🚀. Socket Launch Week Day 3:Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions.Learn more
Sign In

@cortexkit/aft-bridge

Package Overview
Dependencies
Maintainers
1
Versions
55
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@cortexkit/aft-bridge

Shared NDJSON bridge transport, binary resolution, and ONNX runtime helpers for AFT agent-host plugins (OpenCode, Pi)

Source
npmnpm
Version
0.39.3
Version published
Weekly downloads
3.7K
81.7%
Maintainers
1
Weekly downloads
 
Created
Source

@cortexkit/aft-bridge

Shared NDJSON transport, binary resolution, and ONNX runtime helpers used by AFT agent-host plugins (OpenCode, Pi, and future MCP-based hosts).

This package is not intended for direct end-user consumption — it powers @cortexkit/aft-opencode and @cortexkit/aft-pi.

What it owns

  • TransportBinaryBridge (one persistent aft child process), BridgePool (one bridge per canonical project root), wire envelope and push-frame types.
  • Binary resolution — versioned cache, npm platform package lookup, PATH / cargo fallback, GitHub release download with SHA-256 verification.
  • ONNX runtime — auto-download for supported targets, install detection and version probing, manual-install hints for unsupported platforms.

What it does not own

Host-specific behaviour stays in the plugin packages:

  • Configuration loading (each host has its own conventions and config paths).
  • Permission UX (ctx.ask() and prompt rendering belong to the host SDK).
  • Tool registration and rendering.
  • Notifications, slash commands, and TUI integration.
  • Session-ID lookup and per-request session injection.

Versioning

Released in lock-step with @cortexkit/aft-opencode and @cortexkit/aft-pi. The bridge protocol is versioned end-to-end: a plugin running an older bridge package will detect a newer aft binary and refuse to talk to it.

FAQs

Package last updated on 17 Jun 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection

Product

Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection

Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.

By John Tuckner  -  Jun 18, 2026