npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

mandatekit

v0.0.2

Published

Sign and verify scope-bound mandates for AI agents. v0, tracks the AP2 Verifiable Intent draft.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

major_mattersmajor_matters

Keywords

ai-agentsap2mandateverifiable-intentpaymentsed25519

Readme

MandateKit (TypeScript) · v0

Sign and verify scope-bound mandates for AI agents. TypeScript port of MandateKit; mandates are wire-compatible with the Python SDK.

v0, tracks the AP2 Verifiable Intent draft (finalization expected Q3 2026). Expect breaking changes.

Crypto uses Node's built-in Ed25519; canonicalization uses the canonicalize package (RFC 8785), byte-identical to the Python SDK's rfc8785 output.

Requirements

Node 22.6+ (the source runs .ts directly via Node's built-in type stripping, so there is no build step for local use). npm run build compiles to dist/ with type declarations for bundlers and npm publishing.

Install

Not yet on npm (v0). For now, clone and build from source:

git clone https://github.com/major-matters/mandatekit
cd mandatekit/typescript && npm install && npm run build

Quick start

import { generateKeypair, compile, verify } from "mandatekit";

const { privateKey, publicKey } = generateKeypair();   // privateKey stays local

const signed = compile(
  "Allow this agent to buy running shoes from any apparel retailer " +
    "up to $500 per transaction, expires June 30",
  { agentId: "agent-7", privateKey },
);

const verdict = verify(
  signed,
  {
    merchant: "Fleet Feet",
    category: "apparel",
    amount: { value: 240, currency: "USD" },   // integer, same unit as the cap
    description: "Brooks Ghost 16 running shoes",
  },
  { trustedKeys: [publicKey] },   // pin the issuer — see Security below
);

console.log(verdict.decision);          // "allow"
console.log(verdict.scope_match_score); // 1
console.log(verdict.rationale);

A $600 charge, an electronics merchant, an expired mandate, a payload edited after signing, or a mandate signed by a key you did not pin all return "deny".

Security model

A valid signature proves integrity, not authority. Pin the issuer with trustedKeys; with neither trustedKeys nor allowUnverifiedIssuer: true, verify() fails closed. Absent scope is denied, empty allow-lists mean "allow nothing", unknown constraint keys are denied, and amounts must be integers (compared like-for-like; caller picks the unit). No replay protection in v0 (max_uses is out, not ignored). Same model as the Python SDK — see ../python/README.md.

The two pieces

The compiler (compile) turns natural language into a signed mandate. Parsing defaults to a deterministic ruleBasedParser; pass your own parser (e.g. an off-the-shelf LLM call) for free-form phrasing. Signing is always local.

The verifier (verify) is deterministic. Inject an intentScorer for intent-basket alignment; without it, intent is left unscored and a missing model never turns a deny into an allow. No fine-tuned model anywhere.

LLM layer (v0 note). The bundled off-the-shelf-LLM helpers live in the Python SDK (mandatekit.llm). They are Python-first in v0 because compile() and verify() take synchronous callbacks while Node's Anthropic SDK is async. In TypeScript, pre-compute and inject: const parsed = await yourLLM(text); compile(text, { ..., parser: () => parsed }), and likewise pass a pre-scored intentScorer: () => score. A native async path is on the roadmap.

Tests

npm test          # node --test, no dev dependencies

License

MIT.