Product
Introducing Manifest Alerts
Socket now detects supply chain risks in project manifests, starting with missing lockfiles that can make dependency installs non-reproducible.
By André Staltz, Trevor Norris - Jun 16, 2026
🚀. Socket Launch Week Day 2:Introducing Manifest Alerts.Learn more →
@cortexkit/aft-bridge
Advanced tools
@cortexkit/aft-bridge
Shared NDJSON bridge transport, binary resolution, and ONNX runtime helpers for AFT agent-host plugins (OpenCode, Pi)
@cortexkit/aft-bridge
Shared NDJSON transport, binary resolution, and ONNX runtime helpers used by AFT agent-host plugins (OpenCode, Pi, and future MCP-based hosts).
This package is not intended for direct end-user consumption — it powers
@cortexkit/aft-opencode
and @cortexkit/aft-pi.
What it owns
- Transport —
BinaryBridge(one persistentaftchild process),BridgePool(one bridge per canonical project root), wire envelope and push-frame types. - Binary resolution — versioned cache, npm platform package lookup, PATH / cargo fallback, GitHub release download with SHA-256 verification.
- ONNX runtime — auto-download for supported targets, install detection and version probing, manual-install hints for unsupported platforms.
What it does not own
Host-specific behaviour stays in the plugin packages:
- Configuration loading (each host has its own conventions and config paths).
- Permission UX (
ctx.ask()and prompt rendering belong to the host SDK). - Tool registration and rendering.
- Notifications, slash commands, and TUI integration.
- Session-ID lookup and per-request session injection.
Versioning
Released in lock-step with @cortexkit/aft-opencode and @cortexkit/aft-pi.
The bridge protocol is versioned end-to-end: a plugin running an older bridge
package will detect a newer aft binary and refuse to talk to it.
FAQs
Shared NDJSON bridge transport, binary resolution, and ONNX runtime helpers for AFT agent-host plugins (OpenCode, Pi)
The npm package @cortexkit/aft-bridge receives a total of 2,745 weekly downloads. As such, @cortexkit/aft-bridge popularity was classified as popular.
We found that @cortexkit/aft-bridge demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 05 May 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
GlassWASM: WebAssembly Malware Found in Trojanized Open VSX Extensions
The trojanized extensions use TinyGo-compiled WebAssembly and Solana transaction memos to resolve command-and-control infrastructure.
By Joseph Edwards - Jun 15, 2026
Security News
US Government Forces Anthropic to Pull Claude Fable Days After Launch
Anthropic says the directive cited national security concerns over a narrow jailbreak, but offered no specific technical details.
By Sarah Gooding - Jun 13, 2026