npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

vexqr

v2.0.0

Published

AI-Supervised Cybersecurity Tool Orchestration Platform. A pipeline that connects any AI client to security tools (via MCP or PTY terminal automation) and supervises the worker AI in real time. Core is Python, supported by TypeScript, C, and Assembly, wit

Readme

Vexqr

AI-Supervised Cybersecurity Tool Orchestration Platform.

Vexqr is a pipeline that connects any AI client (Claude, Gemini, Copilot, GitLab Duo, Cursor, Codex, or any custom OpenAI-compatible model) to security tools — via MCP servers when available, or via terminal automation as a fallback — and supervises the worker AI in real time so it does not loop, waste tokens, or wander off track.

A user describes a goal in plain English ("check if my web app is secure", "help me debug this EXE", "run a full security assessment"). Vexqr figures out which tools are needed, connects or installs them, runs them, and a second AI supervises the whole operation: detecting loops, scoring progress, managing the token budget, and redirecting the worker agent when it gets stuck — with no human babysitting the screen.

This npm package is the TypeScript adapter / orchestration surface. The Python core is published separately on PyPI as vexqr. The security layer (scope enforcement, risk gating) is owned separately by the security team.

Install

npm install -g vexqr      # or: pnpm add -g vexqr   |   bun add -g vexqr

The Python core:

pip install vexqr

Usage

# Run a supervised assessment (simulated, safe — no tools installed/executed)
vexqr run "check if my web app is secure" --target scanme.nmap.org --dry-run

# Machine-readable JSON output
vexqr run "full security assessment" --target example.test --dry-run --json

Programmatic (TypeScript):

import { Orchestrator } from 'vexqr';

const orchestrator = new Orchestrator({ client: 'custom', dryRun: true });
const result = await orchestrator.run('check if my web app is secure', 'scanme.nmap.org');
console.log(result.summary);

How it works

Five vertical layers plus a cross-cutting supervisor:

| Layer | Responsibility | | ----- | -------------- | | L1 adapters | Normalize any AI client into a task object; format results back. | | L2 router | Classify and route each tool call (MCP first, terminal fallback). | | L3 mcp | MCP registry, server lifecycle, trust-tier policy, transports. | | L4 terminal | Auto-install cascade + PTY automation + output parser. | | L5 supervisor | Loop detection, progress scoring, token budgets, feedback, escalation. |

Development

npm install
npm run build      # tsc -> dist/
npm test           # node --test

License

MIT © ghulam