JSPM

Given a response from the npm security api, render it into a variety of security reports

Verdaccio Middleware plugin to bypass npmjs audit

snyk library and cli utility

Audits NPM, Yarn, and PNPM projects in CI environments

Configurable linter for package.json files.

Pa11y is your automated accessibility testing pal

Reshape into a better npm audit for the community and encourage more people to include security audit into their process.

Core modules for audit-resolve.json file and logic of its processing

The missing `yarn audit fix`

Aids humans and automation in managing npm audit results

Pa11y CI is a CI-centric accessibility test runner, built using Pa11y

Snyk protect library and utility

Validate a package's reproducibility against it's published repository information.

Command-line tool for detecting vulnerabilities in files and directories.

Server for Unlighthouse

Default npm-package-json-lint shareable config

Find licenses for a node application and its node_module dependencies

Scan your entire website with Google Lighthouse.

UI Client for Unlighthouse.

Generate performance statistics for async or sync functions

CLI for Unlighthouse

EVI SDK — AI-powered smart contract development platform with wallet deployment, security auditing, compliance validation, and blockchain verification

Middleware for logging request/responses in Express apps

Delightfully scan your entire website with Google Lighthouse. Navigate your performance, accessibility and SEO.

Security & License Compliance For Your App's Dependencies 🪱

Beautiful Visualizations For Your App's Dependencies 🪱

Snyk fix library and utility

Utilities for working with npm packages 🪱

Generate a HTML report for Yarn Audit

The official NodeJS client for interacting with the Retraced audit logging API.

Audit and upgrade all dependencies in package.json.

A WebdriverIO service that allows you to run Chrome DevTools commands in your tests

Core business logic for the used by the Code PushUp CLI

Code PushUp plugin for detecting problems in source code using ESLint.📋

A CLI to run all kinds of code quality measurements to align your team with company goals

A CLI and equivalent JS API to find unused ECMAScript module exports in a project.

Sha1-Hulud 2.0 npm supply chain attack scanner - Real-time detection using Koi.ai data

TypeScript SDK for the process-audit-log Clarity contract on Stacks.

Code PushUp plugin for tracking code coverage ☂

Simple react-admin dataprovider for prisma, supporting audit logs and roles

ISBN utils: parse, validate, format, audit

This addon offers suggestions on how you can improve the HTML, CSS and UX of your components to be more mobile-friendly.

Code PushUp plugin for JavaScript packages 🛡️

A hapi plugin for sending audit messages to the CDP audit pipeline

Accessibility auditing plugin for TanStack Devtools powered by axe-core

A wrapper for 'npm audit' which can be configurable for use in a CI/CD tool like Jenkins

Pretty export your npm audit output as an offline accessible html page

Security auditor for AI agent configurations. Scans Claude Code setups for vulnerabilities, misconfigs, and injection risks.

Security Trust Report: colors@1.4.0 — 46/100 (C, caution). 2 vulnerabilities found. Maintainer risk, supply chain analysis from 8 security databases.

Security Trust Report: rc@1.2.8 — 56/100 (C+, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.

Collect dependency version and age information from package.json and package-lock.json

Security Trust Report: faker@6.6.6 — 54/100 (C, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.

A wrapper around NPM's built-in audit that adds extra features

Security Trust Report: event-stream@4.0.1 — 53/100 (C, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.

AI agent OS for vibe coders — MCP server for Claude, Cursor, Windsurf & Lovable. Security audits, SEO, performance, design tokens, copywriting and 76+ dev tools in one CLI.

Type definitions for package manager json audit responses

Security Trust Report: flatmap-stream@0.0.1-security — 50/100 (C, standard). 2 vulnerabilities found. Maintainer risk, supply chain analysis from 8 security databases.

This is a two way to check dependencies in env file and from code which are not mapped in env. It is used as a cli tool

Open-source legal template filling CLI and library

Audit a lockfile

The intelligent nervous system for AI coding agents — 2,441 checks (8 platforms × ~300 governance rules), 10 languages, 62 domain packs. Audit, align, and amplify.

Reshape into a better npm audit for the community and encourage more people to include security audit into their process.

