in ls, find, glob expansion, or direct access.

The primary use case is constraining autonomous AI/LLM agents that have shell access, so irrelevant files and directories (node_modules/, .git/, target/, .env, secrets/, etc.) genuinely appear non-existent to the agent while still allowing the agent to execute build and test tools.

All visible files behave as a transparent passthrough: reads and writes go directly to the real filesystem.

Note: This is not a security boundary. AgentIgnore is designed to reduce LLM context by hiding irrelevant files, not to prevent a determined attacker from accessing them.

Table of Contents

Quick Start

Install via your favorite package manager:

# npm
npm install -g --ignore-scripts @xlansoftware/agentignore

# pnpm
pnpm add -g --ignore-scripts @xlansoftware/agentignore

# bun
bun add -g --ignore-scripts @xlansoftware/agentignore

# run it
agentignore run bash

Install via crate:

cargo install agentignore
agentignore run bash

Or build from source with Cargo:

# 1. Ensure FUSE is available (see Prerequisites below)

# 2. Build the binary
cargo build --release

# 3. Create example policy files in your project
./target/release/agentignore init

# 4. Start a shell inside the filtered view
./target/release/agentignore run bash

Prerequisites for Running

AgentIgnore needs the FUSE kernel module and libfuse3 on the host. Setup differs slightly across environments.

Linux (bare-metal)

# Ubuntu / Debian
sudo apt update
sudo apt install fuse3

# Fedora / RHEL
sudo dnf install fuse3

# Arch
sudo pacman -S fuse3

# Load the kernel module (usually auto-loads on access, but this guarantees it)
sudo modprobe fuse

# Verify
ls -l /dev/fuse          # should be present
fusermount3 --version    # should print 3.x

No additional configuration needed — run the binary directly.

Docker / Dev Container

When running inside a container, FUSE support must be explicitly granted at container creation time:

docker run \
  --device /dev/fuse \
  --cap-add SYS_ADMIN \
  my-image

For VS Code Dev Containers, add to .devcontainer/devcontainer.json:

{
  "runArgs": [
    "--device", "/dev/fuse",
    "--cap-add", "SYS_ADMIN"
  ]
}

Why SYS_ADMIN? The mount(2) syscall (which FUSE uses internally) requires CAP_SYS_ADMIN inside a container. The --device /dev/fuse flag exposes the kernel FUSE interface.

Inside the container, libfuse3 is usually preinstalled. If not:

sudo apt update && sudo apt install fuse3

WSL2

WSL2 supports FUSE out of the box with recent kernels:

# Install fuse3 inside your WSL distribution (Ubuntu example)
sudo apt update
sudo apt install fuse3

# Load the module
sudo modprobe fuse

Known issue: Custom WSL2 kernels built before Linux 5.4 may lack FUSE support. Run uname -r to check your kernel version. If FUSE is unavailable, update your WSL kernel via wsl --update from a Windows PowerShell.

Usage

init — create policy files

Creates .agentignore and .agentallow files in a directory:

agentignore init              # current directory
agentignore init /path/project

run — mount, execute, unmount

Mount a filtered view, run a command inside it, and unmount automatically:

# Run bash inside a filtered view of the current directory
agentignore run bash

# Run a specific tool with arguments
agentignore run -- ls -la

# Run from a specific source directory
agentignore run --source /home/user/project bash

explain — debug visibility

Check whether a path would be hidden and why:

agentignore explain .env
# HIDDEN
# canonical path: "/project/.env"
# matched rule:   .env

agentignore explain src/main.rs
# VISIBLE
# canonical path: "/project/src/main.rs"

Policy Files

.agentignore

Uses standard gitignore pattern syntax. Files matching these patterns are hidden from the agent.

# secrets
.env
*.pem
*.key

# hidden directories
secrets/
node_modules/

# recursive patterns
**/*.tfstate

# negations (exceptions)
!important.env

.agentallow

Process-based bypass rules. Processes matching entries in this file can see hidden files — useful for development tools that need full access.

Example use case: The agent should not "see" files within node_modules but if it launch npm run build, the tool needs these files to build the app.

One entry per line. Empty lines and lines starting with # are ignored (comments).

Process name / cmdline matching

| Syntax | Behaviour | |--------|-----------| | ^npm run | Regex matched against the process comm name or its full cmdline; also checks ancestor processes (parent, grandparent, etc.). | | =npm | Exact match against comm or cmdline; ancestors are also checked. | | =bash! | Exact match, no ancestor walk — matches only the exact process. | | node! | Regex, no ancestor walk — matches only the exact process. |

Binary path matching (entry starts with /)

| Syntax | Behaviour | |--------|-----------| | /usr/bin/node | Literal path; matches process or any ancestor. | | /usr/bin/java! | Literal path; matches only that exact process. |

# Allow npm and its children to see everything (regex, walks ancestors)
npm

# Allow only the exact 'restic backup' command (exact match, no ancestor walk)
=restic backup!

# Allow the exact bash process, not commands run inside it (exact, no ancestor walk)
=bash!

# Allow any java process or its children (regex, walks ancestors)
java

# Allow a specific binary and everything under it (literal path, walks ancestors)
/usr/bin/git

# Allow only that exact binary path (literal path, no ancestor walk)
/usr/bin/git!

Building from Source

Build prerequisites

See https://rust-lang.org/tools/install/ how to prepare rust dev environmet or use the provided devcontainer in this repo.

Build commands

# Fast type-check during development
cargo check

# Debug build
cargo build

# Optimized release build
cargo build --release

# Run with cargo
cargo run -- mount /real/project /mnt/agent

# Run tests
cargo test

# Run linter and formatter before committing
cargo clippy -- -D warnings
cargo fmt

Development

Or you can create one yourself. See docs/project.md for a one-shot prompt to re-create the project.