npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

agentpki

v0.3.0

Published

Command-line interface for AgentPKI — mint, verify, decode, diff, batch, tamper, and inspect PASETO agent passports from your terminal.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

agentpkiagentpki

Keywords

agentpkiagent-identitypasetoed25519rfc-9421cli

Readme

agentpki CLI

Terminal interface for AgentPKI. Mint, verify, decode, tamper, and inspect agent passports from anywhere.

Install

npm i -g agentpki

Usage

# Mint a demo passport
agentpki mint
agentpki mint --scope=read:articles --sub=agent:mybot/v1

# Verify a token (pipe-friendly: `-` reads from stdin)
agentpki verify v4.public.eyJpc3M...
echo $TOKEN | agentpki verify -

# Decode any PASETO token to JSON (no signature check)
agentpki decode v4.public.eyJpc3M...

# Diff two tokens — claims, footer, sig + live verdicts side by side
agentpki diff v4.public.AAA v4.public.BBB
agentpki diff --json $TOK_OLD $TOK_NEW       # JSON output for scripting
agentpki diff --skip-verify $A $B            # no verifier round-trip
# Diff two tokens piped from another tool:
printf '%s\n%s\n' "$A" "$B" | agentpki diff - -

# Batch-verify many tokens (one per line)
agentpki batch tokens.txt                    # streaming verdicts + summary
agentpki batch tokens.txt --concurrency=16   # bump parallelism (default 8, max 32)
agentpki batch - < tokens.txt                # read from stdin
agentpki batch tokens.txt --ndjson > out.jsonl  # streaming JSON per line
agentpki batch tokens.txt --json | jq '.summary'

# Tamper a token (default: signature byte-flip)
agentpki tamper v4.public.eyJpc3M...
agentpki tamper $TOKEN --mode=payload | agentpki verify -

# Check whether a URL participates in AgentPKI (looks for AgentPKI-Token header)
agentpki check https://example.com/api/articles/123

# Inspect an issuer's CRL
agentpki crl https://demo.agentpki.dev

# Scaffold a new project
agentpki init --dir=./my-agent

Pipe-friendly

Every command writes the canonical result (a token, a verdict) to stdout, so you can chain:

agentpki mint | agentpki verify -
# verdict: allow (verifier 240 ms)

agentpki mint | agentpki tamper --mode=sig - | agentpki verify -
# verdict: deny
# reason:  bad_signature
# elapsed: 3 ms

Exit codes

| Code | Meaning | |---|---| | 0 | Verdict was allow (or command succeeded) | | 1 | Verdict was deny (or fetch failure) | | 2 | Usage error (missing arg, unknown command) |

This makes the CLI usable in CI:

# CI guard: fail the build if the trust contract regresses
agentpki mint | agentpki verify - || exit 1
agentpki mint | agentpki tamper - | agentpki verify - && echo "REGRESSION: tampered token allowed" && exit 1

Environment variables

| Var | Default | |---|---| | AGENTPKI_VERIFIER | https://verify.agentpki.dev | | AGENTPKI_DEMO_ISSUER | https://demo.agentpki.dev |

Build from source

git clone https://github.com/agentpki/cli
cd cli
npm install
npm run build
npm link              # makes `agentpki` available globally

License

MIT.