New: Introducing PHP and Composer Support.Read the Announcement
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@ag-ui/core

Package Overview
Dependencies
Maintainers
2
Versions
50
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@ag-ui/core

TypeScript definitions & runtime schemas for the **Agent-User Interaction (AG-UI) Protocol**.

latest
npmnpm
Version
0.0.45
Version published
Weekly downloads
333K
4.22%
Maintainers
2
Weekly downloads
 
Created
Source

@ag-ui/core

TypeScript definitions & runtime schemas for the Agent-User Interaction (AG-UI) Protocol.

@ag-ui/core delivers the strongly-typed building blocks that every other AG-UI package is built on: message & state models, run inputs and the full set of streaming event types.

Installation

npm install @ag-ui/core
pnpm add @ag-ui/core
yarn add @ag-ui/core

Features

  • 🧩 Typed data modelsMessage, Tool, Context, RunAgentInput, State
  • 🔄 Streaming events – 16 core event kinds covering assistant messages, tool calls, state updates and run lifecycle.
  • Runtime validation – schemas catch malformed payloads early.
  • 🚀 Framework-agnostic – works in Node.js, browsers and any agent framework that can emit JSON.

Quick example

import { EventSchemas, EventType } from "@ag-ui/core";

// Validate an incoming event
EventSchemas.parse({
  type: EventType.TEXT_MESSAGE_CONTENT,
  messageId: "msg_123",
  delta: "Hello, world!",
});

Documentation

  • Concepts & architecture: docs/concepts
  • Full API reference: docs/sdk/js/core

Contributing

Bug reports and pull requests are welcome! Please read our contributing guide first.

License

MIT © 2025 AG-UI Protocol Contributors

FAQs

Package last updated on 11 Feb 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Cline CLI npm Package Compromised via Suspected Cache Poisoning Attack

Security News

Cline CLI npm Package Compromised via Suspected Cache Poisoning Attack

A compromised npm publish token was used to push a malicious postinstall script in cline@2.3.0, affecting the popular AI coding agent CLI with 90k weekly downloads.

By Sarah Gooding  -  Feb 18, 2026
Socket Brings Supply Chain Security to skills.sh

Product

Socket Brings Supply Chain Security to skills.sh

Socket is now scanning AI agent skills across multiple languages and ecosystems, detecting malicious behavior before developers install, starting with skills.sh's 60,000+ skills.

By Wenxin Jiang, Alexandros Kapravelos  -  Feb 17, 2026
Introducing PHP and Composer Support in Socket

Product

Introducing PHP and Composer Support in Socket

Socket now supports PHP with full Composer and Packagist integration, enabling developers to search packages, generate SBOMs, and protect their PHP dependencies from supply chain threats.

By Trevor Norris  -  Feb 17, 2026