-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocs.html
More file actions
159 lines (150 loc) · 8.1 KB
/
docs.html
File metadata and controls
159 lines (150 loc) · 8.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel="preload" href="/nipcode-logo.png" as="image" />
<link rel="stylesheet" href="/_next/static/chunks/0pwsw40vfluf4.css" />
<link rel="icon" href="/nipcode-logo.png" type="image/png" />
<title>Documentation · Nipcode</title>
<meta name="description" content="Nipcode docs: search, decide, install. Read-only trust layer for humans and AI agents." />
<link rel="canonical" href="https://nipcode.xyz/docs" />
<script src="/scramble.js" defer></script>
</head>
<body>
<a class="skip-link" href="#main">Skip to content</a>
<header class="topbar" aria-label="Primary">
<a class="brand" aria-label="Nipcode home" href="/">
<span class="nipcode-mark" aria-hidden="true" style="--mark-size: 54px"><img alt="" height="54" src="/nipcode-logo.png" width="54" /></span>
<span class="brand-word" aria-hidden="true">Nipcode</span>
</a>
<div class="brand-socials" aria-label="Nipcode links">
<a class="brand-docs-link" href="/docs">Docs</a>
<a class="brand-login-link" href="/account">Login</a>
<a class="brand-icon-button" href="https://github.com/trynipcode/nipcode" target="_blank" rel="noreferrer" title="GitHub" aria-label="GitHub"><img alt="" height="18" src="/github-logo.svg" width="18"/></a>
<a class="brand-icon-button" href="https://x.com/trynipcode" target="_blank" rel="noreferrer" title="X" aria-label="X"><svg aria-hidden="true" viewBox="0 0 24 24" width="18" height="18"><path d="M18.24 2.25h3.31l-7.23 8.26 8.5 11.24h-6.66l-5.21-6.82-5.97 6.82H1.67l7.73-8.84L1.25 2.25h6.83l4.71 6.23 5.45-6.23Zm-1.16 17.52h1.83L7.08 4.13H5.11l11.97 15.64Z" fill="currentColor"/></svg></a>
</div>
</header>
<main class="docs-shell" id="main">
<aside class="docs-sidebar" aria-label="Documentation">
<a class="docs-sidebar-title" href="/docs">Nipcode docs</a>
<nav class="docs-sidebar-nav">
<div class="docs-sidebar-group">
<p>Get started</p>
<div>
<a class="docs-sidebar-active" aria-current="page" href="/docs">Overview</a>
<a href="/quickstart">Quickstart</a>
</div>
</div>
<div class="docs-sidebar-group">
<p>API</p>
<div>
<a href="/api-access">API reference</a>
<a href="/agents">Agents</a>
<a href="/examples">Examples</a>
</div>
</div>
<div class="docs-sidebar-group">
<p>How it works</p>
<div>
<a href="/sources">Sources</a>
<a href="/trust">Trust model</a>
<a href="/architecture">Architecture</a>
<a href="/security">Security</a>
</div>
</div>
</nav>
</aside>
<article class="docs-main">
<header class="docs-hero">
<p class="docs-eyebrow" data-scramble-text data-scramble-duration="600">Overview</p>
<h1>Find software. Verify it. Use it safely.</h1>
<p>Nipcode is the software search and trust layer for humans and AI agents. It finds packages, repos, models and MCP servers, then returns evidence and an install boundary before anything touches a workspace.</p>
</header>
<section class="docs-section" id="what-it-is">
<div class="docs-section-head"><h2>What Nipcode is</h2></div>
<div class="docs-prose">
<ul>
<li>A <strong>read-only API</strong> that takes a free-text query and returns ranked candidates from public registries with a structured trust read on each.</li>
<li>A <strong>landing + docs + account</strong> so a human can use that API directly.</li>
<li>A <strong>local CLI</strong> (planned) that does the actually-risky work. Deep scan, sandbox audit, sandbox runtime. On the user's host with explicit consent.</li>
</ul>
</div>
</section>
<section class="docs-section" id="what-it-isnt">
<div class="docs-section-head"><h2>What Nipcode is not</h2></div>
