Takumi Guard

info

The English user guide is currently in beta preview. Most of the documents have been automatically translated from the Japanese version. Should you find any inaccuracies, please reach out to Flatt Security.

Takumi Guard is an npm registry proxy that provides malicious package blocking and install tracking.

Key capabilities:

• Package Blocking: Requests for packages on the blocklist are rejected with a 403 error before any code reaches your machine.
• Download Tracking: Records the install history of authenticated users.
• Breach Notifications: When a security advisory is published for a package you previously downloaded, you are notified so you can take action.

Takumi Guard works as a drop-in replacement for the default npm registry. You can start using it with no code changes — just update your registry URL.

See Quickstart for setup instructions and Limitations & Caveats for known constraints.