JSPM

JavaScript Standard Style - ESLint Shareable Config

JavaScript Standard Style JSX support - ESLint Shareable Config

JavaScript Standard Style

Wrap your standards in a tortilla and cover it in special sauce.

Build Content Security Policy directives.

Parse Content Security Policy directives.

A TypeScript ESLint config that loves you

Content-Security-Policy header generator

A Serverless plugin to define IAM Role statements as part of the function definition block

A framework for writing policy as code

JavaScript Standard Style React/JSX support - ESLint Shareable Config

Open Policy Agent WebAssembly SDK

JavaScript Semistandard Style - ESLint Shareable Config

Flash Socket Policy File Server. A server to respond to Flash Socket Policy requests, both inline and through a dedicated server instance.

Role and Attribute based Access Control for Node.js

Common types used by the Cerbos client libraries

TypeScript Standard Style based on StandardJS

Pulumi CrossGuard policies for AWS.

All the goodness of `feross/standard` with semicolons sprinkled on top.

Client library for interacting with the Cerbos policy decision point service over gRPC from server-side Node.js applications

Client library for interacting with the Cerbos policy decision point service over HTTP from browser-based applications

Generated code used by the Cerbos client libraries

AWS IAM policy statement generator with fluent interface for AWS CDK

A Vite plugin to auto-generate Subresource Integrity (SRI) hashes.

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

Bitcoin Miniscript, a high-level language for describing Bitcoin spending conditions. It includes a compiler/analyzer with a signer‑agnostic satisfier that derives symbolic witnesses (e.g., <sig(key)>).

TypeScript library for handling AWS IAM Policy documents

An ESLint Shareable Config for video.js Standard Style.

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

TypeScript SDK for Steward — agent wallet infrastructure with policy enforcement

JavaScript Standard Style JSDoc support - ESLint Shareable Config

ESLint rules to disallow unsafe regular expressions.

AWS IAM policy statement generator with fluent interface

ESLint sharable config for strict linting

Wix Consent Policy SDK package for GDPR and CCPA compliance

A Node.js Security.txt implementation

SeekingAlpha's sharable base ESLint config

SeekingAlpha's sharable node.js ESLint config

Parse SPF (Sender Polify Framework) records

SeekingAlpha's sharable typescript ESLint config

SeekingAlpha's sharable React.js ESLint config

Interpreter for using ucast conditions with Prisma.

SeekingAlpha's sharable testing ESLint config

Embeddable React components for Steward agent wallet management

A Serverless plugin to define IAM Role statements as part of the function definition block

The Styra-supported driver to connect to Open Policy Agent (OPA) and Enterprise OPA deployments.

JavaScript style for plugins and tools in the video.js ecosystem.

Apply policies to Hapi routes

Styra-supported interpreter for using ucast conditions with Prisma.

Pub/Sub policy middleware for WS-Kit (topic normalization, authorization) plus shared pub/sub primitives

A serverless plugin to automatically attach an AWS Managed IAM Policy (or Policies) to all IAM Roles created by the Service.

Robust regex-free, dependency-free password validation library.

Typesafe AWS Policy Actions

JavaScript Standard Style - ESLint Shareable Config

Driver to connect to Open Policy Agent (OPA) and EOPA deployments.

Local policy-enforcing proxy for AI agents — sandboxes local LLM file access with Undisk's policy engine

Policy evaluation engine for Undisk MCP — path ACLs, size limits, extension rules, and secret scanning

A collection of React hooks for interacting with Cerbos policy decision points

Tanagram - Catch sloppy code before it ships

Permission enforcement extension for the Pi coding agent.

Client library for interacting with embedded Cerbos policy decision points generated by Cerbos Hub from server-side Node.js and browser-based applications

OpenTelemetry instrumentation for the @cerbos/grpc and @cerbos/http client libraries

DEPRECATED - See modern-standard.

Javascript Tradeshift Style - ESLint Shareable Config

hAIve CLI — enforce AI agent briefing, memory, Git, and CI policy

hAIve MCP server — policy-aware context and memory tools for AI coding agents

hAIve core — policy, memory, anchor, and enforcement primitives

Merge Content-Security-Policy directives

S3 policy generation for client-side uploads

Intent DNA — Declarative policy layer for AI agent behavior

Test if an input value is a supported ndarray output data type policy.

The cerbos binary

React styled components for the Consent Banner

Highflame Cedar policy types and engine wrapper

The cerbosctl binary

Downgrade content-security-policy version and fidelity to support the requesting browser

JavaScript Standard Style Preact/JSX support - ESLint Shareable Config

DigitalPersona Web Access Services

Language-agnostic linter for repository structure, file existence, filename conventions, and file content rules. This package downloads and wraps the platform-matched native alint binary.

