Architecture

How Nipmod works.

The hosted API is a read-only package intelligence layer. It turns existing package sources into agent-readable decisions and install plans.

Hosted execution
none
Sources
external
Archive
confirmed use

System map

Nipmod architecture: agent, Nipmod API, sources, user approval, and Nipmod Archive.

Main components

Agent or host
A coding agent, local tool, MCP host or automation calls the Nipmod API before choosing a package.
The user still controls approval.
Source adapters
Resolvers query npm, PyPI, GitHub, Hugging Face and MCP sources through public surfaces.
Source ownership stays external.
Normalizer
Different source formats are converted into one agent-readable package record.
Agents get one shape instead of five.
Trust engine
Nipmod evaluates source context, metadata, warnings, install risk and available evidence.
Popularity is not install approval.
Policy boundary
Results are marked as recommended, review or blocked depending on risk and evidence.
The agent should show that status.
Install Plan
The API returns commands as review data. It does not run them.
Workspace writes happen only after approval.
Archive
Useful confirmed discoveries can be saved as durable package intelligence records.
Search alone is not a verified archive entry.

Lifecycle

  1. 1

    Ephemeral search

    The agent searches live sources. Nipmod returns candidates without treating them as verified archive entries.

  2. 2

    Exact inspect

    The agent selects one record and reads source, version, license, warnings and trust fields.

  3. 3

    Install plan

    Nipmod returns commands and risk context for review. This is still not execution.

  4. 4

    Approval

    The user or local host decides whether the command can run in the workspace.

  5. 5

    Confirmed archive

    If the result is useful, it can become a reusable record with source context, trust checks and receipts.

What is not happening

Search, Inspect and Install Plan do not download packages, run package managers or change lockfiles. The hosted API gives the agent package intelligence, not local execution power.

Nipmod does not claim ownership of npm, PyPI, GitHub, Hugging Face or MCP records. Source ownership remains with the original publisher, and Nipmod records only the context needed for agents to make safer decisions.

Package descriptions, READMEs, model cards and MCP descriptions are always treated as untrusted data. They can be summarized and inspected, but they cannot override the user, the host or the safety boundary.

Beta rollout

The API starts free and rate limited so real agents can test the flow while the trust model improves. This phase is about observing real package searches, improving source quality and learning which package records are useful enough to become durable intelligence.

We are using the Base ecosystem as the first collaboration surface because the project, token and early community are already there. After the API and archive loop are stable, the same structure applies to agent builders beyond Base.

Premium access and higher usage tiers can come later, after the public beta proves the package layer with real usage. The product boundary stays the same: search, inspect, install plan, approval, then optional archive confirmation.

Start quickstartOpen API referenceRead trust model