npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

anonyagent

v0.6.1

Published

AnonyAgent — privacy-first coding agent. Local PII redaction, then any cloud model.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mmisserimmisseri

Keywords

privacypiillmagentanonymizationredactioncli

Readme

AnonyAgent

A privacy-first coding agent CLI. Detects personal/sensitive data locally, replaces it with opaque placeholders, then sends only the redacted text to a cloud LLM. The response is de-anonymized on your machine before you see it. The cloud never sees your real data.

you ▸ envoie un mail à [email protected] pour confirmer
  entities detected:
    EMAIL        "[email protected]"  (regex, score=—)

  will send to model:
    envoie un mail à [EMAIL_1] pour confirmer

  send? [Y/n] y

AnonyAgent ▸ D'accord, je prépare un mail à [email protected] pour confirmer…

How it works

┌──────────────┐   1. detect (regex + local NER)
│ your message │ ─────────────────────────────────┐
└──────────────┘                                  ▼
                                          ┌──────────────┐
                                          │ placeholders │  in-memory only
                                          │  [EMAIL_1]…  │
                                          └──────┬───────┘
                                                 │ 2. send anonymized
                                                 ▼
                                          ┌──────────────┐
                                          │ cloud LLM    │  (OpenRouter / OpenAI /
                                          └──────┬───────┘   LiteLLM proxy / …)
                                                 │ 3. stream tokens back
                                                 ▼
                                          ┌──────────────┐
                                          │ de-anonymize │  values reinjected
                                          │  on the fly  │  locally
                                          └──────┬───────┘
                                                 ▼
                                          what you see

Two layers of detection, no Ollama required:

  • Regex for structured PII with perfect detection: emails, phones, IBAN, credit cards (Luhn-validated), IPs, URLs, file paths, UUIDs, API keys, SSN.
  • Local NER via @xenova/transformers for names, organizations and locations. Runs in pure Node through ONNX — the model (~50–200 MB quantized) downloads once on first run and is then cached locally.

Install

Requires Node 20+.

One command, Windows / macOS / Linux:

npm install -g anonyagent

Then launch it from any project directory:

AnonyAgent

macOS / Linux note: the binary is registered under two names so the shell finds it whether you type AnonyAgent or anonyagent.

The base install is regex-only (emails, phones, IBAN, credit cards, IPs, URLs, paths, UUIDs, API keys, SSN). For the full local NER (names, orgs, locations) install the optional dependencies too:

npm install -g anonyagent --include=optional

The NER model (~50–200 MB) downloads on first launch and is cached locally.

On first launch you'll see a banner reminding you to set your API key. Inside the REPL:

you ▸ /login
  API key (input hidden): ****
  saved to ~/.anonyagent/config.json

That's it — the next message you type will be redacted locally and sent.

Build from source

git clone https://github.com/00marco00/AnonyAgent.git
cd AnonyAgent
npm install
npm run build
npm link        # registers AnonyAgent / anonyagent globally

Usage

AnonyAgent                              # review mode (default)
AnonyAgent --dangerously-auto-allow     # skip every confirmation
AnonyAgent --no-warmup                  # skip NER model preload at start
AnonyAgent -m anthropic/claude-opus-4   # one-off model override

Pick a model from the live OpenRouter catalog:

you ▸ /model claude
  fetching catalog… 355 models
    1. anthropic/claude-sonnet-4 200000ctx
    2. anthropic/claude-opus-4 200000ctx
    …

/model works with any OpenAI-compatible /models endpoint (OpenRouter, OpenAI, LiteLLM proxy, etc.). Switch endpoint at runtime with /endpoint <url>.

REPL commands

| Command | Effect | |---|---| | /login | Set the API key (input masked), persisted to ~/.anonyagent/config.json | | /model [search] | Pick a model from your provider's catalog. Inside the picker: number=pick, n/p=paginate, /<text>=search, q=cancel | | /endpoint <url> | Change the base URL (e.g. https://api.openai.com/v1) | | /status | Show current key/model/endpoint | | /map | Show the current placeholder ↔ original mapping | | /init | Create .anonyagent/AGENTS.md with a starter template, then reload the project context | | /create-rules [name] | Create .anonyagent/rules.md (no arg) or .anonyagent/rules/<slug>.md, then reload | | /rules | Print the currently loaded rules | | /clear | Reset conversation history, keep the placeholder map | | /reset | Reset everything | | /help | Show help | | /exit | Quit |

Env-var overrides (optional)

For CI or scripted use, env vars take precedence over the saved config:

  • ANONYAGENT_API_KEY
  • ANONYAGENT_MODEL
  • ANONYAGENT_BASE_URL
  • ANONYAGENT_NER_MODEL

Modes

  • review (default): every payload that crosses into the cloud LLM is shown to you, fully anonymized, before being sent. Two checkpoints:
    1. Your message, just after the local detector ran.
    2. Each tool result, after the agent ran it locally and the output was re-anonymized. Tool execution itself happens without prompting — the trust boundary is the network, not the filesystem.
  • dangerously-auto-allow (--auto / -y): skips both checkpoints. Every message and every tool result is shipped straight through. Use only when you trust the detection coverage.

Privacy properties

  • The placeholder ↔ original map lives in process memory only. Nothing is persisted to disk, no telemetry leaves your machine.
  • The NER model runs locally; no inference traffic to a third party for detection.
  • The cloud LLM only ever sees the redacted text and the placeholders.

Tests

npx tsx --test src/anonymizer/pipeline.test.ts

Caveats

  • NER is not perfect — uncommon names, mis-cased text and short snippets are weak spots. Always prefer review mode for sensitive work.
  • The default regex set is biased toward Western/US patterns (SSN, credit cards). Extend src/anonymizer/detectors/regex.ts for your locale.

Agent

The CLI is an agent loop — the model can call tools to read your project, search code, write/edit files and run shell commands. Tool calls execute locally without prompting (your filesystem is yours); the prompt only fires after the result has been anonymized, so you can see and approve exactly what is about to leave the machine.

Available tools:

| Tool | Effect | |---|---| | read_file | Read a file with line numbers | | write_file | Create or fully overwrite a file | | edit_file | Replace one unique occurrence of a string | | list_dir | List directory entries | | glob | Find files by glob pattern | | grep | Regex search across files | | bash | Run a shell command (30 s timeout) | | spawn_agent | Delegate a self-contained subtask to a child agent. Multiple calls in one turn run in parallel. Children inherit the same tools and the same placeholder map, so references stay coherent. |

Path arguments outside the project root are refused. Tool results are anonymized through the same allocator as the chat, so [PATH_3] always refers to the same file across the whole session and across sub-agents.