npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

agent-code-auditor

v1.0.11

Published

Configurable audit tool and linter for AI-generated code

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

langelllangell

Keywords

Readme

agent-code-auditor

agent-code-auditor is a configurable audit tool and linter specifically designed for AI-generated code. It helps development teams detect, audit, and automatically fix common "AI code smells," insecure patterns, and hallucinations.

Features

  • Static Analysis: Deep scanning of your codebase to find typical AI-generated code issues.
  • Dependency Vulnerability Scanning: Ensures AI hasn't introduced outdated or vulnerable packages.
  • Custom Rule Engine: Tailor the linter to your project's specific needs to catch domain-specific AI hallucinations.
  • Auto-Fix Capabilities: Automatically correct simple AI-generated code smells to streamline development.
  • IDE Integration Ready: Designed to work seamlessly within your development workflow.

Installation

Install agent-code-auditor globally or locally in your project using your preferred package manager.

# Using npm
npm install -g agent-code-auditor

# Using pnpm
pnpm install -g agent-code-auditor

# Using yarn
yarn global add agent-code-auditor

Usage

agent-code-auditor provides a simple CLI to scan and fix your workspace.

Scanning your workspace

To scan a directory for AI code smells, vulnerabilities, and linting errors:

agentlint scan

You can specify a target directory:

agentlint scan -d ./src

Fixing issues automatically

To automatically apply fixes for detected code smells and linting errors:

agentlint fix

You can also specify a directory to fix:

agentlint fix -d ./src

Configuration

AgentLint looks for a configuration file in your project directory. This allows you to define rule overrides and configure the AST analyzer for your specific needs.

Example .agentlintrc.json:

{
  "skipRules": ["code-quality-no-any", "tool-overlapping"],
  "rules": {
    "security-input-validation": "error",
    "spec-missing-rollback": "off"
  },
  "fixers": {
    "code-quality-no-any": "./agentlint-fixers/custom-no-any-fixer.mjs#CustomNoAnyFixer"
  }
}
  • skipRules: list of rule IDs to disable without setting each rule to off.
  • rules: rule severity overrides (error, warn, off).
  • fixers: map of ruleId to a custom fixer class module reference.
    • String format: ./relative/path/to/module.mjs#ExportedClassName
    • The class must implement fix(filePath, issues) and return a list of fix results.

Commands

  • agentlint scan [options]: Scan the workspace for AI code smells and vulnerabilities.
    • -d, --dir <directory>: Directory to scan (default: .)
  • agentlint fix [options]: Automatically fix simple AI-generated code smells.
    • -d, --dir <directory>: Directory to fix (default: .)
  • agentlint --help: Display help for commands.
  • agentlint --version: Display the current version.

Release Workflow (Semantic Versioning)

This project uses semantic-release for automatic versioning and npm publishing from commits merged into main.

This repository does not use Changesets. Do not create changeset files or open version PRs manually.

  1. Use a Conventional Commit message for the change that should trigger the release (for example: fix: ..., feat: ..., feat!: ... or BREAKING CHANGE: in the body).
  2. Verify the package locally before pushing:
  • pnpm test
  • pnpm test:coverage:check
  • pnpm run publish:check
  1. Push the commit to main.
  2. GitHub Actions runs semantic-release and automatically:
    • calculates the next version,
    • publishes to npm,
    • creates a GitHub Release.

Manual helper:

# Runs semantic-release locally (normally only used in CI)
pnpm release

Development

To run the CLI locally during development:

# Install dependencies
pnpm install

# Run the development watcher
pnpm dev

# Build the project
pnpm build

# Run the CLI
pnpm start scan

License

ISC