npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

multicorn-shield

v1.12.1

Published

The control layer for AI agents: permissions, consent, spending limits, and audit logging.

Downloads

972

Readme

Multicorn Shield

Most AI coding agents inherit direct access to MCP tools, terminals, mail, and spend with no enforced guardrails, and Shield inserts consent workflows, budgets, policy checks, and tamper-evident logging before governed calls execute.

  • Permission enforcement - Policy checks on scoped access so agents can't wander past what you granted.
  • Consent flows - Human-in-the-loop approval when the model asks for new or risky actions.
  • Audit trails - Structured activity logs with append-only hashing so history is harder to forge.
  • Spending controls - Per-session and rolling limits aligned with budgets you set on the dashboard.
  • Anomaly detection - Surfaces spikes and outliers in agent behaviour before they become incidents.

npm version MIT Licence CI

Supported agents

npx multicorn-shield init walks you through native plugins only: OpenClaw, Claude Code, Windsurf, Cline, Gemini CLI, OpenCode, and Codex CLI. Native plugins govern files, terminal, and browser tools exposed by the host.

MCP-only clients (Cursor, Claude Desktop, GitHub Copilot, Kilo Code, Continue, Goose, and other hosted MCP setups) are configured in the Multicorn dashboard. The init menu includes a link there if you do not see your agent.

The full platform registry in INIT_WIZARD_PLATFORM_REGISTRY still lists every supported slug. Integration mode follows the Shield threat model: native plugins inspect the whole tool surface exposed by the host; hosted MCP proxy governs MCP-shaped traffic routed through Shield.

Use npx multicorn-shield files --client <name> to write MCP config for any supported coding client (including Cursor and Copilot). Valid --client names: cursor, cline, windsurf, claude, copilot, goose, gemini, codex, continue, kilo, opencode.

For hybrid platforms (Windsurf, Cline, Gemini CLI, OpenCode, Codex CLI), the init wizard defaults to the native plugin. Use npx multicorn-shield init --integration hosted when you want the hosted MCP proxy path instead.

| Agent | Mode | Setup on multicorn.ai | | ------------------------------- | ------------------------------------------------ | --------------------------------------------------------------------- | | OpenClaw | Native plugin | Setup guide | | Claude Code | Native plugin | Setup guide | | Windsurf | Native Cascade hooks (hosted MCP proxy optional) | Setup guide | | Cline | Native hooks | Setup guide | | Gemini CLI | Native hooks | Setup guide | | OpenCode | Native plugin | Setup guide | | Codex CLI | Native hooks | Setup guide | | Cursor | Hosted MCP proxy | Setup guide | | Claude Desktop | Hosted MCP proxy or .mcpb extension | Setup guide | | GitHub Copilot | Hosted MCP proxy | Setup guide | | Kilo Code | Hosted MCP proxy | Setup guide | | Continue | Hosted MCP proxy | Setup guide | | Goose | Hosted MCP proxy | Setup guide |

For any other MCP client on stdio, use npx multicorn-shield --wrap or set up a hosted agent in the dashboard.

Quick start

Fastest path to a governed proxy (full walkthrough):

npm install -g multicorn-shield
npx multicorn-shield init

The wizard prompts for your API key (mcs_… from app.multicorn.ai) and merges platform-specific snippets into the right config paths. Run it again any time you add another host agent. Inspect saved agents with:

npx multicorn-shield agents

After init, wrap your MCP server when you launch it:

npx multicorn-shield --wrap <your-existing-mcp-command>

Shield bundles an OpenClaw plugin under dist/openclaw-plugin/ if you prefer native interception over wrapping the MCP process. Claude Desktop users can sidestep manual JSON editing with the downloadable .mcpb bundle from multicorn.ai/shield. Need the SDK directly? Jump to SDK snippet and the getting started tutorial.

Links

| Resource | URL | | -------------- | ------------------------------------------------ | | Docs hub | https://multicorn.ai/shield | | Product docs | https://multicorn.ai/docs/getting-started | | Live dashboard | https://app.multicorn.ai | | Source | https://github.com/Multicorn-AI/multicorn-shield |

Changelog: CHANGELOG.md · Contributing: CONTRIBUTING.md · Security: SECURITY.md

SDK snippet

Install as a dependency when you embed consent screens or bespoke logging paths:

npm install multicorn-shield
import { MulticornShield } from "multicorn-shield";

const shield = new MulticornShield({ apiKey: "mcs_your_key_here" });

const decision = await shield.requestConsent({
  agent: "OpenClaw",
  scopes: ["read:gmail", "write:calendar"],
  spendLimit: 200,
});

await shield.logAction({
  agent: "OpenClaw",
  service: "gmail",
  action: "send_email",
  status: "approved",
});

Configuration

The hosted getting started guide spells out CLI quick starts and SDK bootstrap defaults. MCP adapter knobs, consent payloads, CLI flags for the proxy wrapper, spending helpers, and every public export are covered by TypeDoc emitted with pnpm docs into docs/api/.

Architecture

Your agent / Browser
           │
           ▼
multicorn-shield SDK · CLI · local proxy shim
           │
        HTTPS (see Network behaviour below)
           ▼
   Multicorn hosted API -> Dashboard UI

For module-level internals (consent renderer, MCP adapter, spending checker, proxies), regenerate TypeDoc locally (pnpm docs) and skim docs/adr/.

The SDK validates scopes client-side before calling hosted persistence. MCP proxy setups add localhost-only IPC (127.0.0.1) between wrapper and MCP child.

See Network behaviour for reachable hosts.

Network behaviour

  • api.multicorn.ai: Consent workflows, approvals, auditing, spends. Calls happen only while your code or CLI path runs Shield. There is no import-time network activity.
  • localhost: Proxy-local IPC during stdio MCP wrapping. Traffic never leaves the machine.
  • CLI config: The wizard writes your API key into ~/.multicorn/config.json on disk. The in-app SDK keeps keys in memory unless you persist them yourself.

No third-party telemetry.

Dashboard

Approve, reject, revoke, tune budgets, and watch live traffic at app.multicorn.ai. Works for both MCP proxy setups and bespoke SDK integrations.

Development

Requires Node.js 20+ and pnpm 9+.

git clone https://github.com/Multicorn-AI/multicorn-shield.git
cd multicorn-shield
pnpm install
pnpm test
pnpm build

| Script | Meaning | | -------------------- | ------------------------------------ | | pnpm build | Produce ESM+CJS bundles with tsup | | pnpm dev | tsup watch mode | | pnpm lint | ESLint + Prettier | | pnpm lint:fix | ESLint autofix plus Prettier write | | pnpm test | Vitest unit suite | | pnpm test:coverage | Vitest plus Istanbul instrumentation | | pnpm typecheck | tsc --noEmit | | pnpm docs | Typedoc emission into docs/api/ |

Detailed notes live in src/ headers and docs/adr/.

multicorn-shield/
├── src/                 # SDK, CLI, MCP adapter, consent web component
├── plugins/             # Host-specific hooks (Cline, Codex CLI, Windsurf, OpenCode…)
├── bin/                 # Executable entry stubs
├── docs/adr/            # Architecture decision records
└── examples/            # Runnable HTML snippets

Publishing & ownership

Published by multicorn-ai on npm. CI runs lint, types, tests, and build before every release. See SECURITY.md for supply-chain concerns. Operational detail lives in CONTRIBUTING.md.

Contributing

Patches welcome: read CONTRIBUTING.md, open issues for platform gaps, attach repro logs whenever hooks mis-fire.

Licence

MIT © Multicorn AI Pty Ltd