@artale/pi-sentinel

Agent security framework. Immutable audit trail, permission policies, self-modification detection, destructive command guard.

Package details

← Back
extension

Install @artale/pi-sentinel from npm and Pi will load the resources declared by the package manifest.

npm repohome report
$ pi install npm:@artale/pi-sentinel
Package
@artale/pi-sentinel
Version
2.6.4
Published
May 2, 2026
Downloads
204/mo · 29/wk
Author
artale
License
MIT
Types
extension
Size
90.7 KB
Dependencies
0 dependencies · 0 peers
Pi manifest JSON
{
  "image": "https://raw.githubusercontent.com/artale93/pi-sentinel/main/preview.png",
  "commands": [
    "sentinel"
  ],
  "tools": [
    "sentinel_policy",
    "sentinel_audit",
    "sentinel_scan"
  ]
}

Security note

Pi packages can execute code and influence agent behavior. Review the source before installing third-party packages.

README

@artale/pi-sentinel

Agent security framework for pi. Immutable audit trail, permission policies, destructive command guard, self-modification detection.

Based on 0DIN research: "Context is the control plane." Detects self-modification attacks (Palisade Research).

Install

npm install -g @artale/pi-sentinel

Features

  • 22 destructive command patterns blocked via tool_call hook
  • Immutable audit trail with SHA-256 hashed entries
  • Permission policies — allow/deny rules for paths, tools, commands
  • Self-modification detection — monitors writes to extensions, AGENTS.md, .ssh, .env
  • Session integrity — hash session files, detect reframe attacks

Tools

  • sentinel_policy — View/modify permission policies
  • sentinel_audit — Query audit trail
  • sentinel_scan — Security scan for manipulation patterns

Commands

  • /sentinel status — Current policies and audit stats
  • /sentinel audit [n] — Last N audit entries
  • /sentinel scan — Full security scan