Security News
crates.io Ships Security Tab and Tightens Publishing Controls
crates.io adds a Security tab backed by RustSec advisories and narrows trusted publishing paths to reduce common CI publishing risks.
By Sarah Gooding -  Jan 27, 2026
🚀 Launch Week Day 5:Introducing Immutable Scans.Learn More →
@ag-ui/core
Advanced tools
@ag-ui/core
TypeScript definitions & runtime schemas for the **Agent-User Interaction (AG-UI) Protocol**.
- Version
- 0.0.42-alpha.2
- Version published
- Weekly downloads
- 200K -10.96%
- Maintainers
- 2
Weekly downloads
Â
- Created
@ag-ui/core
TypeScript definitions & runtime schemas for the Agent-User Interaction (AG-UI) Protocol.
@ag-ui/core delivers the strongly-typed building blocks that every other AG-UI package is built on: message & state models, run inputs and the full set of streaming event types.
Installation
npm install @ag-ui/core
pnpm add @ag-ui/core
yarn add @ag-ui/core
Features
- 🧩 Typed data models –
Message,Tool,Context,RunAgentInput,State… - 🔄 Streaming events – 16 core event kinds covering assistant messages, tool calls, state updates and run lifecycle.
- ✅ Runtime validation – schemas catch malformed payloads early.
- 🚀 Framework-agnostic – works in Node.js, browsers and any agent framework that can emit JSON.
Quick example
import { EventSchemas, EventType } from "@ag-ui/core";
// Validate an incoming event
EventSchemas.parse({
type: EventType.TEXT_MESSAGE_CONTENT,
messageId: "msg_123",
delta: "Hello, world!",
});
Documentation
- Concepts & architecture:
docs/concepts - Full API reference:
docs/sdk/js/core
Contributing
Bug reports and pull requests are welcome! Please read our contributing guide first.
License
MIT © 2025 AG-UI Protocol Contributors
FAQs
TypeScript definitions & runtime schemas for the **Agent-User Interaction (AG-UI) Protocol**.
The npm package @ag-ui/core receives a total of 156,585 weekly downloads. As such, @ag-ui/core popularity was classified as popular.
We found that @ag-ui/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 20 Nov 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious Chrome Extension Performs Hidden Affiliate Hijacking
A Chrome extension claiming to hide Amazon ads was found secretly hijacking affiliate links, replacing creators’ tags with its own without user consent.
By Kush Pandya -  Jan 27, 2026
Security News
curl Shuts Down Bug Bounty Program After Flood of AI Slop Reports
A surge of AI-generated vulnerability reports has pushed open source maintainers to rethink bug bounties and tighten security disclosure processes.
By Sarah Gooding -  Jan 23, 2026