npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

fenrir-harness

v1.12.0

Published

Permissionless, self-evolving offensive-security harness for Hermes Agent. Vibe-hack any target, ingest any tool, persist learnings across sessions. CTF / bug-bounty / pentest / research / education.

Downloads

452

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

m4xx101m4xx101

Keywords

hermes-agenthermesskillagentskillssecurityoffensive-securitypentestbug-bountyctfred-teamreconexploitvibe-hackingfenrir

Readme

AI explores. Code confirms. The wiki remembers.

Three pillars. Pillar 1 = few-shot reasoning across 6 AI runtimes. Pillar 2 = deterministic non-LLM validators triagers can re-run without trusting the submitter. Pillar 3 = opt-in community-trained wiki at fenrir-commons.

Quick start

# Pick your runtime; one of: --hermes --claude --codex --opencode --openclaw --pi-agent
npx -y fenrir-harness@latest --claude --global

Or via the curl one-liner (auto-detects bunx → pnpm → npx → npm):

curl -fsSL https://raw.githubusercontent.com/m4xx101/fenrir-harness/main/scripts/install.sh \
  | bash -s -- --claude --global

After install, in the host runtime: /skill fenrir.

Install matrix

| Method | Command | |---|---| | npx | npx -y fenrir-harness@latest <runtime> --global | | npm install -g | npm install -g fenrir-harness && fenrir-harness <runtime> --global | | pnpm dlx | pnpm dlx fenrir-harness@latest <runtime> --global | | bunx | bunx fenrir-harness@latest <runtime> --global | | curl one-liner | curl -fsSL https://raw.githubusercontent.com/m4xx101/fenrir-harness/main/scripts/install.sh \| bash -s -- <runtime> --global | | git clone | git clone https://github.com/m4xx101/fenrir-harness && cd fenrir-harness && node bin/install.js <runtime> --global |

Lifecycle commands

| Action | Command | |---|---| | Install | --<runtime> --global | | Reinstall (clean) | --<runtime> --reinstall --global | | Uninstall | --<runtime> --uninstall --global | | Reset (uninstall + delete manifest) | --<runtime> --reset --global | | Status (one runtime) | --<runtime> --status | | Status (all runtimes at once) | --status --all |

Add --json for scripted output. Add --dry-run to preview install plan.

Upgrading

Existing users pick up new versions with one command per installed runtime:

npx -y fenrir-harness@latest --reinstall --<runtime> --global

--reinstall is manifest-driven — the wiki at ~/.hermes/wiki/fenrir/, all engagement bundles at ~/fenrir-engagements/<slug>/, and any STATE.md files are preserved. Only the skill content (SKILL.md, agents, references, scripts) is refreshed from the new package version.

What you get

  • 6 runtime targets — Hermes, Claude Code, OpenAI Codex, OpenCode, OpenClaw, Pi-Agent (EXPERIMENTAL).
  • 17 specialists including general-vuln-analyst.md (few-shot reasoner) and chain-builder.md (mechanical chain-walk on the 103-row chain-table).
  • 50 tool cards loaded every Phase 0 — RE / cloud audit / IaC / web exploit / recon / OOB / browser. Pre-populated catalogue at source/skills/tools-inventory/.
  • 146 pitfall entries mined from real-engagement corpora — schema-validated do not repeat this register.
  • 5 methodology entries (attribution preserved): Jhaddix BHM v4, Imran Parray Recon + JS Recon, Binary Brotherhood OAuth, Hackerscroll SSRF.
  • 103-row chain-table — capability → next-bug literal lookup keyed by 36-slot taxonomy.
  • 8 first-class CLIs — see below.

The 8 CLIs

| CLI | What it does | |---|---| | fenrir-harness | install / reinstall / uninstall / reset / status (lifecycle matrix) | | fenrir-doctor | bootstrap / verify / update / retry / show-lock for the host-side tool inventory (Linux+macOS / WSL2 only) | | fenrir-tools | browse the inventory: list / info / install / rm / categories / search | | fenrir-validate | re-run repro artifacts; emit signed receipts (for triagers) | | fenrir-verify-receipt | offline Ed25519 receipt verification (triagers, vendors) | | fenrir-commons-sync | pull anonymized community wiki entries from fenrir-commons | | fenrir-commons-push | stage anonymized contribution for PR (no auto-push) | | fenrir-commons-list | inspect what commons-sync has pulled |

Tool inventory (fenrir-doctor + fenrir-tools)

After install, fenrir-doctor bootstraps the 8-tool Go essentials kit (subfinder, dnsx, httpx, naabu, katana, ffuf, nuclei, interactsh-client). It runs automatically on first install of any runtime.

fenrir-doctor                              # bootstrap essentials
fenrir-doctor --categories recon,scanning  # category-scoped bootstrap
fenrir-doctor verify                       # check what's still installed
fenrir-doctor retry                        # retry quarantined tools
fenrir-doctor update --all                 # bump pinned versions

Browse the inventory:

fenrir-tools list                                  # all 50 cards
fenrir-tools list --category recon                 # filter by category (12 categories)
fenrir-tools list --category recon --tags passive  # AND-compose tags
fenrir-tools install <tool>                        # one-off install via card
fenrir-tools categories                            # show all 12 categories with counts

Host-level state lives at $FENRIR_HOME (default ~/.fenrir):

  • inventory.json — manifest (intent + state per tool)
  • versions.lock — TOML pinned versions for reproducibility
  • logs/doctor-<ISO>.log — per-run timestamped logs
  • .backups/ — manifest snapshots

Linux + macOS only in v1.12; on Windows, run inside WSL2.

