npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

codebot-ai

v2.7.7

Published

Zero-dependency autonomous AI agent. Code, browse, search, automate. Works with any LLM — Ollama, Claude, GPT, Gemini, DeepSeek, Groq, Mistral, Grok.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

alexpinkonealexpinkone

Keywords

aiai-agentagentautonomousagenticcoding-assistantcode-generationcode-reviewautomationautomation-botllmopenaiclaudegptgeminiollamadeepseekgroqmistrallocal-llmbrowser-automationcliweb-searchsecurityenterprisedevtoolsdeveloper-toolsvscode-extensiongithub-actionsarifpolicy-enginemcpswarmmulti-agentmulti-llm

Readme

CodeBot AI

Zero-dependency autonomous AI agent

Your local-first AI coding agent. Runs with Ollama (no API keys), edits code, browses the web, automates git/PRs/tests. Multi-LLM swarm mode lets multiple AI models collaborate on your tasks. Enterprise security from day 1.

npm version CI license tests dependencies tools swarm node

npm install -g codebot-ai && codebot --setup

Works with any LLM — Ollama (local, free), Claude, GPT, Gemini, DeepSeek, Groq, Mistral, Grok. Web dashboard, VS Code extension, GitHub Action, multi-LLM swarm, and enterprise security built in.

Install & Run

# Install globally
npm install -g codebot-ai

# Launch interactive mode
codebot

# Or run without installing
npx codebot-ai

First run launches the setup wizard — pick your model, paste an API key (or use local LLM), done.

# Local LLM (no API key needed)
ollama pull qwen2.5-coder
codebot --setup       # select "ollama"

# Web dashboard
codebot --dashboard   # opens localhost:3120

# Full autonomous mode
codebot --autonomous "refactor auth module and run tests"

What It Does

| Capability | How | |-----------|-----| | Write & edit code | Reads your codebase, makes targeted edits, runs tests | | Run commands | Shell execution with security filtering and sandbox support | | Browse the web | Controls Chrome via DevTools Protocol — navigate, click, type, screenshot | | Search the internet | Real-time web search for docs, APIs, current info | | Web dashboard | Sessions, audit trail, metrics, and Command Center at localhost:3120 | | Schedule routines | Cron-based recurring tasks — monitoring, reports, automation | | Persistent memory | Remembers preferences and context across sessions | | Enterprise security | RBAC policies, risk scoring, encrypted audit trail, SARIF export | | Multi-LLM Swarm | Multiple AI models collaborate using debate, pipeline, fan-out, and more |

Multi-LLM Swarm

Launch a swarm of AI agents that collaborate on complex tasks. Mix cloud and local models freely.

codebot --dashboard   # open http://localhost:3120, click "Launch Swarm"

6 Strategies:

  • Auto — Router analyzes your task and picks the best strategy
  • Debate — Multiple agents propose solutions and vote on the best
  • Mixture of Agents — Diverse proposals merged by a synthesizer
  • Pipeline — Sequential stages: plan → research → code → review → test
  • Fan-Out — Parallel subtasks gathered and synthesized
  • Generator-Critic — One agent generates, another critiques, iterate to quality

Supported providers: Anthropic (Claude), OpenAI (GPT), Ollama (local, free), Gemini, DeepSeek, Groq, Mistral, xAI (Grok)

Select providers in the dashboard, type your task, and watch agents stream results in real-time via SSE.

Web Dashboard

Launch with codebot --dashboard or standalone with npx codebot-ai && open http://localhost:3120.

Sessions — Browse and inspect every conversation with message counts and timestamps.

Audit Trail — Cryptographic hash-chained log of every tool execution. One-click chain verification.

Metrics — Session counts, audit events, tool usage breakdown, and activity charts.

Command Center — Interactive terminal, quick actions (git status, run tests, health check), and when connected to the agent: AI chat and tool runner.

8 LLM Providers

| Provider | Models | |----------|--------| | Local (Ollama/LM Studio/vLLM) | qwen2.5-coder, qwen3, deepseek-coder, llama3.x, mistral, phi-4, codellama, starcoder2 | | Anthropic | claude-opus-4-6, claude-sonnet-4-6, claude-haiku-4-5 | | OpenAI | gpt-4o, gpt-4.1, o1, o3, o4-mini | | Google | gemini-2.5-pro, gemini-2.5-flash, gemini-2.0-flash | | DeepSeek | deepseek-chat, deepseek-reasoner | | Groq | llama-3.3-70b, mixtral-8x7b | | Mistral | mistral-large, codestral | | xAI | grok-3, grok-3-mini |

export ANTHROPIC_API_KEY="sk-ant-..."    # or any provider
codebot --model claude-sonnet-4-6

Or use a local model with zero API keys:

