npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

authority-layer

v0.1.5

Published

Runtime guardrails for AI agents that enforce token budgets, loop limits, and tool rate limits locally.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

justinbuildsjustinbuilds

Keywords

ai-agentsagent-runtimeruntime-guardrailsllm-guardrailstoken-cost-controlexecution-limitsrate-limitingautonomous-agentsagentic-aiai-infrastructureruntime-safetytypescriptnodejs

Readme

AuthorityLayer

CI npm version License: MIT Node.js >= 18

Hard execution and budget limits for autonomous agents — enforced locally.

✔ No telemetry
✔ Works fully offline
✔ Fail-closed by default
✔ Zero runtime dependencies

Why AuthorityLayer Exists

Autonomous AI agents can fail in expensive, hard-to-detect ways:

  • Runaway token spend — a looping agent burns thousands of dollars before anyone notices
  • Infinite tool loops — agents retry the same failing call indefinitely
  • Retry storms — cascading failures hammer external APIs with no ceiling
  • Cascading tool call explosions — one agent spawns sub-calls that spawn more

Most tooling detects these problems after they happen — in dashboards, alerts, or post-run analytics.

AuthorityLayer prevents them inside the runtime, before cost or damage accumulates.

It helps developers:

  • prevent runaway LLM costs
  • stop infinite agent loops
  • limit AI agent tool calls per run and per minute
  • enforce runtime safety for autonomous agents

Live Enforcement Demo (10-second example)

AuthorityLayer enforcement demo

Quick Start

npm install authority-layer

Verify the install:

npx authority-layer doctor
AuthorityLayer Doctor  [email protected]

  ✔  Node.js version >= 18                  pass
  ✔  crypto module (sha256)                 pass
  ✔  AUTHORITY_LAYER_DISABLE not set        pass
  ✔  core module loads offline              pass
  ✔  AuthorityLayer instantiates            pass

All checks passed. AuthorityLayer is ready.

CLI Tools

| Command | What it does | |---------|-------------| | npx authority-layer doctor | Verify your installation passes all environment checks | | npx authority-layer simulate | Run a live enforcement simulation — see a halt in action without writing any code |

Minimal Integration

import { AuthorityLayer, EnforcementHalt } from "authority-layer";

const authority = new AuthorityLayer({
  budget:       { dailyUSD: 50 },           // Hard USD spend cap
  loopGuard:    { maxToolCallsPerRun: 25 }, // Max tool calls per run
  toolThrottle: { maxCallsPerMinute: 60 },  // Sliding-window rate cap
});

try {
  await authority.wrap(async () => {
    const result = await authority.tool("llm.chat", () =>
      callYourModel(prompt)
    );
    authority.recordSpend(calculateCostUSD(result));
  });
} catch (err) {
  if (err instanceof EnforcementHalt) {
    console.error(err.enforcement);
    // { status: "halted", reason: "budget_exceeded", limit: 50, spent: 52.14, event_id: "evt_..." }
  }
}

Enforcement Primitives

AuthorityLayer V1 provides three composable enforcement primitives. Each is opt-in — omit a config key to disable it.

These primitives enforce boundaries directly inside the execution loop — not in dashboards or external monitoring.

| Primitive | Config key | What it enforces | |-----------|------------|------------------| | Budget cap | budget.dailyUSD | Cumulative USD spend across the process lifetime. Halts when spend exceeds the cap. → docs | | Loop guard | loopGuard.maxToolCallsPerRun | Total tool calls per wrap() invocation. Counter resets each run. → docs | | Tool throttle | toolThrottle.maxCallsPerMinute | Rate of tool calls using a sliding 60-second window — no fixed buckets. → docs |

When a primitive breaches, AuthorityLayer throws a typed EnforcementHalt error with a structured .enforcement object. Execution never crashes silently.

How AuthorityLayer Is Different

Most AI guardrail tools focus on moderation or observability. AuthorityLayer focuses on runtime enforcement.

| Tool type | What it does | |-----------|-------------| | Prompt guardrails | Filter or rewrite prompts and outputs | | Observability platforms | Analyze agent behavior after execution | | Cost analytics | Track and report token usage | | AuthorityLayer | Enforces hard limits during execution — halts immediately when a boundary is crossed |

Documentation

| Topic | File | |------|------| | Concepts & philosophy | docs/concepts.md | | Enforcement primitives | docs/enforcement.md | | API reference | docs/api.md | | Integrity chain | docs/integrity.md | | Example run | npm run example |

AuthorityLayer is designed as a minimal enforcement primitive — not a platform, dashboard, or governance system.

License

MIT © 2025 AuthorityLayer Contributors

GitHub · npm · Issues