npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

permiscope

v1.0.2

Published

The Trust Layer for AI Agents - Secure gateway for autonomous tools.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

shubhusionshubhusion

Keywords

aiagentssecuritypermissionsgatewaytrust-layerllmpolicy-engineautomation-securitygovernanceai-safety

Readme

🛡️ Secure. 📜 Auditable. 🙋 Human-Driven.

Permiscope is an open-source infrastructure layer that mediates all real-world actions performed by autonomous AI agents. Think of it as OAuth + Policy Engine + Audit System for AI agents.

🚀 Why Permiscope?

Without mediation, agents operate with full system permissions — a single bug or prompt injection can cause catastrophic damage. Permiscope enforces least privilege, human oversight, and auditability by default, making autonomous systems safe for production.

🧠 The Problem

The industry has moved beyond “Look what this agent can do” to “How do I stop this agent from breaking critical systems?”

Current agent frameworks typically operate with:

  • ❌ All-or-nothing permissions
  • ❌ Minimal oversight
  • ❌ Limited traceability
  • ❌ High operational risk

🛡️ The Solution: Mediated Agency

Instead of agents directly accessing files, APIs, or shells, every action flows through Permiscope’s Secure Execution Gateway.

graph LR
    Agent[🤖 AI Agent] --> Gateway[🔒 Secure Gateway]
    Gateway --> Policy{📜 Policy Engine}
    Policy -->|✅ Allow| System[💻 System / API]
    Policy -->|❌ Block| Agent
    Policy -->|🙋 Approvals| Human[👤 Human Admin]
    Human -->|Approve| System
    Gateway -.->|📝 Logs| Audit[Audit Trail]

✨ Key Capabilities

🚀 Quick Start

📦 Installation

npm install permiscope

⚡ 30-Second Quick Start

Get a guided tour of Permiscope in action:

npx permiscope --demo

This demo showcases allowed, blocked, and human-approved actions in a safe environment.

🔐 Security Configuration

Permiscope is designed for high-trust environments. Use these environment variables to harden your installation:

| Variable | Importance | Description | |----------|------------|-------------| | PERMISCOPE_AUDIT_SECRET | Critical | Secret key for HMAC-SHA256 audit log signing. | | PERMISCOPE_DASHBOARD_TOKEN | High | Bearer token required to update approvals via the API/Dashboard. | | PERMISCOPE_STRICT_LOGGING | Medium | Set to true to block actions if the audit log cannot be written. |

🛠️ Execution & CLI

Permiscope allows you to wrap agent commands safely:

  • ✅ Allowed Action:
    permiscope run_command "echo hello"
  • ❌ Blocked Action (Dangerous):
    permiscope run_command "rm -rf /"

💻 Web Dashboard

[!IMPORTANT] In production, always set PERMISCOPE_DASHBOARD_TOKEN for the control plane.

  1. Start the Control Plane:
    # From within the repository
npm run dev:dashboard
  2. Access the Interface: Open http://localhost:3000 to review approvals and live audit trails.

🎯 Framework Agnostic by Design

Permiscope doesn't create agents — it governs what they can do.

Permiscope is a trust layer, not an agent framework. It wraps your existing execution logic with policy enforcement, approvals, and audit logging. Works with:

  • LangChain / LangGraph
  • CrewAI
  • Custom agent loops
  • Scripts and automations
  • Any Node.js/TypeScript code

🏗️ Integration Guide

Primary API: PermiscopeAdapter

import { PermiscopeAdapter } from 'permiscope';

// Create a trust layer with default policy
const permiscope = new PermiscopeAdapter();

// Execute actions through the governed gateway
const content = await permiscope.act('read_file', { path: 'config.json' });

Wrapping Your Agent's Execution

Use wrap() to govern any function:

import { PermiscopeAdapter } from 'permiscope';
import * as fs from 'fs';

const permiscope = new PermiscopeAdapter({ policy: myPolicy });

// Wrap your existing executor
const safeReadFile = permiscope.wrap('read_file', async (params) => {
  return fs.readFileSync(params.path, 'utf-8');
});

// Now your function is governed
const content = await safeReadFile({ path: 'config.json' });

One-Liner Utility: withPermiscope

import { withPermiscope } from 'permiscope';

// Create a governed function in one line
const safeDelete = withPermiscope('delete_file', async (params) => {
  fs.unlinkSync(params.path);
}, { policy: strictPolicy });

await safeDelete({ path: '/tmp/temp.txt' });

Custom Policy Example

import { PermiscopeAdapter, defaultPolicy } from 'permiscope';

const permiscope = new PermiscopeAdapter({
  policy: {
    scopes: [
      ...defaultPolicy.scopes,
      { actionName: 'call_api', decision: 'REQUIRE_APPROVAL' }
    ]
  }
});

🔌 Integration Examples

With a Custom Agent Loop

import { PermiscopeAdapter } from 'permiscope';

const permiscope = new PermiscopeAdapter();

async function agentStep(action: string, params: Record<string, any>) {
  // All actions go through the trust layer
  return permiscope.act(action, params);
}

// Your agent loop
while (hasMoreWork) {
  const nextAction = await agent.plan();
  const result = await agentStep(nextAction.name, nextAction.params);
  await agent.observe(result);
}

With LangChain Tools (Conceptual)

import { PermiscopeAdapter, withPermiscope } from 'permiscope';

// Wrap LangChain tool executors
const safeShellTool = withPermiscope('run_command', async (params) => {
  return shellTool.call(params.command);
});

// Use in your chain
const tools = [safeShellTool, safeFileTool];

🔌 Framework Integrations

Permiscope works with any agent framework or custom workflow.

| Framework | Pattern | Demo | |-----------|---------|------| | LangChain | Wrap Tool Executors | langchain.ts | | CrewAI | Multi-Agent Governance | crewai.ts | | Custom Loops | Mediated act() calls | custom-loop.ts | | Workflows | Functional wrap() | workflow-runner.ts |

Learn more in the Integrations Guide.

🧪 Real-World Scenarios

Check out src/scenarios/ for full demos:

  1. DevOps Agent: Safely edits configs, blocked from restarting services.
  2. Data Agent: Reads raw data, writes processed output, blocked from overwriting raw.

📚 Documentation

See the /docs folder for detailed guides:

🤝 Contributing

We welcome community contributions! Permiscope uses structured templates for Bug Reports, Feature Requests, and Pull Requests.

  1. Fork the repository.
  2. Follow the Contributing Guidelines.
  3. Open a PR with our standardized template.

📄 License

MIT License. See LICENSE for more information.