npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

foreman-agent

v0.1.6

Published

Your local AI agents talk to each other. You should know what they're saying.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

tuzlu07xtuzlu07x

Keywords

mcpai-agentslocal-firstterminalsecurityaudittypescriptinksqlite

Readme

Your local AI agents talk to each other. You should know what they're saying.

A terminal-first guardian that mediates every call between the AI agents on your machine, scores each request for risk, and asks you before anything dangerous happens.

npm website license node platform PRs welcome

Website · Install · Quick start · Docs · Integrations · Roadmap

🦫 What is this?

When your machine runs Claude Code, Hermes, OpenClaw and friends side by side, they call each other and reach for your files, your network, and your shell — and nobody is watching. Foreman sits in the middle of all of it.

| | | | -------------- | -------------------------------------------------------------------------------------------------- | | 🛡️ Mediate | Every MCP call between your agents and their tools flows through Foreman. | | 📊 Score | Heuristic rules flag secret-file access, outbound network, shell exec, and cross-agent calls. | | 🙋 Ask | When a request crosses the threshold, you decide in the terminal: [a]llow / [d]eny / [r]emember. | | 📝 Log | Every request hits a local SQLite store with full-text search (FTS5) for audit. |

If a phishing email tells your assistant agent to share your .env, Foreman sees it, scores it 80/100, and asks before anything leaves your machine.

Install

The fastest path — also installs Node 20 LTS via nvm if you don't already have it:

curl -fsSL https://raw.githubusercontent.com/tuzlu07x/foreman/main/install.sh | bash

Homebrew (macOS / Linuxbrew):

brew tap tuzlu07x/foreman
brew install foreman-agent

npm (if you already manage Node yourself, >= 20 required):

npm install -g foreman-agent

| Variable / flag | Effect | | ------------------------ | ---------------------------------------------------------- | | FOREMAN_VERSION=0.1.0 | Pin a specific release | | FOREMAN_INSTALL_PREFIX | Use a non-default npm prefix | | FOREMAN_SKIP_NVM=1 | Refuse the nvm bootstrap path | | --uninstall | Remove the global package (~/.foreman/ is left in place) |

🪟 Windows: Foreman runs through WSL2 (Ubuntu 22.04) today — it assumes a POSIX shell, so native PowerShell / npm install on Windows isn't supported yet. Full walkthrough and the WSL2-specific quirks are in docs/windows-wsl2.md. Native Windows lands in v0.2+.

Quick start

foreman init                 # create ~/.foreman/ (db, keypair, policy.yaml)
foreman start                # launch the TUI gateway

# Point an agent at Foreman's stdio MCP transport
foreman mcp-stdio

Wire an agent (Claude Code example):

// ~/.config/claude-code/mcp.json
{
  "mcpServers": {
    "foreman": { "command": "foreman", "args": ["mcp-stdio"] },
  },
}

Then watch it work:

foreman log tail --follow    # live request stream
foreman agent list           # registered agents
foreman policy show          # active rules

Per-agent recipes:

▶️ 5-minute demo

A scripted phishing scenario walks through the boot banner → idle dashboard → ⚠ approval modal → inspect → remember → audit log:

cd examples/phishing-scenario
./run-demo.sh

See examples/phishing-scenario/STORYBOARD.md for the scene-by-scene script, and docs/scenario-pazartesi-sabahi.md for the longer product narrative that pins Foreman as a pre-execution gate (it stops a .env leak before the call runs — it doesn't undo afterwards).

Supported integrations

Foreman ships three bundled catalogs that drive the wizard, the TUI management pages, and the CLI. Tier-1 entries below; see the linked guides for setup walkthroughs.

| Category | Integrations | | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | | 🤖 Agents (guide) | Claude Code · Codex · Hermes · OpenClaw · ZeroClaw · Generic MCP | | 🧠 LLM providers (guide) | Anthropic · OpenAI · Google Gemini · Ollama (local) · Custom OpenAI-compatible (Groq / Together / OpenRouter / vLLM / LiteLLM) | | 🔌 Services (guide) | Telegram · Discord · Slack · GitHub · Atlassian (Jira / Confluence) · Notion |

Anthropic + OpenAI can also be authenticated by signing in with your Claude or ChatGPT subscription — foreman llm login <provider> (details).