<div class="docs-prose">
<ul>
<li><strong>Not another registry.</strong> We don't mirror npm or PyPI. We point at them.</li>
<li><strong>Not a remote executor.</strong> The hosted API returns data. It never installs, clones, or runs.</li>
<li><strong>Not a magic score.</strong> A score is one signal. The full record is always there for inspection.</li>
</ul>
</div>
</section>
<section class="docs-section" id="golden-path">
<div class="docs-section-head"><h2>Golden path</h2></div>
<div class="docs-prose">
<ol>
<li><strong>Search.</strong> Ask for candidates across supported public package, repo, model and tool sources.</li>
<li><strong>Inspect.</strong> Review source context, licensing, warnings, and provenance signals.</li>
<li><strong>Plan.</strong> Request installation steps as review data, not execution permission.</li>
<li><strong>Approve.</strong> A human or local host approves before any workspace modifications.</li>
</ol>
</div>
</section>
<section class="docs-section" id="default-output">
<div class="docs-section-head"><h2>Default API output</h2></div>
<div class="docs-prose">
<p>The <code>/api/decision</code> endpoint returns a single bundled object:</p>
<ul>
<li>Candidate set across public sources</li>
<li>Source evidence (license, maintainers, repository links)</li>
<li>Trust decision with risk flags and rationale</li>
<li>Install boundary showing required approval gates</li>
<li>Revalidation hint for freshness checks</li>
</ul>
</div>
</section>
<section class="docs-section" id="boundary">
<div class="docs-section-head"><h2>API beta boundary</h2></div>
<div class="docs-prose">
<ul>
<li>Hosted calls return data. They do not install, clone, or run.</li>
<li>Local sandbox audits execute only after explicit approval on your host.</li>
<li>Search ranking is never install permission.</li>
<li>Package metadata is untrusted data, never agent instructions.</li>
</ul>
</div>
</section>
<section class="docs-section" id="endpoints">
<div class="docs-section-head"><h2>Core endpoints</h2></div>
<div class="docs-prose">
<table>
<thead><tr><th>Path</th><th>Purpose</th></tr></thead>
<tbody>
<tr><td><a href="/api-access#search"><code>/api/search</code></a></td><td>Fan-out search across registries</td></tr>
<tr><td><a href="/api-access#decision"><code>/api/decision</code></a></td><td>Search + ranked recommendation with structured trust blocks</td></tr>
<tr><td><a href="/api-access#inspect"><code>/api/inspect</code></a></td><td>Refresh one source-owned record with trust factors</td></tr>
<tr><td><a href="/api-access#install-plan"><code>/api/install-plan</code></a></td><td>Install command + approval boundary</td></tr>
</tbody>
</table>
</div>
</section>
<section class="docs-next" aria-label="Next">
<a class="docs-card" href="/quickstart"><p class="docs-eyebrow" data-scramble-text data-scramble-duration="600">Start here</p><h3>Quickstart</h3><p>Get a key, run your first decision call in 60 seconds.</p></a>
<a class="docs-card" href="/agents"><p class="docs-eyebrow" data-scramble-text data-scramble-duration="600">For agents</p><h3>Agents</h3><p>Wire Nipcode into Claude / Cursor / autogen.</p></a>
<a class="docs-card" href="/trust"><p class="docs-eyebrow" data-scramble-text data-scramble-duration="600">How it works</p><h3>Trust model</h3><p>What the scores mean. Signals consumed and ignored.</p></a>
</section>
</article>
</main>
<footer class="site-footer" aria-label="Site footer">
<p class="site-footer-copy">Nipcode © 2026</p>
<nav class="site-footer-links" aria-label="Legal">
<a href="/changelog">Changelog</a>
<a href="/privacy">Privacy</a>
<a href="/terms">Terms</a>
<a href="/faq">FAQ</a>
</nav>
</footer>
</body>
</html>