npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

vibeguard-sui-security

v0.4.0

Published

TypeScript SDK for VibeGuard AI transaction security analysis

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mianohhmianohh

Keywords

suiblockchainsecuritytransactionanalysis

Readme

vibeguard-sui-security

Pre-signature transaction security for the Sui ecosystem. Analyzes unsigned transaction bytes before a user signs — detecting honeypots, asset drains, and intent mismatches via a sovereign Rust threat engine running inside an AWS Nitro Enclave.

Detected threats are automatically signed by the enclave and registered on-chain. No API key required.

Platform | API Docs | Threat Portal

Installation

npm install vibeguard-sui-security

Quick Start

import { VibeGuard } from 'vibeguard-sui-security';

const guard = new VibeGuard();

const result = await guard.analyzeTransaction({
  transactionBytes: 'AAACAA...',
  network: 'mainnet',
  userAddress: '0xYourAddress',
  userIntent: 'Claim airdrop',
});

if (result.risk.riskLevel === 'RED') {
  // Block the transaction — threat detected and auto-reported on-chain
}

| Risk Level | Meaning | |---|---| | GREEN | Transaction appears safe | | YELLOW | Proceed with caution | | RED | High risk — block and warn user |

Threat Detection

The enclave detects sophisticated attack patterns with 100% accuracy across all test cases:

| Flag | Pattern | |---|---| | INTENT_MISMATCH_HONEYPOT | User expects inflow but simulation shows outflow | | MULTI_RECIPIENT_DRAIN | Assets routed to 3+ unique recipients | | DRAIN_FUNCTION | Dangerous Move functions: transfer_all, drain, approve_all, sweep | | UNEXPECTED_OUTFLOW | Asset outflow contradicts stated intent | | HIGH_GAS_BUDGET | Gas budget exceeds 500M MIST |

Enclave Performance: 210 req/s peak throughput · 233ms avg response · 0.00% error rate at 50 concurrent requests.

B2B Integration

Subscribe to Threat Feed

const unsubscribe = guard.subscribeToThreats((threat) => {
  walletBlacklist.add(threat.malicious_package_id);
});

Query Threat Registry

const { threats } = await guard.queryThreats({ category: 'Honeypot', severity: 'Critical' });
const { stats } = await guard.getThreatStats();

Retrieve Threat Evidence

const report = await guard.retrieveThreatReport(walrusBlobId, blobObjectId);
console.log(report.riskLevel);   // 'RED'
console.log(report.reasons);     // ['INTENT_MISMATCH_HONEYPOT', ...]

Register Webhook

await guard.registerWebhook('https://your-app.com/webhook', ['ThreatReported'], apiKey);

REST API

# Analyze a transaction
curl -X POST https://vibeguardai.vercel.app/api/explain \
  -H "Content-Type: application/json" \
  -d '{"transactionBytes":"AAACAA...","network":"mainnet","userAddress":"0x...","userIntent":"Claim airdrop"}'

# Query threats
curl "https://vibeguardai.vercel.app/api/threats?category=Honeypot"

# Real-time SSE stream
curl "https://vibeguardai.vercel.app/api/events"

On-Chain Registry

Every RED detection triggers an atomic on-chain transaction:

  1. Evidence uploaded to Walrus decentralized storage
  2. Enclave signs the report with its registered Ed25519 keypair
  3. seal_enclave::verify_and_report verifies the signature on-chain — emits ThreatVerified { verified: true }
  4. registry::report_malicious_contract commits the threat — emits ThreatReported

Wallet providers subscribe to ThreatReported events for a real-time, cryptographically verified blacklist feed.

| Contract | Address | |---|---| | ReputationRegistry | 0xa706a721...b494de | | SealEnclave | 0x75f9626c...19fdc | | Enclave Registration | DyCyjEm6...39Q2 | | Live Threat Report | 6qBWeX62...YDk |

License

MIT