DigitalPersona Web Access Core library

A tiny TypeScript approval gate for AI tool calls, MCP tools, and human-in-the-loop workflows.

Library to check for Cookie Settings

Official TypeScript SDK for SBO3L — the cryptographically verifiable trust layer for autonomous AI agents.

Deterministic governance lifecycle and policy infrastructure for PramanaSystems.

AI payment control — protect your agent's payments with policies

A library for evaluating permissions and policies.

PEAC Policy Kit - deterministic policy evaluation for CAL semantics

Test if an input value is a supported input ndarray casting policy.

TypeScript Standard Style based on StandardJS

Extend the Content Security Policy on the fly (for development)

Public Preview — TypeScript SDK for AgentMesh: agent identity, trust scoring, policy evaluation, and audit logging

OpenAgentLock CLI — a firewall for AI coding agents. Detects local agent harnesses (Claude Code, Codex CLI, Cursor, OpenCode, Cline, Gemini CLI, Continue, Copilot), gates risky tool calls via a Go control plane, anchors decisions in a Rust Merkle ledger.

Standard configuration for ESLint 9

Modular ESLint configuration

PEAC Protocol Control - control engine interfaces and validation

Client library for interacting with Cerbos Hub from server-side Node.js applications

AxonFlow SDK - Add invisible AI governance to your applications in 3 lines of code

Embedded policy decision point server for executing policy bundles built by Cerbos Hub in server-side Node.js and browser-based applications

Yessir — the safety layer for autonomous coding agents. OSS spin-off of PromptOps (https://promptops.it) by ShellOnBack. Auto-approves safe actions, blocks dangerous ones, answers routine prompts with live terminal context.

Core proxy engine for Cordon for MCP — the security gateway for MCP tool calls

Intent verification infrastructure for agents and human-authorized actions.

Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies

bip388 utils for typescript

JavaScript Styling ESLint config for Doshii

Validation methods for some common password policies

Dark Sky JavaScript Style - ESLint Shareable Config

KOREXT CLI. AI Code Governance. Enforce compliance policies on human written and AI generated code. 72 policy packs. 532 rules. 13 languages. Signed proof bundles.

Business rules as structured data, compiled into LLM-ready markdown prompts

JavaScript Standard Style with Trailing Commas - ESLint Shareable Config

Enterprise security gateway for MCP servers and Claude Code hooks. Cedar policies, Ed25519-signed receipts, swarm tracking, and tamper detection. Shadow or enforce mode.

TypeScript SQL compiler and policy engine for a restricted SELECT subset of MySQL.

Attribute-level (resource-level) authorization for HazelJS via CASL

Client library for interacting with embedded Cerbos policy decision points from server-side Node.js and browser-based applications

Atomic retry policy utilities with exponential backoff and jitter

UNRDF Knowledge Hooks - Policy Definition and Execution Framework

Hotmart JavaScript Style

Permission enforcement extension for the Pi coding agent.

tiny util for getting and setting deep object props safely

Simulate how communities react to new rules, events, or policies — multi-agent simulation engine for TypeScript

Vinicunca ESLint config

TypeScript configuration for ESLint 9

Access-control policy evaluation — scoped context access without per-service authorization logic.

Airbnb JavaScript Style Flow support - ESLint Shareable Config

Official DriftGard Node.js SDK — evaluate LLM interactions against your compliance policy

Biome presets, Grit plugins, and policy manifest for ContractSpec repositories.

Core evaluator, passport, and config for APort agent guardrails (shared across frameworks)

Policy enforcement guardrails for OpenClaw-compatible agent frameworks

Split-key custody for Zcash, Bitcoin, and EVM. 2PC-MPC signing, on-chain spend policy, transparent TX builder, ZAP1 attestation.

Autogenerated Typescript types for AWS IAM Policy and enums for all policy actions

Specora Platform SDK for Node.js - AI governance and policy enforcement

Reputation-gated spending policies for OWS agent wallets

Governance SDK for AI agents — identity, policy, approval, and audit

Operations dashboard + SDK for OWS agent wallets — manage, monitor, and secure.

MandateOS bridge, plugin bundle, and installer for OpenClaw.

10stars.io TypeScript-ESLint Styleguide - ESLint Shareable Config

React hooks and components for frontend authorization based on @open-policy-agent/opa

MCP server for Workforce AI — policy management, asset visibility, and apps catalog via LLM tool calls

Runplane SDK - Control AI agent execution before it runs. Thin wrapper over the Guard API.

