npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

skynot

v0.0.755

Published

Installer for pi-coding-agent embedded as a simple NPX tool to set up a user named `aidev`, and download Pi inside its $HOME (launcher script will be called `spi` instead of `pi`)

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

knocteknocte

Keywords

picoding-agentaillmclituiagentinstaller

Readme

SkyNot NPM Version

Ever tempted to use or try out the infamous pi-coding-agent but got put off by its lack of out-of-the-box sandbox?

Some people use and/or develop guardrails extensions or poor-man sandboxing solutions; others just deploy it to their VPS so that any potential damage is contained.

But the virtue is somewhere in the middle:

  • No need to go to the extreme of complicated cloud deploys to just try out some clanking business.
  • No need to setup potentially-unsafe tweaks or plugins that may give you a false sense of security, or too many permissions issues for your clanker to be productive.

Why not just use the unix model? Give Pi a user in your system, a $HOME where to place its git repositories and you're off to the races.

This repository is just a quick npx tool that helps you set up this ideal approach: run it with a simple npx skynot and it will guide you through the process and ask you for sudo permissions in each step that it requires, informing you of what it is doing at all times.

(This repo is of course opensource too so that you can check that what it says it does is what it really does.)

Installation Steps (performed automatically under-the-hood by skynot)

  1. Check if wget is present; if not: abort suggesting user to install it or use --npm flag.
  2. Create a user named aidev, if missing.
  3. Create a group named aiteam, if missing.
  4. Assign both aidev user and current user to group aiteam.
  5. Create sudoers file so that current user can impersonate aidev without needing a (sudo) password.
  6. Setup 007 umask and ACLs for aidev and current user to share files without issues.
  7. Download & install Pi under aidev user's home: ~aidev/pi/.
  8. Install the recommended extensions and/or authentication files if user used flags for them.
  9. Configure git to be able to share repositores in ~aidev/ dir.
  10. Add the agent's binary directory to the aidev user's $PATH env var.
  11. Create a launcher script at $HOME/bin/spi for the current user.
  12. Create a proper work dir inside ~aidev named Work, owned by aidev:aiteam.

Launch Steps (performed every time you run the launcher script spi)

  1. Check that current directory is inside ~aidev/Work or exit with error msg.
  2. Check that all directories of users are NOT readable or writable by aidev user.
  3. If any of the user directories are readable or writable, prompt to shield them.
  4. Launch Pi with the aidev user.

Usage

npx skynot [options]

The following command‑line flags are available:

| Flag | Alias | Description | |--------------|--------|-----------------------------------------------------------------------------------| |--help | -h | Show the help message with all available options. | |--auth | -a | Prompt for AI model's credentials to add env var to script or cook auth.json file.| |--extensions| -e | DEPRECATED: Use spi install <extension> instead, after install. | |--git ["id"]| -g[i]| Set git user.name/user.email for aidev. No arg: copies from current user. | | | | With arg (e.g. "Name Surname <[email protected]>"): uses that instead. | |--npm | -n | Install Pi using npm instead of tarball (likely to be slower though). | |--paranoid | -p | Refrain from caching the sudo password; ask for it every time it is needed. | |--ssh | -s | Copy SSH keys to the aidev user for git+ssh (& add GitHub to known_hosts). | |--update | -u | Wipe any previous existing install of Pi and reinstall, to get the latest version.| |--verbose | -v | Show more output from install commands (useful for debugging/low-bandwidth). | |--version | -V | Output the version number. | |--destroy |--BURN| Delete the aidev user, all its data (in $HOME), and the aiteam group. |

Please note, -u would technically not wipe or reinstall extensions, as they normally live in a different place (.pi subdir under aidev user's $HOME, and/or $NPM_CONFIG_PREFIX dir).

Notes

  • The script runs many operations as the aidev user via sudo. It sets npm_config_prefix to $HOME/.npm-global to avoid permission errors when installing extensions from NPM.
  • To test locally (directly from sources instead of using npx), use npm run exec -- [options] (e.g. npm run exec -- -p).

Requirements

  • Linux or macOS
  • NodeJS v22.x
  • NPM's npx (install with brew install npm or apt install npm)
  • git v2.46 or newer (required for wildcard support in git config --global safe.directory)
  • setfacl command in Linux (to setup ACLs; in Ubuntu this command is provided by the acl APT package)