npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

kalguard

v1.1.4

Published

KalGuard - AI Agent Runtime Security Platform. Install this for the SDK (recommended entry point for agents).

Downloads

508

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

infrarixinfrarix

Keywords

kalguardaiai-agentagentagent-securitysecurityruntimeprompt-firewallprompt-injectiontool-mediationpolicyzero-trustllmllmops

Readme

kalguard is the umbrella package — install it once and you get the SDK with the friendliest possible import path. Under the hood it re-exports the kalguard-sdk client so you can wire prompts and tool calls through the KalGuard sidecar in one line.

If you want lower-level building blocks (policy engine, prompt firewall, agent identity) without the sidecar, install kalguard-core directly.

Why KalGuard

  • Zero Trust by default — every prompt and tool call is mediated.
  • Fail-closed — policy errors or sidecar outages produce deny, never allow.
  • Framework-agnostic — works with any agent runtime: LangChain, LlamaIndex, custom orchestrators, Python over HTTP.
  • Tiny dependency footprint — pure TypeScript, no runtime deps beyond the kalguard/* workspace packages.
  • Observable — every decision is emitted as a structured audit event, ready for your SIEM.

Install

npm install kalguard
# or
pnpm add kalguard
# or
yarn add kalguard

You will also need the sidecar running somewhere reachable. The fastest path:

# With KalGuard Cloud (recommended):
KALGUARD_API_KEY=kg_live_your_key_here kalguard-sidecar

# Local-only mode (deprecated):
# KALGUARD_TOKEN_SECRET=$(openssl rand -hex 32) kalguard-sidecar

See kalguard-sidecar for Docker, Kubernetes, and systemd deployment recipes.

Quick Start

import { KalGuardClient, withPromptCheck, withToolCheck } from 'kalguard';

const guard = new KalGuardClient({
  baseUrl: 'http://localhost:9292',
  token: process.env.KALGUARD_AGENT_TOKEN!,
});

// 1. Mediate every LLM call
const reply = await withPromptCheck(guard, messages, async (safeMessages) => {
  return await llm.chat(safeMessages);
});

// 2. Mediate every tool execution
const result = await withToolCheck(guard, 'get_weather', { location: 'NYC' }, async () => {
  return await tools.getWeather('NYC');
});

If the sidecar denies the request, the wrapper throws — your agent never reaches the LLM or the tool. If the prompt is risky but salvageable, safeMessages contains the sanitized version.

API

new KalGuardClient(options)

| Option | Type | Description | |--------------|----------|-------------| | baseUrl | string | URL of the running sidecar, e.g. http://localhost:9292. | | token | string | Agent bearer token (HMAC-signed). See agent identity. | | requestId? | string | Optional correlation id; auto-generated when omitted. |

withPromptCheck(client, messages, run)

Calls POST /v1/prompt/check. If the sidecar returns allowed: true, runs run(sanitizedMessages ?? messages). Otherwise throws a SecurityDenied error containing the policy reason.

withToolCheck(client, toolName, args, run)

Calls POST /v1/tool/check. Same allow/deny semantics, scoped to a single tool invocation.

For lower-level access, use client.checkPrompt(...) / client.checkTool(...) directly.

Sub-paths

// Identical to the default import — re-exports the SDK
import { KalGuardClient } from 'kalguard';

// Lower-level core: policy engine, prompt firewall, token utilities
import { PolicyEngine, evaluatePrompt, createAgentToken } from 'kalguard-core';

Configuration

The client itself is stateless — all knobs live on the sidecar. The most common environment variables:

| Variable | Purpose | Default | |----------|---------|---------| | KALGUARD_TOKEN_SECRET | HMAC secret for local-only mode (auto-synced from dashboard when KALGUARD_API_KEY is set) | (deprecated for Cloud users) | | KALGUARD_PORT | Sidecar listen port | 9292 | | KALGUARD_POLICY_PATH | Path to the JSON policy file | (default-deny if unset) |

See the full reference in the kalguard-sidecar README.

Examples

Compatibility

  • Node.js: 20 LTS or newer (uses native fetch).
  • Runtime: ESM only. CommonJS consumers can use dynamic import('kalguard').
  • Browser: not supported — agent tokens are signed server-side and must never reach a user's device.

Contributing

Issues and pull requests are welcome. Read CONTRIBUTING.md and CODE_OF_CONDUCT.md before opening a PR.

Security

Found a vulnerability? Please follow SECURITY.md — do not open a public issue.

License

Apache-2.0 © KalGuard Contributors

Part of the Infrarix AI Infrastructure ecosystem