JavaScript Happiness Style - ESLint Shareable Config

The cookie message and behaviour approved by the FT's legal team. All FT websites must have a cookie message. Using o-cookie-message will ensure your site is compliant according to EU regulatory law.

FICO scores for AI agent wallets — reputation-gated policies for OWS

Provides AWS IAM Managed Policies historical data as a convenient npm package that can be used in other OSS projects.

Policy, dispatch, and traceability for targeted compute.

CLI + SDK for linting repository instruction files and governing instruction context

Developer contract for building Motebit-powered agents, services, and integrations — stable types, adapter interfaces, governance config. Re-exports @motebit/protocol.

Like standard, but loosen up on the spacing

JavaScript Standard Style Flow support - ESLint Shareable Config

eslint sharable config for spacey-standard

List of Packages that Use JavaScript Standard Style

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

Platform-agnostic context kernel for routing, budget management, policy guards, and audit trails.

JavaScript Happiness Style

Approval-as-Infrastructure — declarative approval policies, audit trails, and token-gated decisions for Cloudflare Workers

Core persistence and orchestration layer — SQLite tasks, agent runs, policy enforcement, workspace status, handoffs, events, and embedding providers

TeamSpark Pachinko - Policy engine for Arcade.dev

OpenClaw ATBASH tool-audit plugin for auditing and enforcing policies on tool calls.

CLI tool for QSVA — initialize, visualize, and monitor your AI agent policy enforcement

TypeScript SDK for MandateOS agent integrations.

MCP server for the Aethis developer API — eligibility checks via Claude, Cursor, Windsurf

Shared schemas, Zod validators, and TypeScript types for the Vorion AI governance platform

Public Preview — TypeScript SDK for the Agent Governance Toolkit: agent identity, trust scoring, policy evaluation, and audit logging

Load Cerbos policies from YAML or JSON files

This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

Policy Engine - governance controls and budget management for agent operations

ESLint shareable config for the Eleven Code Style

🔐 Modern, Laravel-inspired permissions system for React/Inertia.js with advanced pattern matching, boolean expressions, and zero dependencies. Features wildcard patterns, custom permissions, and full TypeScript support.

AI agent governance: policies, audit, and observability for tool calls. Works locally with no signup.

xBPP — Execution Boundary Permission Protocol for AI agent payments

Monokle Cloud synchronizer

Public Preview — GitHub Copilot Extension for agent governance code review: detects missing policy checks, unguarded tool calls, and audit logging gaps

Official browser/runtime loader for LogicPearl Wasm artifact bundles.

OPA authorization helper library

Styra-supported React hooks and components for frontend authorization based on @styra/opa

ESLint configuration files (shareable configs) to guard from problems in different areas of JavaScript development.

Repo-local framework and CLI for making AI-assisted development easier to trust through adapters, policy packs, evidence, and evals.

Webpack plugin that automatically generates AEM component dialog XML, design dialogs, and policies from JSON configurations

A type-safe, declarative authorization library for TypeScript with Standard Schema support

CLI and runtime helpers for frontier policy benchmark arenas.

SugoiJS core

Jiffy hardening-template CLI. Applies curated baseline bundles (SOC 2, enterprise, finance, managed desktop) to a repo or managed endpoint. Offline-capable on the stable channel.

Declarative temporal constraint evaluation for API authorization. Identity-keyed resource budgets with automatic dependency discovery and atomic transactional commit.

Official TypeScript SDK for the Stellrai governed execution runtime

A serverless plugin to automatically attach an AWS Permission Boundary to all IAM Roles created by the Service.

Security enforcement layer for AI coding agents (Claude Code, Cursor, OpenAI Codex, custom runtimes). Blocks dangerous commands, audits every tool call, detects prompt injection. Usable as a CLI, a Node library, or a plugin.

AI agent governance: policies, audit, and observability for tool calls. Works locally with no signup.

BPSmart's default ESLint configuration

Policy engine — system invariants, custom rule evaluation, secret guard (detect and redact), and audit logging

Policy-driven CDN edge security. Init YAML with npx cdn-security init, then npx cdn-security build to generate runtime code.

Actively maintained fork of `eslint-config-standard`: ESLint Config for JavaScript Standard Style

JanuScope: the local MCP policy proxy. One YAML wraps any MCP server with policy, redaction, audit, rate-limiting, and database-schema injection. No hosted gateway in the data path. Block dangerous tools, scrub sensitive output, audit every call.

