npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

packguard

v0.1.4

Published

Block AI assistant config leaks and secrets before npm publish

Readme

packguard

Block AI assistant config files and secrets before they ship to npm.

A Lakera audit of 46,500 npm packages found 428 containing .claude/settings.local.json. 33 had live API keys inside. On March 31 2026, Anthropic accidentally published the full 512K-line Claude Code source via an npm source map. PackGuard intercepts your tarball at prepublishOnly — before any of that can happen.

Install

# zero-install scan of the current package
npx packguard scan

# wire it permanently into package.json
npx packguard install

What it checks

| Check | Severity | Details | |---|---|---| | AI artifact paths | blocked | .claude/, .cursor/, .codex/, .windsurf/, .copilot/, .aider/ and their state files | | Source maps with embedded source | warning | .js.map files where sourcesContent is non-empty | | Known secret patterns | blocked | Anthropic (sk-ant-*), GitHub (ghp_*), AWS (AKIA*), OpenAI (sk-*), Stripe | | High-entropy strings | warning | Shannon entropy > 4.5 on strings of 20+ chars |

Blocked findings exit 1 and prevent publish. Warnings pass but are logged.

Usage

# scan the current directory
packguard scan

# scan a specific directory
packguard scan ./my-package

# add prepublishOnly hook to package.json
packguard install

After packguard install, your package.json gets:

{
  "scripts": {
    "prepublishOnly": "packguard scan"
  }
}

Now npm publish will automatically scan before shipping. If anything is blocked, publish stops with exit 1.

Example output

packguard v0.1.0

Scanning tarball for /your/package...

────────────────────────────────────────────────────────────────────────────────
FILE                                    STATUS   REASON
────────────────────────────────────────────────────────────────────────────────
.claude/settings.local.json             BLOCKED  ai_artifact:.claude
.cursor/mcp.json                        BLOCKED  ai_artifact:.cursor
dist/index.js.map                       WARNING  source_map_with_sources
────────────────────────────────────────────────────────────────────────────────

3 files scanned — 2 blocked  1 warning

✗ Publish blocked. Fix the issues above and retry.

Suppressing false positives

Create a .packguardignore in your project root — same syntax as .gitignore:

# suppress entropy warnings for vendored assets
vendor/fonts/**
public/spritesheet.svg

Org audit log (Pro)

Set PACKGUARD_ORG_TOKEN in your environment to send scan metadata to your org's audit dashboard. No file contents are sent — metadata only (package name, verdict, findings, timestamp).

PACKGUARD_ORG_TOKEN=your_token npm publish

Why not gitleaks / trufflehog / Snyk?

  • gitleaks / trufflehog — run on git history after the fact. No signatures for .claude/, .cursor/, or any AI assistant artifact.
  • Socket.dev — post-publish dependency graph analysis. Doesn't intercept at pack time.
  • Snyk — broad SAST/SCA. Not tuned to AI config files. No prepublishOnly hook.

PackGuard runs at the exact moment before the tarball ships — that's the only moment that matters.

Links

License

MIT