Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@defi-wonderland/ai-rules
Advanced tools
@defi-wonderland/ai-rules (Core Script)
Script entry point for generating and managing AI configuration files (Cursor rules and coderabbit.yaml)
Overview
This package provides the main script entry for generating standardized configuration files (such as .coderabbit.yaml and .cursor/rules/*) across teams and repositories. It is a script that can be run directly or via npx.
Directory Structure
core/
├── src/
│ └── index.ts # Script entry point
├── bin/
│ └── ai-rules.js # Executable script for npx/global usage
├── test/
│ └── index.spec.ts # Tests for the script
├── package.json
└── README.md
Usage
You can run the script directly with npx (no install required):
npx @defi-wonderland/ai-rules
Or, after installing globally:
pnpm add -g @defi-wonderland/ai-rules
ai-rules
Or, for development:
git clone https://github.com/defi-wonderland/ai-rules.git
cd ai-rules
pnpm install
pnpm build
node packages/core/bin/ai-rules.js
Development
Prerequisites
- Node.js v20
- pnpm v9.7.1
Available Scripts
| Script | Description |
|---|---|
build | Build the script using tsc |
check-types | Check types issues using tsc |
clean | Remove dist folder |
lint | Run ESLint to check for coding standards |
lint:fix | Run linter and automatically fix code formatting issues |
format | Check code formatting and style using Prettier |
format:fix | Run formatter and automatically fix issues |
test | Run tests using vitest |
test:cov | Run tests with coverage report |
Features
- Generates
.coderabbit.yamland.cursor/rules/*files for standardizing AI configuration - Supports multiple tech stacks and team types
- Semantic versioning for configuration
- Typesafe and extensible architecture
- File system-based operations with robust error handling
Versioning and File Management
The configuration files generated by @defi-wonderland/ai-rules (both .coderabbit.yaml and the individual rule files in .cursor/rules/) include a version field. This version corresponds to the version of the ai-rules package itself or its underlying base configuration.
When you run the script:
-
Version Comparison: For files that the script manages (i.e., files it would normally generate), it reads the
versionfrom the existing file on your system. It then compares this version with its current internal version. An update (overwrite) to a managed file only occurs if the script's version is newer than the version found in the existing file. This ensures your configurations are kept up-to-date with the latest standards provided by the package without unnecessary changes. -
Preservation of Custom Files: The script is designed to be non-destructive towards user-created customizations. If you create your own rule files within the
.cursor/rules/directory (or its subdirectories likeOffchain,Solidity,UI), these custom files will not be overwritten or deleted by the script. The script only manages and potentially overwrites files that are part of its standard generation process, identified by their expected names and paths. This allows you to extend the base rule set with your own specific guidelines without fear of them being removed when you update the standard configurations.
Contributing with Changesets
This project uses Changesets to manage versioning and changelogs. If you are making a change that should result in a new version of the @defi-wonderland/ai-rules package (e.g., bug fixes, new features, breaking changes), you need to add a changeset.
To add a changeset, run the following command in the root of the monorepo:
pnpm changeset add
This will prompt you to:
- Select the package(s) that your changes affect (in this case, primarily
@defi-wonderland/ai-rules). - Choose the appropriate version bump (patch, minor, or major) for each selected package based on Semantic Versioning.
- Write a concise summary of your changes. This summary will be used to generate the changelog.
Commit the generated markdown file (located in the .changeset directory) along with your code changes. This file tells the automated release process what to do when your changes are merged into the main branch. Currently we are publishing on merges to main.
Contributing
See the root README for contribution guidelines, conventional commits, and package creation instructions.
License
The license for this codebase is MIT. See the LICENSE file for details.
FAQs
Script to install standard AI configuration files
We found that @defi-wonderland/ai-rules demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 29 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025