npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

agent-task-watcher

v0.1.0

Published

Track what AI coding agents changed before you trust the result.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

stephenywilsonstephenywilson

Keywords

aiclicode-reviewdeveloper-toolslocal-first

Readme

Agent Task Watcher - Catalayer

Track what AI coding agents changed before you trust the result.

AI coding agents can write code faster than humans can review it. Agent Task Watcher helps developers inspect what changed before they trust the result.

What It Does

Agent Task Watcher is a local-first TypeScript CLI for reviewing repository changes made by Claude Code, Codex, Cursor, and other AI coding agents.

The workflow is simple:

  1. Take a snapshot before the agent works.
  2. Let the agent modify the repository.
  3. Generate a diff and risk report before trusting or committing the result.

The report highlights changed files, dependency changes, lockfile changes, risky package scripts, sensitive paths, and review order.

Why AI Coding Agents Need Inspection

AI coding agents are useful because they move quickly. That speed also creates review risk:

  • A package lifecycle script can be added quietly.
  • CI workflows can change how secrets or deployments behave.
  • Auth, billing, middleware, or permission files can be modified.
  • Tests can be removed or skipped.
  • Lockfiles and dependencies can change without enough attention.

Agent Task Watcher gives developers a local review checkpoint before they run unfamiliar commands, trust the output, or commit the change set.

Installation

For local development from this repository:

npm install
npm run build
node dist/cli.js --help

Optional local linking:

npm link
agent-task-watcher --help

When published later, the intended install shape is:

npm install -g agent-task-watcher
agent-task-watcher --help

Local Usage

From the repository you want to inspect:

agent-task-watcher init
agent-task-watcher snapshot

Then ask an AI coding agent to work in that repository. After it finishes:

agent-task-watcher diff
agent-task-watcher report

Reports are written to:

.agent-task-watcher/reports/latest-report.md
.agent-task-watcher/reports/latest-report.json

Example Workflow

cd my-app
agent-task-watcher init
agent-task-watcher snapshot

# Run Claude Code, Codex, Cursor, or another AI coding agent.

agent-task-watcher report
open .agent-task-watcher/reports/latest-report.md

Review the report before committing.

Command Reference

agent-task-watcher init

Creates .agent-task-watcher, default config, baseline metadata, and the reports directory.

agent-task-watcher snapshot

Captures the current repository state. Each tracked file records:

  • relative path
  • SHA-256 hash
  • file size
  • modified timestamp

The default ignore list skips:

node_modules
.git
dist
build
coverage
.next
.turbo
.agent-task-watcher

agent-task-watcher diff

Compares the current repository state with the latest snapshot and prints JSON to stdout.

It detects:

  • added files
  • modified files
  • deleted files
  • changed package.json scripts
  • added or removed dependencies
  • lockfile changes

agent-task-watcher report

Generates Markdown and JSON reports with:

  • summary
  • risk score
  • risk level
  • changed files
  • high-risk findings
  • suggested review order
  • next review checklist

Example Risk Findings

Critical findings include:

  • .env or secret-like files changed
  • preinstall, postinstall, or prepare scripts added
  • GitHub Actions workflows changed
  • auth, billing, payment, Stripe, middleware, or permission-related files changed
  • many files deleted
  • shell scripts changed with destructive commands

High findings include:

  • dependencies added
  • lockfile changed
  • database migration changed
  • config files changed
  • API routes changed
  • Dockerfile or deployment config changed

Medium findings include:

  • implementation changed without test updates
  • README or docs changed with implementation changes
  • large change sets
  • test files removed

Low findings include:

  • documentation-only changes
  • small isolated changes with no high-risk patterns detected

Sample Report Preview

# Agent Task Watcher Report

- Added: 2
- Modified: 4
- Deleted: 0
- Risk score: 35
- Risk level: HIGH

## High-Risk Findings

- **HIGH**: Dependencies added. New dependencies: example-package. Files: `package.json`.
- **HIGH**: Lockfile changed. Lockfile changes should be reviewed alongside dependency changes. Files: `package-lock.json`.

See docs/sample-report.md for a fuller example.

Privacy and Local-First Design

Agent Task Watcher is local-first.

  • No telemetry.
  • No external API calls.
  • No paid API calls.
  • No repository contents are sent anywhere.
  • Reports stay inside .agent-task-watcher.
  • Secrets and .env files should not be committed; the tool flags secret-like file changes as critical.

Release Validation

Before publishing or tagging:

npm install
npm run build
npm run smoke
npm pack --dry-run
node dist/cli.js --help

See docs/release-checklist.md.

Roadmap

  • Named snapshots.
  • Configurable risk rules.
  • Better formatting-only detection.
  • Git-aware review helpers.
  • HTML report output.
  • Optional baseline labels for multi-agent workflows.

Catalayer Positioning

Agent Task Watcher - Catalayer helps developers inspect AI-generated code changes before trust, review, and commit.