npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

tokeasy

v0.8.5

Published

Tokeasy: token-efficient agent tools for Claude Code, Codex, Copilot, Cursor, Windsurf & OpenClaw — code_search, code_read, code_edit, log_read, git_context, and more. Fewer round-trips, smaller context, honest savings accounting.

Readme

Tokeasy

Tokeasy is a token-efficient agent toolkit for Claude Code, Codex, Copilot, Cursor, Windsurf and OpenClaw. Fewer round-trips, smaller context, same model — with savings accounting honest enough to bet a subscription on.

Five of the tools:

  • code_search — glob + grep + read + imported-by in a single ranked call.
  • code_read — AST-aware reads: long bodies stubbed, imports/types/signatures kept, full mode on demand.
  • code_edit — batched multi-file edits, fuzzy matching that tolerates whitespace drift, post-edit TS/JSON/YAML syntax validation.
  • log_read — logs and test/build output as a bounded digest that keeps every failure, with a receipt of what was left out and a way to get any of it back exactly.
  • git_context — branch, ahead/behind, dirty files, recent commits, diffstat and merge state in one call.

…plus the rest of the kit: databases, command output, system state, cross-session memory, and an honest savings ledger. Subscribers get every tool, current and future — each one documents itself in your client, and anything gated tells you exactly how to enable it when you call it. Every result opens with a [now: … UTC] header so agents stop burning round-trips on date.

A license key is required — subscribe at https://tokeasy.net.

OpenClaw

{
  "plugins": {
    "entries": {
      "tokeasy": {
        "config": {
          "licenseKey": "tk-..."
        }
      }
    }
  }
}

OpenClaw installs also get exec steering (interceptMode), which routes raw shell habits to the covering tokeasy tool. Every mode parses the command and produces the exact replacement call, not generic prose:

  • nudge (default) — appends a one-line concrete redirect to the raw exec result. Raw tail -n 50 app.log comes back with [tokeasy → log_read] use log_read({ path: "app.log", tailLines: 50 }) at the end, so the agent self-corrects mid-session with no AGENTS.md/CLAUDE.md changes. Rate-limited per category via nudgeIntervalMs (default 5 min; 0 = ledger-only).
  • redirect — blocks the exec and hands back the exact covering call to run instead (one retry hop). A bare date is answered in the block reason (it's 16:41 UTC — …) so the clock check never even spawns a shell.
  • auto — runs the covering tool inside the hook and returns its digest as the exec result, annotated [tokeasy auto-swap → git_context]. git status && git log comes back as the git_context snapshot on the first call — zero learning required. Falls back to redirect when a command has no safe concrete translation.
  • strict — legacy: blocks raw cat/grep on repo files outright.

Codex approval compatibility

OpenClaw's codex extension auto-promotes its app-server approval policy from the implicit never to untrusted whenever any plugin registers a before_tool_call hook — which tokeasy does. On channels without an approval UI (Discord, headless gateways) that promotion makes every codex-native exec wait 120s for an approval that can never arrive, then fail the turn with no reply. Tokeasy neutralizes this at startup by pinning the policy to its pre-install default (approvalPolicy=never), restoring exactly the behavior the host had before tokeasy was installed. It backs off automatically whenever the operator has expressed any explicit codex policy: plugins.entries.codex.config.appServer.approvalPolicy/mode in openclaw.json, the OPENCLAW_CODEX_APP_SERVER_APPROVAL_POLICY/MODE env vars, or a managed /etc/codex/requirements.toml. Opt out with codexApprovalCompat: false in plugin config or TOKEASY_CODEX_COMPAT=0.

Adaptive escalation (on by default in nudge mode): if a category keeps reverting to raw exec after being nudged, tokeasy escalates just that category to redirect for the rest of the session (adaptiveEscalation: false to disable, escalateAfter to tune the threshold, default 3). The run_digest steer only appears when allowRun is enabled, so it never points at a disabled tool. code_savings now reports steering conversion — how often each nudge stuck vs reverted — so you can see which redirects actually change behavior.

MCP clients (Claude Code, Codex, Cursor, Windsurf) have no hook to intercept, so tokeasy steers them the two ways an MCP server can: the initialize-response instructions block and tool descriptions both say "use instead of grep/cat/tail/git status/…".

Use outside OpenClaw (MCP)

The package ships a stdio MCP server (tokeasy-mcp), so the same tools work in any MCP client. Set TOKEASY_LICENSE_KEY to your license key from https://tokeasy.net.

Claude Code

claude mcp add tokeasy -e TOKEASY_LICENSE_KEY=*** -- npx -y tokeasy

Codex CLI (~/.codex/config.toml)

[mcp_servers.tokeasy]
command = "npx"
args = ["-y", "tokeasy"]
env = { TOKEASY_LICENSE_KEY = "***" }

VS Code GitHub Copilot (.vscode/mcp.json)

{
  "servers": {
    "tokeasy": {
      "command": "npx",
      "args": ["-y", "tokeasy"],
      "env": { "TOKEASY_LICENSE_KEY": "tk-..." }
    }
  }
}

Cursor (.cursor/mcp.json) and Windsurf (~/.codeium/windsurf/mcp_config.json)

{
  "mcpServers": {
    "tokeasy": {
      "command": "npx",
      "args": ["-y", "tokeasy"],
      "env": { "TOKEASY_LICENSE_KEY": "tk-..." }
    }
  }
}

Savings ledger

code_savings reports what the tools saved you, with honest labels: calls saved are counted, bytes returned are measured, and bytes saved are estimated — each number says which it is. The dollar figure is an estimate priced from posted list rates under session cache economics (avoided round-trips save transcript re-reads; smaller results save a cache write plus every later cache read), the model is auto-detected from your session, and every assumption is a named constant in the code, labeled in the output. Treat the figures as ballpark, not billing. If a number is a guess, it says so.

Leaderboard & telemetry

Tokeasy reports your savings totals to an anonymized leaderboard at tokeasy.net. This is on by default; set TOKEASY_TELEMETRY=0 to opt out.

What is sent (numbers only, at most once per 2 hours): callsSaved, bytesSavedEstimate, the estimated usdSaved, the pricing model name, your license key if you've set one, and a 12-character instance hash (SHA-256 of hostname + home directory) so your entry stays stable across sessions. Running several installs that share a hostname (containers, fleets)? Give each its own id via the instanceId plugin config or TOKEASY_INSTANCE_ID so their reports don't collide. Never sent: code, file paths, queries, file contents, or anything else from your machine. On the leaderboard you appear under a generated anonymous name; code_savings shows it (and your rank) when a report succeeds.

Everything else runs 100% on your machine — license checks send a key hash and instance hash, nothing more.