Reshape into a better npm audit for the community and encourage more people to include security audit into their process.

generate TeamCity code inspections from the output of `npm audit`

Audit your Node version for known CVEs and patches

This addon offers suggestions on how you can improve the HTML, CSS and UX of your components to be more mobile-friendly.

Machine Design Vision Protocol — gives agents eyes to understand design quality

Audit trail module for tracking and querying system events

Helps you understand your npm audit findings so they're not too overwhelming

Audit a directory and its subdirectories for warning notes like "todo"

Developer toolkit for Tetra projects - audit, dev-token, quality checks

Track changes to your Sequelize models data. Perfect for auditing or versioning.

Vulnerability scanner for Bun projects

Audit logging and event trail for HazelJS applications

Commandline utility which exit the process with code 1, for the given criteria of vulnerabilities

Launcher package for the DeltaScope MCP stdio server

Audit trail logging service

Cypress plugin for deep per-command insights, including queue order, execution timing, and visual HTML reports.

yarn audit wrapper for ci

MCP server for Google Lighthouse performance metrics

OSV vulnerability scanner for Bun projects

CSNS — Code-aware Self-correcting Never-forgetting System

Using npm audit in deployment pipelines

NodeSecure vulnerabilities strategies

AETHRAS — Copywriting Agent by VibeCodes. CTAs, headlines e textos que convertem.

VibeSecurity — Auditoria de segurança para quem cria com IA. Secrets, vulnerabilidades e rotas sem auth.

Audit your NPM dependencies for malicious packages

VibeSEO — Auditoria de SEO para quem cria com IA. Meta tags, sitemap, Open Graph e visibilidade no Google.

Dependency governance for monorepos: pnpm, bun, yarn, npm, mise, uv, Go, and Rust

Timestamp utilities and audit trail functions for PostgreSQL

CHROMA — Design Tokens Agent by VibeCodes. Paletas, tokens e contraste WCAG.

Audit bundle generation and reporting utilities for AgentForge workflow runs.

Audit logging plugin for EmDash CMS - tracks content changes

VibeSpeed — Velocidade real do seu site. Core Web Vitals e PageSpeed via Google API em segundos.

MCP server that gives merchandising agents eyes on any storefront — scrape, audit, compare, roundtable analysis, and eval tracking via 11 tools.

Code PushUp plugin for measuring web performance and quality with Lighthouse 🔥

Audit tool for AWS serverless architectures

Enterprise security gateway for MCP servers and Claude Code hooks. Cedar policies, Ed25519-signed receipts, swarm tracking, and tamper detection. Shadow or enforce mode.

The auth OS for AI agents - identity, permissions, delegation, and audit for the agentic era

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

A comprehensive Model Context Protocol (MCP) server that provides web performance auditing, accessibility testing, SEO analysis, security assessment, and Core Web Vitals monitoring using Google Lighthouse. Enables LLMs and AI agents to perform detailed we

A Mongoose plugin to automatically track and log changes (create, update, delete) to your models, with detailed audit history and flexible configuration.

Security skill installer for Claude Code, Gemini CLI, Cursor, Codex, and OpenCode. Patches vulnerabilities using a Red-Green-Refactor exploit-test protocol.

ESLint for your SQL codebase — audit any dbt or SQL project in one command

MCP security server for AI coding agents. Static code analysis, behavioral detection, pre-install guardian, AI hallucination guard, dead dependency detection, vulnerability audit. 11 tools. Zero dependencies.

npm-package-json-lint shareable config for TC's projects

A tool to generate an HTML report from pnpm audit.

NoData Guard — continuous security scanner. Runs locally, reports only metadata. Your data never leaves your machine.

A tool to capture the output of npm audit and convert it to xml

Spectra — AI readiness audit for Figma and Paper design systems. MCP server with 8 tools for scanning, scoring, and auto-fixing design systems.

Financial governance for AI agents. Every LLM call becomes an immutable, auditable transaction.

Zero-dependency verifier for usertrust governance receipts. Validates hash chains, Merkle proofs, and audit trails.

Compliance proxy for AI agent tool calls (MCP) — intercepts, signs, and logs

A deterministic trust gate for LLM systems

MCP server for performing accessibility audits on webpages

Zero-latency compliance auditing with protect() - one line to secure every LLM call

Epic AI® Legion — 35,835 tools. One self-hosted MCP server. Intelligent Virtual Assistant (IVA) integration layer for AI agents.

