New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@agentforge/core

Package Overview
Dependencies
Maintainers
1
Versions
91
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@agentforge/core

Production-ready TypeScript agent framework built on LangGraph with orchestration, middleware, and typed abstractions.

latest
Source
npmnpm
Version
0.16.13
Version published
Maintainers
1
Created
Source

@agentforge/core

Core abstractions for AgentForge - production-ready framework for building deep agents with LangGraph

npm version TypeScript License

🎉 Status: Production Ready & Published

All features complete | 500+ tests passing | Full TypeScript support | Comprehensive documentation

✨ Features

🛠️ Tool System

  • Rich Metadata - Categories, tags, examples, and detailed descriptions
  • Fluent Builder API - Easy tool creation with createTool()
  • Tool Registry - Centralized management with querying and events
  • LangChain Integration - Seamless conversion to/from LangChain tools
  • Prompt Generation - Automatic LLM-friendly prompt generation
  • 113 tests - Comprehensive test coverage

📊 LangGraph Utilities

  • State Management - Type-safe state annotations with Zod validation
  • Workflow Builders - Sequential, parallel, and conditional patterns
  • Error Handling - Retry, error handling, and timeout utilities
  • Subgraph Composition - Reusable subgraph utilities
  • Memory & Persistence - Checkpointer and thread management
  • Observability - LangSmith integration, metrics, logging, error reporting
  • 158 tests - Full coverage of all utilities

� Middleware System

  • Composable Middleware - Caching, rate limiting, validation, concurrency control
  • Production Presets - Ready-to-use middleware stacks
  • Development Tools - Logging, debugging, and testing middleware
  • 94 tests - Comprehensive middleware testing

🌊 Streaming & Real-time

  • Stream Transformers - Filter, map, batch, debounce, throttle
  • Stream Aggregators - Collect, reduce, window operations
  • SSE Support - Server-Sent Events for real-time updates
  • WebSocket Support - Bidirectional streaming
  • Progress Tracking - Monitor long-running operations
  • 68 tests - Full streaming coverage

🛠️ Advanced Tools

  • Async Execution - Parallel and sequential tool execution
  • Lifecycle Management - Setup, teardown, and cleanup hooks
  • Tool Composition - Combine tools into pipelines
  • Testing Utilities - Mock tools and test helpers

📦 Resource Management

  • Connection Pooling - Efficient resource reuse
  • Memory Management - Automatic cleanup and limits
  • Batch Processing - Efficient bulk operations
  • Circuit Breaker - Fault tolerance and resilience

� Monitoring

  • Health Checks - System and component health monitoring
  • Profiling - Performance metrics and bottleneck detection
  • Alerts - Configurable alerting system
  • Audit Logging - Comprehensive activity tracking

🚀 Deployment

  • Docker Support - Production-ready containers
  • Kubernetes - Deployment manifests and guides
  • CI/CD Templates - GitHub Actions, GitLab CI
  • Configuration Management - Environment-based config

Installation

pnpm add @agentforge/core

Quick Start

Tool System

import { createTool } from '@agentforge/core';
import { z } from 'zod';

const weatherTool = createTool({
  name: 'get_weather',
  description: 'Get current weather for a location',
  schema: z.object({
    location: z.string().describe('City name'),
    units: z.enum(['celsius', 'fahrenheit']).optional()
  }),
  execute: async ({ location, units = 'celsius' }) => {
    // Implementation
    return { temperature: 22, units, location };
  }
});

LangGraph Workflow Builders

import { createSequentialWorkflow, withRetry } from '@agentforge/core';
import { z } from 'zod';

// Create a sequential workflow
const workflow = createSequentialWorkflow(AgentState, [
  { name: 'fetch', node: fetchNode },
  { name: 'process', node: processNode },
  { name: 'save', node: saveNode },
]);

// Add error handling
const robustNode = withRetry(myNode, {
  maxAttempts: 3,
  backoff: 'exponential',
});

const app = workflow.compile();

Documentation

📚 Full Documentation

Core Guides

Tutorials

Examples

See the examples documentation for complete working examples.

Development

# Build
pnpm build

# Watch mode
pnpm dev

# Run tests
pnpm test

# Type check
pnpm typecheck

🔗 Links

License

MIT © 2026 Tom Van Schoor

Keywords

agent-framework
llm-framework
ai-framework
typescript
nodejs
langchain-typescript

FAQs

Package last updated on 09 Apr 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation

Security News

Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation

OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.

By Sarah Gooding  -  Apr 11, 2026
Don't Kill the Goose That Lays the Golden Eggs

Security News

Don't Kill the Goose That Lays the Golden Eggs

Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.

By Sarah Gooding  -  Apr 10, 2026
Feross on TBPN: How North Korea Hijacked Axios

Security News

Feross on TBPN: How North Korea Hijacked Axios

Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.

By Sarah Gooding  -  Apr 08, 2026