ollama pull qwen2.5-coder && codebot --provider ollama --model qwen2.5-coder

32 Built-in Tools

| Tool | Permission | Description | |------|:----------:|-------------| | read_file | auto | Read files with line numbers | | write_file | prompt | Create or overwrite files (undo snapshots) | | edit_file | prompt | Find-and-replace edits with diff preview | | batch_edit | prompt | Multi-file atomic find-and-replace | | execute | always-ask | Run shell commands (security-filtered) | | glob | auto | Find files by pattern | | grep | auto | Search file contents with regex | | git | prompt | Git operations (status, diff, log, commit, branch) | | browser | prompt | Chrome automation via CDP | | web_fetch | prompt | HTTP requests and API calls | | web_search | prompt | Internet search with summaries | | think | auto | Internal reasoning scratchpad | | memory | auto | Persistent memory across sessions | | routine | prompt | Schedule recurring tasks with cron | | code_analysis | auto | Symbol extraction, imports, outline | | code_review | auto | Security scanning and complexity analysis | | multi_search | auto | Fuzzy search: filenames, content, symbols | | task_planner | auto | Hierarchical task tracking | | diff_viewer | auto | File comparison and git diffs | | test_runner | prompt | Auto-detect and run tests (jest, vitest, pytest, go, cargo) | | docker | prompt | Container management (ps, run, build, compose) | | database | prompt | Query SQLite databases (blocks destructive SQL) | | http_client | prompt | Advanced HTTP with auth and headers | | image_info | auto | Image dimensions and metadata | | pdf_extract | auto | Extract text and metadata from PDFs | | ssh_remote | always-ask | Remote command execution via SSH | | notification | prompt | Webhook notifications (Slack, Discord) | | package_manager | prompt | Dependency management (npm, yarn, pip, cargo, go) | | app_connector | prompt | GitHub, Jira, Linear, Slack integrations | | graphics | prompt | Image processing: resize, crop, watermark, convert | | delegate | prompt | Multi-agent task delegation |

Permission levels: auto = runs silently, prompt = asks first (skipped in --autonomous), always-ask = always confirms.

App Connectors

Connect to external services with OAuth or API keys:

| Connector | Capabilities | |-----------|-------------| | GitHub | Issues, PRs, repos, code search | | Jira | Issues, projects, sprints, transitions | | Linear | Issues, projects, teams, cycles | | Slack | Messages, channels, users, threads | | OpenAI Images | DALL-E generation, editing, variations | | Replicate | Run any ML model via API |

Credentials stored in encrypted vault (AES-256-GCM).

Security

Built for enterprise from day one:

 Risk Scoring       6-factor risk scoring on every tool call (0-100)
 Encryption         AES-256-GCM encryption at rest
 Audit Trail        SHA-256 hash-chained, tamper-evident logs
 Sandbox            Docker-based execution with network/CPU/memory limits
 RBAC               Declarative JSON policy engine with per-tool permissions
 SARIF Export       GitHub Code Scanning integration
 SSRF Protection    Blocks localhost, private IPs, cloud metadata
 Secret Detection   15+ patterns (AWS keys, tokens, private keys)
 Path Safety        Blocks writes to system directories
 Session Integrity  HMAC-based tamper detection

See SECURITY.md for the full model.

CLI Reference

codebot                                        # Interactive REPL
codebot "fix the bug in app.ts"                # Single task
codebot --autonomous "refactor auth and test"  # Full auto
codebot --continue                             # Resume last session
codebot --dashboard                            # Web dashboard
codebot --tui                                  # Terminal UI (panels)
codebot --doctor                               # Environment health check
echo "explain this error" | codebot            # Pipe mode
--setup              Run the setup wizard
--model <name>       Model to use
--provider <name>    Provider: openai, anthropic, gemini, deepseek, groq, mistral, xai
--base-url <url>     LLM API base URL
--api-key <key>      API key (or use env vars)
--autonomous         Skip all permission prompts
--resume <id>        Resume a session by ID
--continue, -c       Resume the most recent session
--max-iterations <n> Max agent loop iterations (default: 50)
--tui                Full terminal UI mode
--dashboard          Web dashboard on localhost:3120
--doctor             Environment health checks
--theme <name>       Color theme: dark, light, mono
--no-animate         Disable animations
--no-stream          Disable streaming display
--verbose            Debug output
/help       Show commands           /model     Show or change model
/models     List supported models   /sessions  List saved sessions
/routines   List routines           /auto      Toggle autonomous mode
/undo       Undo last edit          /usage     Token usage
/clear      Clear conversation      /compact   Force context compaction
/metrics    Session metrics         /risk      Risk assessment history
/config     Show configuration      /doctor    Health checks
/toolcost   Per-tool cost breakdown /rate      Rate limit status
/theme      Switch color theme      /quit      Exit

VS Code Extension

code --install-extension codebot-ai-vscode-2.0.0.vsix

Sidebar chat panel, inline diff preview, status bar (tokens, cost, risk level), theme integration.

GitHub Action

- uses: zanderone1980/codebot-ai/actions/codebot@v2
  with:
    task: review    # or: fix, scan
    api-key: ${{ secrets.ANTHROPIC_API_KEY }}

Programmatic API

import { Agent, AnthropicProvider } from 'codebot-ai';

const agent = new Agent({
  provider: new AnthropicProvider({
    apiKey: process.env.ANTHROPIC_API_KEY,
    model: 'claude-sonnet-4-6',
  }),
  model: 'claude-sonnet-4-6',
  autoApprove: true,
});

for await (const event of agent.run('list all TypeScript files')) {
  if (event.type === 'text') process.stdout.write(event.text || '');
}

Plugins & MCP

Custom tools: Drop .js files in .codebot/plugins/:

module.exports = {
  name: 'my_tool',
  description: 'Does something useful',
  permission: 'prompt',
  parameters: { type: 'object', properties: { input: { type: 'string' } }, required: ['input'] },
  execute: async (args) => `Result: ${args.input}`,
};

MCP servers: Create .codebot/mcp.json:

{
  "servers": [{ "name": "my-server", "command": "npx", "args": ["-y", "@my/mcp-server"] }]
}

Build from Source

git clone https://github.com/zanderone1980/codebot-ai.git
cd codebot-ai
npm install && npm run build
./bin/codebot

Stability

  • Auto-retry — exponential backoff on network errors, rate limits, server errors
  • Stream recovery — reconnects if the LLM drops mid-response
  • Context compaction — smart summarization when hitting context limits
  • Process resilience — catches unhandled exceptions, keeps the REPL running
  • 1125 tests — comprehensive coverage across agent, tools, security, and dashboard

npm · GitHub · Changelog · Roadmap · Security

MIT — Ascendral Software Development & Innovation