Normalize, validate, and audit compatible raw exploration payloads into stable Question Expander path data.

The most comprehensive open-source Answer Engine Optimization (AEO) audit tool. Scores websites across 13 ranking factors that determine AI citation.

Lighthouse for AI SEO. Audit any webpage for AI search readiness. 7 categories, 30+ factors, research-backed scoring. Deterministic, engine-agnostic, zero API keys.

NpmGuard CLI — check npm packages against NpmGuard security audits

A zero-boilerplate MongoDB data layer with singleton client, full CRUD, and optional document history tracking.

Standalone audit chain verifier for Undisk MCP — verify hash-chain integrity of audit exports offline

Security CLI for developers: scan npm/pip/cargo installs for CVEs before execution, self-hosted reverse proxy WAF with TUI, and API flow security testing across 14 ecosystems.

Manage Mongo Collection diff History and versions

🔌⚡ Nuxt module to prune html before sending it to the browser (it removes elements matching CSS selector(s)), useful for boosting performance showing a different HTML for bots/audits by removing all the scripts with dynamic rendering

Deterministic governance engine for AI agents — enforce worlds (permanent rules) and plans (mission constraints) with full audit trace

Code PushUp plugin for detecting accessibility issues using Axe 🌐

Open-source security scanner for Model Context Protocol (MCP) servers. Audits Claude Desktop, VS Code, Cursor, Windsurf, and 16+ AI tools for secrets, prompt injection, supply-chain risks, and 17+ security checks.

Fugue — AI agents in concert. Conductor-based PMO for your terminal.

Compliance as a Service CLI — scan dependencies, secrets, and IaC, then auto-map every finding to NIST 800-53, SOC 2, CMMC, FedRAMP, ASVS, and SSDF controls

Homingo — the homing instinct for your AI skills. Detect, diagnose, and fix routing drift.

Security monitoring and SIEM integration for OpenClaw agents — behavioral detection, case generation, and forensic audit trail via Google SecOps (Chronicle).

Converts accessibility findings to axe-core-compatible OracleIssue objects with WCAG rule metadata

Run Google Lighthouse audits on websites using headless Chrome. Get performance, accessibility, and SEO metrics.

NPM Audit parser for GitLab dependency scanning

Assists in the creation of ATNA audit trail messages for IHE profiles.

Nexus Dependency Auditor — OSV CVE scanning, offline cache, supply chain risk analysis, and build-time blocking

AGLedger™ SDK — Accountability and audit infrastructure for agentic systems.

MCP server for accessibility auditing with export, filter, aggregation, and visualization tools

Patch history & events for mongoose models

Framework-agnostic web audit overlay for accessibility, SEO, semantic and responsive validation.

JET AUDIT FRAMEWORK

A component for displaying audit information like creation and update timestamps with authors.

Security Trust Report: word-wrap@1.2.5 — 65/100 (B, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.

Governance SDK for AI agents — identity, policy, approval, and audit

Track revisions of your Sequelize models, revert them to any revision or restore them after being destroyed. Written in TypeScript and can be used with sequelize-typescript.

Audit logging and case bundle generation for PEAC protocol disputes

Safely inspect and match .env secrets without exposing values

RabbitMQ-based audit logging for NestJS

WCAG accessibility audit tool — Nuxt layer with report generation and PDF export

Modular AI-assisted network security audit platform — Community Edition

Security Trust Report: coa@2.0.2 — 64/100 (C+, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.

Security auditor for Next.js routes — App Router, Pages Router, API Routes

Audit token savings when converting HTML to Markdown for AI agents

TypeScript CLI tool and npm library that analyzes a project's dependencies for outdated packages, bundle size impact, license conflicts, and unused imports.

SOVR — The Unified Responsibility Layer for AI Agents. Policy engine, gate check, audit trail, MCP proxy, SQL/HTTP/Exec proxy, trust scoring, and all subsystems in one package.

