
Security News
npm v12 Ships With Install Scripts Off by Default, Begins Deprecating 2FA-Bypass Tokens
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.
@feniix/pi-sequential-thinking
Advanced tools
Sequential Thinking extension for pi — structured progressive thinking through defined stages, also runnable as an MCP stdio server
Sequential Thinking extension for pi — structured progressive thinking through defined cognitive stages.
process_thought): Record and analyze sequential thoughts with stage metadata.session_id values for independent thinking threads.get_thinking_history): Read bounded, paginated session history.get_thinking_status): Inspect content-free storage/config diagnostics and state fingerprints.generate_summary): Summarize one thinking session.clear_history): Reset one thinking session.export_session, import_session): Move session JSON files with validation and receipts.thoughtNumber and totalThoughts.thought_number exceeds total_thoughts, the incoming thought is normalized to the larger total.pi install npm:@feniix/pi-sequential-thinking
Ephemeral (one-off) use:
pi -e npm:@feniix/pi-sequential-thinking
Works out of the box. The default session is stored at:
~/.mcp_sequential_thinking/current_session.json
Named sessions are stored under:
~/.mcp_sequential_thinking/sessions/<session_id>.json
default is reserved as the default-session label and cannot be used as a named session_id.
export MCP_STORAGE_DIR="~/.my-thinking-sessions"
export SEQ_THINK_MAX_BYTES=102400
export SEQ_THINK_MAX_LINES=5000
Use pi's standard settings locations:
.pi/settings.json~/.pi/agent/settings.jsonUnder the pi-sequential-thinking key:
{
"pi-sequential-thinking": {
"storageDir": null,
"maxBytes": 51200,
"maxLines": 2000
}
}
Best practice: use
settings.jsonfor non-secret defaults only. If you want a separate private override file, use--seq-think-config-fileorSEQ_THINK_CONFIG_FILEto point to a custom JSON config file. Legacy aliases--seq-think-configandSEQ_THINK_CONFIGare still accepted but deprecated.
pi --seq-think-storage-dir=/tmp/thoughts --seq-think-max-bytes=102400
Per-field precedence is:
.pi/settings.json)~/.pi/agent/settings.json)Custom config file discovery uses:
--seq-think-config-file--seq-think-configSEQ_THINK_CONFIG_FILESEQ_THINK_CONFIGprocess_thoughtRecord and analyze a sequential thought with metadata.
| Parameter | Type | Required | Description |
|---|---|---|---|
thought | string | yes | The content of your thought |
thought_number / thoughtNumber | integer | yes | Position in sequence, starting at 1 |
total_thoughts / totalThoughts | integer | yes | Estimated total thoughts; normalized upward for dynamic depth |
next_thought_needed / nextThoughtNeeded | boolean | yes | Whether more thoughts follow |
stage | string | yes | One of: Problem Definition, Research, Analysis, Synthesis, Conclusion |
session_id / sessionId | string | no | Named session to write; omit for the default session |
tags | string[] | no | Keywords or categories |
axioms_used / axiomsUsed | string[] | no | Principles applied |
assumptions_challenged / assumptionsChallenged | string[] | no | Assumptions questioned |
Successful mutation responses include a content-free receipt with the session label, pre/post counts, save time, and a state fingerprint.
Example named-session call:
{
"thought": "Compare storage options before choosing one.",
"thoughtNumber": 1,
"totalThoughts": 3,
"nextThoughtNeeded": true,
"stage": "Analysis",
"session_id": "architecture-review"
}
get_thinking_historyRead recorded thoughts for one session with bounded pagination. With the V1 JSON-per-session storage layout, history reads reject persisted session files over 10 MiB instead of parsing unbounded local state.
| Parameter | Type | Default | Description |
|---|---|---|---|
session_id / sessionId | string | default session | Session to read |
limit | integer | 20 | Maximum thoughts to return, capped at 100 |
offset | integer | 0 | Number of thoughts to skip from the start |
include_full_thoughts / includeFullThoughts | boolean | true | Set false to return metadata plus a short snippet instead of full thought text |
Example:
{
"session_id": "architecture-review",
"limit": 20,
"include_full_thoughts": false
}
get_thinking_statusReturn content-free diagnostics: session counts, storage writability, backup file names, effective config source labels, and current state fingerprints. Home-directory paths are redacted with ~ where possible. Status output may be partial after the named-session threshold, skips invalid session filenames, and reports corrupt session files without moving them to backups.
Example:
{}
generate_summaryGenerate a summary for one session. Accepts optional session_id / sessionId.
clear_historyClear one session. Accepts optional session_id / sessionId and returns a mutation receipt.
export_sessionExport one session to a JSON file. file_path may be absolute or repo-relative; parent directories are created automatically. Export rejects directory targets and final-path symlinks. Existing files may be overwritten by this explicit tool call, and the receipt reports overwroteExistingFile.
| Parameter | Type | Required | Description |
|---|---|---|---|
file_path | string | yes | Path to save the exported JSON file |
session_id / sessionId | string | no | Session to export; omit for the default session |
import_sessionImport a JSON session file. file_path may be absolute or repo-relative. Parent directories are not created for import. Imports reject directories, final-path symlinks, malformed top-level records, and files over 10 MiB. Thought text is treated as inert untrusted content; missing IDs/timestamps are normalized when needed.
| Parameter | Type | Required | Description |
|---|---|---|---|
file_path | string | yes | Path to the JSON file to import |
session_id / sessionId | string | no | Target session; explicit target wins over embedded session metadata |
sequential_thinkCompatibility helper that generates a staged sequence for a topic and writes it to the selected session.
| Parameter | Type | Required | Description |
|---|---|---|---|
topic | string | yes | Topic or question to think through |
num_thoughts | integer | no | Number of generated stages, 3–10; default 5 |
session_id / sessionId | string | no | Session to write |
| Flag | Env Variable | Default | Description |
|---|---|---|---|
--seq-think-storage-dir | MCP_STORAGE_DIR | ~/.mcp_sequential_thinking | Storage directory for sessions |
--seq-think-config-file | SEQ_THINK_CONFIG_FILE | — | Custom JSON config file path |
--seq-think-config | SEQ_THINK_CONFIG | — | Deprecated alias for the config file path |
--seq-think-max-bytes | SEQ_THINK_MAX_BYTES | 51200 | Max output bytes |
--seq-think-max-lines | SEQ_THINK_MAX_LINES | 2000 | Max output lines |
The Sequential Thinking framework organizes thoughts through five cognitive stages:
process_thought, get_thinking_history, generate_summary, export_session, import_session, and sequential_think are content-bearing tools.get_thinking_status and mutation receipts are designed to avoid thought text, tags, axioms, and assumptions.pi remove npm:@feniix/pi-sequential-thinking
MIT
FAQs
Sequential Thinking extension for pi — structured progressive thinking through defined stages, also runnable as an MCP stdio server
The npm package @feniix/pi-sequential-thinking receives a total of 57 weekly downloads. As such, @feniix/pi-sequential-thinking popularity was classified as not popular.
We found that @feniix/pi-sequential-thinking demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.

Research
/Security News
Socket tracks the activity as Operation “Muck and Load”: a threat actor uses commit-farming workflows, public dead drops, and protected archives to stage Windows RAT and infostealer malware.

Security News
pnpm 11.10 hardens registry auth to block token redirection, tightens pack-app and deploy, and makes the Rust port (v12) installable.