Process discipline for AI coding agents.

Reactive DG/DAG execution engine for LLM agents. Single file. One dependency (rxjs). Zero opinions about your stack.

JavaScript Standard Style - ESLint Shareable Config

Type-safe data classification and security enforcement for TypeScript - prevent secrets and PII leaks with compile-time and runtime guarantees

Action-side runtime policy library for autonomous agents — bounds what the agent does, not what it says. Sibling of bareagent in the bare suite.

CuratedMCP's local-first action firewall for MCP servers

Prisma middleware that handles Role-Based Access Control based on Express server context

MCP server for the ALFA attribute-based access control policy language

Flexible and Fluent way to manage ACL in Node.js.

TypeScript SDK for LetAgentPay — AI agent spending policy middleware for fiat and x402 crypto-micropayments

OpenClaw ATBASH tool-audit plugin. Thin adapter that maps OpenClaw's before_tool_call hook onto @atbash/sdk.

JavaScript Standard Style (with Flow types)

MCP server for LetAgentPay — AI agent spending policy middleware for fiat and x402 crypto-micropayments

Lint MCP server tool schemas for cross-client compatibility + runtime preflight for agent tool calls

Deterministic policy checks for AI-agent workflows: enforce orchestration invariants against traces and event logs without adding prompt tokens.

policy language compiler for freelog

Policy-based MCP tool call proxy

JavaScript Happiness Style JSX support - ESLint Shareable Config

Official TypeScript SDK for Agent Action Firewall - AI agent security platform

Policy engine for scoring and evaluating sandbox events

MIT-licensed memory, policy, and atlas framework with MCP server. For local dev and private automation.

Skeleton for ESLint shareable configs

Command-line interface for Krynix: policy evaluation, trace verification, replay, and compliance reporting

FriskAI TypeScript SDK

JS bindings for Nodora rule engine

DSA transparency and policy analyzer

Generate a policy for a Strapi API.

ESLint shareable config for JSDoc-related rules.

AI payment control — protect your agent's payments with policies

Stop AI agents from doing dangerous things through MCP. Guard any MCP server with allow/deny/approve policies.

Policy evaluation engine for Krynix: YAML policy parsing, rule matching, and trace evaluation

Declarative API gateway as a TypeScript library. Runs on Cloudflare Workers, Node.js, Deno, Bun, and any JavaScript runtime.

Compile ZenStack access policies into Electric SQL shape filters

Cordon for MCP — security gateway for MCP tool calls. Firewall, auditor, and human-in-the-loop approvals over any stdio MCP server.

Policy enforcement for AI tool calls. Default-deny control for any MCP server.

Governance-first agent SDK with deterministic policy gates, auditable run records, and IoC-oriented orchestration.

Official JavaScript/TypeScript SDK for the Execlave AI agent governance platform — tracing, policy enforcement, and framework auto-instrumentation for LangChain

ESLint Shareable Config for Pebble

JavaScript Standard Style Deku/JSX support - ESLint Shareable Config

Supply-chain security firewall for Node.js — resolves dependencies, scans via OSV.dev and NVD, and enforces configurable vulnerability policies before anything reaches node_modules.

Sandboxed execution engine with policy controls and approval workflows for DojOps

Policy-as-code enforcement for MCP tool calls

Angular module to manage terms, policies and Smartlook integration.

JavaScript Standard Style

Lightweight policy-driven execution runtime for Node.js

Rego policy language syntax highlighting plugin for highlight.js

Deterministic role capability policies for AI-agent workflows: resolve, check, and render tool/MCP/filesystem permissions without model calls.

Framework-agnostic ATBASH tool-audit SDK: validate endpoint, log on-chain, query judge, verify response signature.

MosheSDK core engine — 7-stage pipeline, policy, analyzers, taint, chain risk

SeekingAlpha's sharable QA ESLint config

Modular TSLint configuration

Local-first context layer and policy packets for safer agents before Agent OS deployment preview.

Embeddable AI action firewall for MCP servers and APIs with JSON policies, signed receipts, spend caps, and simulation mode

Lightweight, secure authorization engine for Node.js using TOON policy files. Zero eval(), TypeScript-first, deny-by-default.

React components for editing Cedar policies, schemas, and context using Monaco Editor

MosheSDK shared types, schemas, and validators

ProxManLib safety and policy layer — risk classification, confirmation, impact

TypeScript client for Runestone Gatekeeper - policy enforcement for AI agent tools

Runtime authorization for AI agents. Default-deny policies, sub-10ms edge decisions, full audit trail.