npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

kern.open

v0.1.2

Published

Security audit tool for AI agents and developers

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

bobpotatobobpotato

Keywords

securityauditai-agentssastscagitleakstrivyhorusec

Readme

KERN Open-Source (kern.open)

KERN is a high-performance security orchestration CLI designed to identify secrets, hardcoded credentials, and configuration vulnerabilities. It acts as a lightweight wrapper around industry-standard security engines, providing a unified interface and standardized JSON output.

🧠 For AI & Agents (Instruction Set)

[!IMPORTANT] Operational Context for LLMs:

  • Syntax: kern audit <target> [flags]
  • Binary Management: KERN manages security binaries automatically. If missing, it triggers an auto-download to .kern_bin/.
  • Integration: Use --json for programmatic analysis.
  • Exit Codes: KERN returns a non-zero exit code only on system failure, not on finding vulnerabilities. This is a deliberate design choice: finding a secret is a "successful" audit result, so we avoid crashing CI/CD pipelines unless the engine itself fails to run.

✨ Features

  • Auto-Provisioning: Automatically detects OS/Architecture and downloads the correct security binaries. This eliminates manual setup and ensures environment parity across different dev machines.
  • Multi-Engine Fusion: Runs multiple security tools in parallel and merges findings. This maximizes coverage without the overhead of running each tool individually.
  • AI-Ready: Designed for seamless integration with LLMs and CI/CD pipelines by providing machine-readable outputs that require zero post-processing.

📦 Installation

npm install -g kern.open
🛠 Command Syntax & General Usage
1. The audit Command
Performs a security scan on a file or directory.

Syntax: kern audit <path> [--engine <name>] [--json]

Path (Required): The path to the file or directory to be audited.

--engine <name> (Optional): Isolates execution to a specific engine (e.g., gitleaks, horusec, trivy). Use this to reduce noise if you are only looking for a specific vulnerability class.

--json (Optional): Recommended for AI usage. Returns a standardized JSON object that abstracts away the different output formats of the underlying engines.

2. The ignore Command
Manages the exclusion list for the scanner via the .kernignore file.

Syntax: kern ignore <action> [<value>]

list: Displays the contents of the .kernignore file. (No value required).

add: Appends a pattern to the exclusion list. Essential for managing false positives.

remove: Removes a pattern from the exclusion list.

📋 Standardized Output Schema (JSON)
By providing a single schema, KERN ensures that your downstream automation doesn't need to change every time a new security engine is added to the backend.
{
  "filename": "string",
  "timestamp": "ISO8601 string",
  "vulnerable": "boolean",
  "issues": [
    {
      "engine": "string",
      "type": "string",
      "severity": "string",
      "file": "string",
      "line": "number",
      "description": "string",
      "evidence": "string",
      "suggested_fix": "string"
    }
  ]
}

📂 Repository Structure
The core logic is strictly separated from runtime artifacts to keep the package lightweight.

bin/kern.js: CLI entry point and command-line interface logic.
lib/core.js: The central orchestration engine responsible for tool execution.
lib/engines/: Adapters for translating third-party tool output to KERN standard.
lib/utils/downloader.js: Handles automated binary management and checksums.
package.json: Project metadata and dependencies.
LICENSE: MIT Legal framework.

Note: Runtime files like .kern_bin/ and .kernignore are generated on-demand and are not part of the source distribution.

📄 License
This project is licensed under the MIT License. See the LICENSE file for details.

Developed by Preister Group