npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

scafld

v2.0.0

Published

Spec-driven development framework for AI coding agents

Downloads

1,747

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

auscasterauscaster

Keywords

aiclideveloper-toolsplanningspec-driven

Readme

scafld

Review Gate Smoke

scafld builds long-running AI coding work under adversarial review, so your agent stays coherent across the whole job.

Canonical repo: https://github.com/nilstate/scafld. Default branch: main.

Most AI coding tools optimize for speed inside one turn. scafld optimizes for correctness across the whole run:

  • the work starts from a reviewed spec
  • execution stays phase-bounded and measurable
  • completion is gated by an independent challenger at review

The differentiator is simple: the agent does not get to grade its own homework.

Identity

scafld is a scaffold in the literal sense: temporary structure that shapes the build while the work is in progress.

The lifecycle stays familiar:

draft -> harden -> approve -> build -> review -> complete

What changed is the core model underneath it.

Primitives

Two nouns carry the system:

  • spec: what must be true. The reviewed contract and lifecycle source of truth.
  • session: what happened. The durable run ledger under .scafld/runs/{task-id}/session.json.

handoff is transport, not a primitive. It is the structured brief for the next voice.

Every generated handoff is:

  • immutable
  • sibling *.md + *.json
  • tagged by role × gate

Current runtime pairings:

  • executor × phase
  • executor × recovery
  • challenger × review

Review Gate

Challenge fires at one gate only in v1: review.

That keeps the system sharp without turning every phase into ceremony.

  • review emits a challenger handoff
  • the challenger writes a verdict into .scafld/reviews/{task-id}.md
  • complete closes only if the review gate passes, or a human applies the audited override path after a completed challenger round

The override path is explicit:

scafld complete <task-id> --human-reviewed --reason "manual audit"

That override is available only after a completed challenger review round exists.

Runtime Layout

.scafld/
  specs/{drafts,approved,active,archive}/
  runs/
    {task-id}/
      handoffs/
        executor-phase-phase1.md
        executor-phase-phase1.json
        executor-recovery-ac1_1-1.md
        executor-recovery-ac1_1-1.json
        challenger-review.md
        challenger-review.json
      diagnostics/
        ac1_1-attempt1.txt
      session.json
    archive/{YYYY-MM}/{task-id}/

Hard rules:

  • spec never carries runtime state
  • handoff is never read back to compute state
  • session is the only durable run-state source
  • recovery is a handoff gate plus counters in session, not a subsystem
  • telemetry is a view of session, not a separate artifact
  • v1 makes zero spec schema changes

Agent Surface

Default help teaches the slim workflow surface, including repo seeding:

scafld init
scafld plan <task-id>
scafld approve <task-id>
scafld build <task-id>
scafld review <task-id>
scafld complete <task-id>
scafld status <task-id>
scafld list
scafld report
scafld handoff <task-id>
scafld update

Use scafld --help --advanced to show the remaining operator tools such as harden, validate, branch, sync, audit, diff, summary, checks, and pr-body.

Wrapper intent:

  • plan: create a draft spec or reopen harden on an existing draft
  • build: start approved work and immediately drive validation to the next handoff or block
  • review: run the adversarial review gate and emit the challenger handoff
  • status: expose the canonical next_action and current_handoff

When the workspace includes them, the wrapper scripts are optional handoff adapters for Codex and Claude Code. The default challenger path is now scafld review itself.

.scafld/core/scripts/scafld-codex-build.sh <task-id>
.scafld/core/scripts/scafld-codex-review.sh <task-id>
.scafld/core/scripts/scafld-claude-build.sh <task-id>
.scafld/core/scripts/scafld-claude-review.sh <task-id>

Success Metrics

scafld claims quality lift only where it can measure it.

The canonical metrics are:

  • first_attempt_pass_rate
  • recovery_convergence_rate
  • challenge_override_rate

report surfaces all three per task and in aggregate.

Use scafld report --runtime-only to focus on tasks with runtime session data.

It also surfaces review-signal counts such as completed challenger rounds, grounded findings, and clean reviews that still record what was attacked.

There is also one honest boundary: scafld can emit a better handoff, but an external harness may still ignore it. That is why the metrics are framed as session outcomes, not proof of prompt consumption.

Install

pip install scafld
npm install -g scafld
git clone https://github.com/nilstate/scafld.git ~/.scafld && ~/.scafld/install.sh
curl -fsSL https://raw.githubusercontent.com/nilstate/scafld/main/install.sh | sh

pip install scafld installs the console entry point plus the managed runtime bundle used by scafld init and scafld update.

npm install -g scafld installs the same CLI package for environments that ship tooling through npm. The CLI still requires python3 at runtime. Commands that edit Markdown spec front matter, such as scafld harden, also require PyYAML in that Python runtime:

python3 -m pip install PyYAML

Setup

cd your-project
scafld init

This creates the managed runtime bundle, prompts, schemas, run directories, and project-owned overlays:

your-project/
  .scafld/
    scafld/                # Managed reset copy refreshed by `scafld update`
    config.yaml            # Project config overlay
    config.local.yaml      # Local machine overrides
    prompts/               # Active project-owned template sources
    runs/                  # Generated handoffs, diagnostics, session state
    reviews/               # Adversarial review artifacts
    specs/                 # Specs by lifecycle state
  AGENTS.md
  CLAUDE.md
  CONVENTIONS.md

Start by customizing:

  1. AGENTS.md
  2. CLAUDE.md
  3. CONVENTIONS.md
  4. .scafld/config.local.yaml

When the workspace includes them, the handoff-first wrappers are:

  • .scafld/core/scripts/scafld-codex-build.sh <task-id>
  • .scafld/core/scripts/scafld-codex-review.sh <task-id>
  • .scafld/core/scripts/scafld-claude-build.sh <task-id>
  • .scafld/core/scripts/scafld-claude-review.sh <task-id>

Repo-aware planning also works for mixed Python+Node repos. When both stacks are present, scafld merges the signals and prefers concrete detected commands over placeholder defaults.

Prompt ownership is deliberate:

  • .scafld/prompts/* is the active template layer the runtime reads first
  • .scafld/core/prompts/* is the managed reset copy refreshed by scafld update

Minimal Runtime Config

llm:
  model_profile: "default"
  context:
    budget_tokens: 12000
  recovery:
    max_attempts: 1

Anything beyond that waits until it earns its place through measured wins.

Next Docs

  • docs/execution.md
  • docs/integrations.md
  • docs/review.md
  • docs/run-artifacts.md
  • docs/cli-reference.md
  • AGENTS.md