
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@egchq/egc
Advanced tools
EGC - Extended Global Context. Persistent memory and shared context for AI coding tools.
Language: English | العربية | Español | हिन्दी | Português (Brasil)
Language / اللغة / Idioma / भाषा
English | العربية | Español | हिन्दी | Português (Brasil)
Your AI agents never start from zero again.
No commands to learn. Just work - EGC handles the rest.
EGC is a local runtime that gives every AI coding tool you use a persistent memory. At the end of each session, your AI saves what it learned: decisions made, what failed, your preferences, what to pick up next. At the start of the next session, it loads that state back on its own - no prompting required. Say "let's continue" or "where did we stop?" in any language and your AI already knows what to do. One install covers Claude Code, Cursor, Gemini CLI, Windsurf, and more. Works with Claude, GPT-4o, Gemini, and OpenRouter models including DeepSeek, Qwen3, and Llama 4.
You open Claude Code on a project you haven't touched in two weeks. Without typing anything:
State loaded from egc-memory via ~/.egc/state/Projects-MyApp.md
Context and preferences acknowledged (terse responses).
Ready to pick up the next items:
• Test full install on a clean machine
• Add GEMINI.md with session memory protocol
• Publish v1.0.1 fix to npm after clean install test passes
• Add mcp_server_count to audit.js
=== EGC Stack Briefing ===
Stack: typescript, javascript
Stack agents: typescript-reviewer, javascript-reviewer
Always use: code-reviewer
Skill: coding-standards (cyclomatic complexity) - apply to all code written this session
===
The AI already knows what you were building, what decisions you made, what failed, and exactly where you stopped. It knows because EGC saved that state at the end of your last session and loaded it back when this one started - on its own, without you asking. You didn't type anything. You just started working.
npm install -g @egchq/egc && egc install
Or run without installing globally:
npx @egchq/egc install
EGC ships two MCP servers that work together during every session.
No commands to memorize. Your AI reads this table so you never have to. Say anything in any language - "continue from yesterday", "remember this decision", "what broke last time?" - and it calls the right tool. You just work. EGC handles the rest.
egc-memory
| Tool | What it does |
|---|---|
get_state | Loads project memory at session start |
update_state | Saves decisions, preferences, and next steps |
store_decision | Persists a single decision to SQLite |
query_history | Returns past decisions by timestamp |
search_history | Full-text search with BM25 ranking |
working_memory_set | Stores transient context with a TTL |
working_memory_get | Reads a transient key |
working_memory_list | Lists all live transient entries for the current project |
lesson_save | Records cross-session knowledge with confidence decay |
lesson_recall | Retrieves active lessons above a confidence threshold |
lesson_reinforce | Boosts confidence on a lesson when the same pattern repeats |
detect_patterns | Surfaces repeated commands and recurring errors from hook events |
compress_observations | Compresses raw hook observations into typed summaries to reduce token usage |
get_project_state | Returns server health metadata and storage engine status |
State files live at ~/.egc/state/<project-slug>.md. One file per project, plain Markdown, human-readable.
egc-guardian
These tools run automatically in the background. Every shell command and every file write is checked before it executes. You never invoke them directly.
| Tool | What it does |
|---|---|
validate_command | Checks shell commands against project safety rules before execution |
validate_write | Validates file write paths to prevent unsafe writes |
reduce_context | Compresses file payloads to save your token budget |
orchestrate_task | Routes prompts with agent/skill context and returns compression metrics |
auto_learn | Mines session failures and writes actionable lessons to all AI tool config files in the project |
egc watch - run it once and every tool you use stays in sync. Edit context in Cursor and it appears in Gemini CLI, Copilot, Windsurf, and everywhere else automatically. When your state updates, all your tool config files update with it. No manual steps, no stale state.
egc watch # watch current project
egc watch /path/proj # watch a specific project
egc watch --quiet # suppress output
egc dashboard - open your browser at http://localhost:7890 and watch everything your AI does, live. Tool calls, file edits, shell commands, token usage, memory state, and agent status stream in real time. The dashboard starts automatically every time you run egc init.
egc dashboard # start Mission Control (auto-starts after egc init)
egc dashboard stop # stop the background server
egc dashboard status # check if the server is running
479 components included as a bonus. Install to get access to 63 agents, 229 skills, and 76 commands, plus 111 rules, all written from real engineering sessions. Skip them entirely and EGC still gives you persistent memory.
EGC is built by one developer, maintained in the open, and free.
Support from the community keeps this project alive and independent.
Backers
Monthly sponsors · be the first
FAQs
EGC - Extended Global Context. Persistent memory and shared context for AI coding tools.
We found that @egchq/egc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.