Built for automated development

Guardrails for AI agents before they install, test, or publish.

Package Ninja gives coding agents a safe command path: preview the plan, fetch workspace policy, stop risky package actions, and return structured outcomes that automation can understand.

Policy before side effects

Agents can plan and run package workflows through Package Ninja so denied installs, risky publishes, and dependency mutations stop before the native package manager changes the workspace.

Machine-readable command results

Structured JSON output lets agents react to auth-required, policy-blocked, network-degraded, and command-failed states without scraping human prose from the terminal.

Publish and source-leak checks

Package Ninja inspects publish artifacts and deploy-relevant paths so agents get blocked before accidentally shipping secrets, source maps, or more files than intended.

Auditable agent activity

Allowed, blocked, warned, bypassed, and failed executions carry context into the workspace audit trail so teams can review what automation attempted and why it was allowed or stopped.

Agent command contract

Use the CLI as the policy boundary.

$ package-ninja plan --json --workflow restore --cwd .
$ package-ninja add left-pad --json
$ package-ninja run --json -- npm test
$ package-ninja publish --json

What agents should do next

  • Run package workflow previews before executing dependency or publish commands.
  • Respect policy-blocked and billing/auth-required outcomes as hard stops.
  • Surface remediation and next_step fields to the human operator instead of retrying blindly.
  • Use Package Ninja for publish and deploy-adjacent checks before shipping artifacts.

Start safely

The fastest path is the same for people and agents: install the CLI, sign in through the browser, preview the plan, then run governed commands through Package Ninja.