All 6 share --json and --help. All 6 install via the same bin/ entry block in package.json.

Verifying findings (for triagers)

If you receive a fenrir-generated finding with a repro/<id>.{http,sh,py,gdb} artifact, you can re-verify WITHOUT installing fenrir or trusting the submitter:

npx -y fenrir-harness@latest validate <repro-dir>
# → re-runs each artifact ≥3 times, demands ≥2/3 successes,
#   writes <repro-dir>/receipts/<id>.receipt.json

If signed with the vendor's Ed25519 key, verify offline:

npx -y fenrir-harness@latest verify-receipt <receipt.json> --pubkey <vendor.pem>

This is the open-source counterpart to closed deterministic-validator narratives. Non-LLM, re-runnable, signable. See ADR-0012, ADR-0013.

Federated wiki (opt-in)

Pull community entries:

npx -y fenrir-harness@latest commons-sync
# → ~/.hermes/wiki/fenrir/community/{techniques,payloads,pitfalls,methodologies,oob}/

Inspect what synced:

npx -y fenrir-harness@latest commons-list                    # pretty
npx -y fenrir-harness@latest commons-list --subtree pitfalls # filtered
npx -y fenrir-harness@latest commons-list --json             # scriptable

Stage anonymized contributions for upstream PR:

npx -y fenrir-harness@latest commons-push <entry-path>
# → stages a sanitized copy at <tmp>/fenrir-commons-staging/, ready for `gh pr create`

The contributor-side anonymizer (source/scripts/anonymize.py) and commons-side PR validator both enforce 11+ pattern classes for PII / credentials / internal hostnames / vendor names. Federation is opt-in at every step — per engagement, per entry, per PR. No telemetry. No central service.

See ADR-0015, ADR-0016, ADR-0017.

Architecture

┌────────────────────────────────────────────────────────────────────┐
│ bin/install.js              install / reinstall / uninstall /     │
│                              reset / status                        │
│ bin/fenrir-validate         deterministic verifier                 │
│ bin/fenrir-verify-receipt   offline signature check                │
│ bin/fenrir-commons-sync     pull community entries                 │
│ bin/fenrir-commons-push     stage contributions                    │
│ bin/fenrir-commons-list     inspect synced state                   │
└──────┬─────────────────────────────────────────────────────────────┘
       ▼
┌────────────────────────────────────────────────────────────────────┐
│ transformers/  (Target ABC + per-runtime targets, manifest-driven) │
│  targets/{hermes,claude_code,codex,opencode,openclaw,pi_agent}.js  │
│  base.js  manifest.js  scopes.js  sources.js  translators.js       │
└──────┬─────────────────────────────────────────────────────────────┘
       ▼
┌────────────────────────────────────────────────────────────────────┐
│ source/  (the runtime-agnostic skill content the targets render)   │
│  SKILL.md (orchestrator brain — 6 unconditional rules + pipeline)  │
│  agents/  (17 specialists incl. chain-builder, general-vuln, etc.) │
│  scripts/ (verify.py, anonymize.py, statusline.py, oob.py, ...)    │
│  references/  (chain-table.md 103-row lookup, pipeline, slot-types)│
│  wiki-seeds/  (146 pitfalls + 5 methodologies + seeds)             │
│  skills/tools-inventory/  (50 cards loaded every Phase 0)          │
│  runtime/<runtime>/skill-bridge.md  (delegation to host skills)    │
└────────────────────────────────────────────────────────────────────┘

Full architecture: docs/ARCHITECTURE.md. All 21 design records: docs/adr/.

Strategic positioning

| Pillar | Status | |---|---| | AI explores (multi-runtime, 50 tools, 17 specialists, 103-row chain-table) | ✅ shipped | | Code confirms (validate + verify-receipt + signed Ed25519 receipts) | ✅ shipped | | The wiki remembers (fenrir-commons opt-in federation) | ✅ shipped + deployed | | Operator lifecycle (install / reinstall / uninstall / reset / status) | ✅ shipped |

Development

git clone https://github.com/m4xx101/fenrir-harness && cd fenrir-harness

# Tests (zero-dep — node:test built-in)
node --test transformers/tests/*.test.js transformers/tests/targets/*.test.js
python -m pytest source/scripts/

# Smoke each runtime
for r in hermes claude codex opencode openclaw pi-agent; do
  node bin/install.js --$r --local --dry-run > /dev/null && echo "$r: OK"
done

CI runs the full suite on Linux + Windows × Node 20 + 22.

Test count: 781 node + 17 pytest.

License

MIT. Third-party-license attribution: THIRD_PARTY_LICENSES.md.

Companion repo

m4xx101/fenrir-commons — community-trained wiki entries.

Contributing

See docs/CONTRIBUTING.md. For wiki entries to the community pool, see fenrir-commons CONTRIBUTING.md.