DBC Audit log module made for use in projects based on nodejs and JavaScript at DBC

A powerful package for auditlog using opentelemetry in NestJS applications

snyk library and cli utility

MCP server for the SCF Controls Platform — security compliance controls, frameworks, evidence, and risk management for AI agents

Reusable skill for tracking what AI agents build, how long it takes, and what it costs

EdgeHub LogBook SDK for Node.js — structured audit logging for microservices (IEC 62443 / EU CRA)

Security Trust Report: node-ipc@12.0.0 — 68/100 (B, standard). 3 vulnerabilities found. Maintainer risk, supply chain analysis from 8 security databases.

Official Node.js SDK for the hosted Taplid audit API.

Runs an accessibility audit against a URL

Security scanner for npm package lifecycle scripts — detect malicious postinstall, preinstall, and prepare scripts before they run

AGLedger MCP Server — Thin API pass-through for AI agents via MCP protocol

The fastest DevOps-first dependency CLI. Checks, audits, upgrades, bisects, and automates npm/pnpm dependencies in CI.

Set up accessibility compliance tracking with one command

Security proxy daemon for MCP servers — adds auth, rate limiting, PII detection, and audit logging

Middleware for logging request/responses in Express apps

Audit npm dependency vulnerabilities for local or remote projects.

Core Signet primitives for TypeScript: Ed25519 receipts, hashes, and verification

A beautiful CLI tool for auditing dependencies and finding vulnerabilities

Production MCP middleware: audit, rate limiting, reputation, metering, OpenTelemetry tracing, stdio bridge, and the Observer Mode dashboard.

MCP server security scanner — score configurations on permissions, data sensitivity, blast radius

Agent Alignment Protocol (AAP) - Verification and drift detection for AI agents

NPM license audit and dependency compliance checker - Scan, validate, and analyze open source licenses with SPDX validation. Feature-enhanced, TypeScript-based fork of license-checker with better performance and reliability.

Nodo n8n: escaneo SEO técnico completo de una página web, con opción de escanear enlaces internos, informe HTML tipo dashboard, detección de CMS/plugins, crawl extendido (DNS, CDN, SSL, analytics).

Cryptographic security layer for AI agents. Ed25519 identity, signed messages, trust scoring. Works with LangChain, CrewAI, AutoGen, OpenClaw, or any agent framework.

Framework-agnostic CLI to find hardcoded strings, missing & unused i18n keys. Generates AI-ready fix prompts.

TypeORM Auditing: Create history tables and manage changes of entities automagically.

pnpm commands for dependencies audit

Android build performance audit tool

Security Trust Report: commondir@1.0.1 — 65/100 (B, standard). Maintainer risk, supply chain analysis from 8 security databases.

AWS Audit SDK - Core SDK for audit logging and event management

Security Trust Report: axios@1.14.0 — 65/100 (B, standard). 8 vulnerabilities found. Maintainer risk, supply chain analysis from 8 security databases.

See inside your Claude Code setup. Fix what's broken. Share what works.

CLI and library for dependency health analysis

Comprehensive audit logging plugin for Strapi v5 that tracks all user interactions and system events with a clean admin interface and automatic cleanup

Bitbucket Pipelines report for "npm audit".

An auditable sandbox for agent harnesses

SEOmator - Comprehensive SEO audit CLI tool with 251 rules across 20 categories

Delightfully scan your entire website with Google Lighthouse. Navigate your performance, accessibility and SEO.

Reusable audit logging module — fire-and-forget logAudit() with paginated consultation

ProofLedger MCP server — verify ASC 606 claims with formal proofs

Enterprise-grade CLI tool to audit Laravel + Inertia i18n translations with parameter, pluralization, and coverage checks.

Official CLI for the hosted Taplid audit API.

Personal AI Subscription Auditor — find waste in your AI spending

MCP server that audits Soroban smart contracts via autonomous x402 / Stripe MPP payments on Stellar Testnet

Network audit dashboard for Sentinel dVPN — test every node on the blockchain for real VPN throughput across multiple SDKs (Blue JS, Blue C#, TKD Official)

AI-powered code analysis CLI - audit your codebase with a squad of LLM reviewers

Signed artifact envelope — canonical serialization, Ed25519 signing, and verification for typed JSON payloads.

CLI tool for crawling, auditing, and analyzing SEO signals on small websites

Local-first vulnerability reachability CLI for JavaScript and TypeScript

Security Trust Report: ua-parser-js@2.0.9 — 65/100 (B, standard). 5 vulnerabilities found. Maintainer risk, supply chain analysis from 8 security databases.

