Skip to content
View trynipcode's full-sized avatar
2 followers · 0 following

Achievements

Achievement: Pull Sharkx2Achievement: YOLOAchievement: Pair ExtraordinaireAchievement: Quickdraw

Achievements

Achievement: Pull Sharkx2Achievement: YOLOAchievement: Pair ExtraordinaireAchievement: Quickdraw

Block or report trynipcode

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
trynipcode/README.md

Nipcode. search. decide. install.

Building Nipcode

Package search and trust layer for humans and AI agents. Evidence, risk and install boundary before any code touches your workspace.

Not another registry. Not a remote executor. Not a magic score.

What is live

  • 7 sources. npm, PyPI, crates.io, GitHub, Hugging Face, Docker Hub, MCP servers.
  • 4 endpoints. /api/search, /api/decision, /api/inspect, /api/install-plan.
  • OTP and OAuth. Email, Google, GitHub, Phantom (Solana SIWS).
  • Project namespaces. Up to 25 API keys per account, grouped by project.
  • Rate limit. 60 requests per minute per key.
  • Public docs. nipcode.xyz/docs.
  • Open changelog. nipcode.xyz/changelog.

Boundaries

  • The hosted API is read-only. It never installs and never writes to your workspace.
  • The trust score is one signal. It is never install permission.
  • Package metadata is treated as untrusted data, not as agent instructions.
  • Install commands always require explicit user or host-policy approval.

On the roadmap

  • JSR, Go modules, Maven Central, NuGet.
  • Local CLI with deep scan, sandbox audit, sandbox runtime.
  • Remote and local MCP servers.
  • Per-key usage stats in the dashboard.
  • Custom OTP email through Resend.

Links

contribution snake

Popular repositories Loading

  1. unisphincs unisphincs Public

    Forked from vbuterin/sphincsminus

    post-quantum signatures for the next ethereum. uniswap-ready toolkit around vbuterin's sphincs-.

    Lean 1

  2. mevswap-sdk mevswap-sdk Public

    mev-protected private swaps for humans and ai agents — zk-routed on solana

    TypeScript

  3. trace-protocol trace-protocol Public

    Autonomous AI agent verifier on Ethereum/Base. Scans every agent deployment, classifies behavior as AUTONOMOUS / HYBRID / HUMAN, publishes onchain attestations.

    TypeScript

  4. usetraceprotocol usetraceprotocol Public

    profile readme

  5. trace-protocol-site trace-protocol-site Public

    trace protocol — landing page (next 16 + tailwind v4)

    TypeScript

  6. hikara hikara Public

    solana mev forensics agent. read-only. shows what got taken from you in the dark.

    Python