Every integration falls into one of three categories Foreman handles uniformly.

| Transport | Agents | How it works | | ------------------------------------- | ----------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | Bridge (JSON-RPC stdio) | Codex (codex exec-server), Hermes / OpenClaw / ZeroClaw (<binary> acp — ACP standard) | Foreman spawns the agent as a child process and mediates every approval it emits over JSON-RPC. Bidirectional: Foreman injects user directives via session/prompt (ACP) or turn/start (codex). Risk rules fire before each shell / file / network action runs. | | Wrap (synthetic Telegram updates) | Reserved for hypothetical chat-only daemon agents | Replaces the agent's Telegram poller with a Foreman-controlled wrap process that injects synthetic owner-originated updates. Documented + tested; no current agent needs it. | | Legacy hybrid | Claude Code (via PreToolUse hook), Generic MCP | PreToolUse hook for claude-code; chat-post relay for everything else. Pre-bridge baseline that still works for agents without a programmable transport. |

Audit which transport each agent uses via foreman agents show <id>. The wizard surfaces it at install time; foreman doctor flags missing ACP binaries.

Adding entries to the bundled catalogs is documented in docs/registry-maintenance.md. A user-editable upstream registry URL is on the v0.2 roadmap.

How is this different from…?

Tracing tools tell you what happened. Foreman decides what's allowed to happen — locally, before the call lands.

| | Foreman | LangSmith / Helicone | Vanilla MCP | | ---------------------------- | ---------------- | -------------------- | ------------------------- | | Runs on your machine | ✅ local-first | ☁️ cloud SaaS | ✅ local | | Mediates agent-to-agent | ✅ | tracing only | direct calls, no mediator | | Asks before risky calls | ✅ in terminal | post-hoc dashboard | no approval layer | | Audit log under your control | ✅ SQLite + FTS5 | their cloud | no audit | | Identity per agent | ✅ Ed25519 | n/a | n/a | | Open source | ✅ MIT | proprietary | spec |

The closest mental model: a personal-scale gateway with an audit log, for the multi-agent setups people now run at home.

Roadmap

  • v0.1 — Today. Single-machine gateway, heuristic risk scoring, Ink TUI, SQLite audit, MCP stdio.
  • 🔜 v0.2 — Cross-machine mesh. foreman link, optional Tailscale, master/child keys, primary-device approval.
  • 🧠 v0.3 — Smart risk. Optional Llama Prompt Guard 2, intent classification, token budget enforcement.
  • 🧩 v0.4 — Ecosystem. Plugin API, Cedar policy support, official Hermes / OpenClaw adapters.

Documentation

📖 Hosted docs: foreman-agent.com — the guides below, nicely rendered and searchable.

| Doc | What's inside | | ---------------------------------------------------------------- | ------------------------------------------------------------- | | FOREMAN.md | Full design doc — architecture, services, schema | | FOREMAN-TUI.md | TUI / brand spec — palette, mascot, layout, screens | | docs/architecture.md | Runtime behavior — mediator pipeline, approval flow, sessions | | docs/agent-lifecycle.md | Install / disable / enable / block / remove agents | | docs/llm-providers.md | LLM provider catalog reference | | docs/services.md | Service catalog + setup walkthroughs | | docs/registry-maintenance.md | Adding entries to the bundled catalogs |

Contributing

PRs and issues welcome. Start with CONTRIBUTING.md and the Code of Conduct.

Website: foreman-agent.com · Repo: github.com/tuzlu07x/foreman · Issues: /issues

MIT © 2026 Fatih Tuzlu

Built for developers running more than one agent. 🦫 Foreman the Beaver is watching.