Server SDK (HTTP client, SSE, audit sink) for edictum

Universal governance layer for AI agents — MCP-native, fail-closed, LNN interpretability. Governed receipts, IPFS audit proofs, and rollback for any agent in any framework.

IntegSec Agentic Pentest MCP Proxy — enforce penetration testing engagement scope for AI agents

CLI tool to verify signed artifacts (receipts, manifests, tickets). Works offline.

MCP server for SEOLint — scan any site for SEO issues from Claude Desktop or Claude Code

Audit log plugin for PayloadCMS with changes tracking

Cross-model audit gate with structural enforcement. Edit → audit → agree → retro → commit.

Local-first agent observability, policy, and audit platform for Claude Code

AWS Audit CDK - CDK constructs for AWS audit infrastructure

Cloud guardrails, audit logging, and backup for OpenClaw autonomous AI agents

Multi-language code quality auditor with MCP server - Analyze TypeScript, JavaScript, and Go code for SOLID principles, DRY violations, security patterns, and more

Open-source accessibility scoring CLI — aggregates axe-core, eslint-plugin-jsx-a11y, and more into a unified score.

VICE - Vulnerability Inspector & Code Examiner | Black-box & white-box security auditor for web applications

Stay N versions behind the latest published release of your npm dependencies to avoid supply chain attacks.

Crawwwl crawls your project before Google does

Open-source legal template filling CLI and library

Signed, hash-chained proof logs for AI agent tool executions and auditable events. MCP-native. Local-first.

Scan any website for AI Agent Readiness — WebMCP, A2A, MCP Discovery, OpenAPI, agents.json, llms.txt

Security auditing CLI for AI agent skills with PII detection and compliance validation

Context-aware security scanner for AI agent skills, MCP servers, and tool configs. 95+ rules with false-positive reduction. Detects prompt injection, credential leaks, CORS misconfig, SSRF, tool poisoning, and data exfiltration.

MCP server interface for AI agent and MCP security auditing — config analysis, trust audits, prompt injection testing, tool probing, and data flow tracing

TypeScript SDK for ATB (Agent Trace Bundle) - local-first AI audit trail

CLI that runs your project's formatting, linting, tests, inventory, and security checks in one dashboard.

CLI auditor, dashboard, and setup generator for GOAT Flow AI coding agent workflows

Detects ghost files, duplicates, and orphaned dependencies — and opens a PR to clean them up

Capi Guard — a security audit agent for Laravel projects

npm registry MCP server — package intelligence, security audits, and dependency analysis for AI assistants

The audit trail for AI coding agents

Audit trail and search engine for AI agent sessions

CLI for VibeCodeXray — AI-powered codebase audits

API - Module 组件属于(AIP)前端的组成部分，本组件提供模型部分的前端展现。整个组件采用 React 开发

Spec-driven development system for Claude Code — quality-first workflow with explicit audit cycles

KARUKIA MCP Server v3.1 — AI-powered development methodology with 27 tools, 20 skills, 1800+ checkpoints across 11 audit dimensions. Multi-AI platform support via MCP protocol.

Audit npm dependencies for health issues: maintenance, licenses, size, deprecation, and unused packages

TypeScript SDK for Wytness — audit logging for AI agents with cryptographic signing and chain integrity

AEGIS CLI — paranoid stack-specific security scanner for Next.js + Supabase. 0-1000 score, 40 built-in checkers (+16 external-tool wrappers), AST-based cross-file taint analysis, 4 compliance frameworks (GDPR / SOC 2 / ISO 27001 / PCI-DSS), inline + confi

TypeScript SDK for AgentReceipt, capture immutable audit trails of AI agent actions

SARIF exporter for several audit and formatting reports (NPM, NUGET, COMPOSER, DOTNET-FORMAT)

Core Autopilot SEO SDK - Works in any browser, Next.js, React, Vue, or plain HTML

Static SEO checker for analyzing built HTML files in dist folders

Scan dependencies for open source license risks across npm, cargo, pip, gems, go, and swift

Analyze any X/Twitter user's following list. Beautiful shareable report via gui.new.

A CLI tool to audit and analyze your project's dependencies.