Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@gitbook/embed

Package Overview
Dependencies
Maintainers
6
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@gitbook/embed

Embeddable components for GitBook

Source
npmnpm
Version
0.1.0
Version published
Weekly downloads
779
628.04%
Maintainers
6
Weekly downloads
 
Created
Source

@gitbook/embed

Embed the GitBook Docs Assistant in your product or website.

Usage

As a script from your docs site

All GitBook docs site includes a script to easily embed the docs assistant as a widget on your website.

The script is served at https://docs.company.com/~gitbook/embed/script.js.

You can find the embed script from your docs site settings, or you can copy the following and replace the docs.company.com by your docs site hostname.

<script src="https://docs.company.com/~gitbook/embed/script.js"></script>
<script>
window.GitBook('show');
</script>

As a package from NPM

Install the package: npm install @gitbook/embed and import it in your web application:

import { createGitBook } from '@gitbook/embed';

const gitbook = createGitBook({
    siteURL: 'https://docs.company.com'
});

const iframe = document.createElement('iframe');
iframe.src = gitbook.getFrameURL();

const frame = gitbook.createFrame(iframe);

As React components

After installing the NPM package, you can import prebuilt React components:

import { GitBookProvider, GitBookAssistantFrame } from '@gitbook/embed/react';

<GitBookProvider siteURL="https://docs.company.com">
    <GitBookAssistantFrame />
</GitBookProvider>

FAQs

Package last updated on 26 Aug 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Node.js Fixes AsyncLocalStorage Crash Bug That Could Take Down Production Servers

Research

Node.js Fixes AsyncLocalStorage Crash Bug That Could Take Down Production Servers

Node.js patched a crash bug where AsyncLocalStorage could cause stack overflows to bypass error handlers and terminate production servers.

By Sarah Gooding  -  Jan 14, 2026
Malicious Chrome Extension Steals MEXC API Keys for Account Takeover

Research

/

Security News

Malicious Chrome Extension Steals MEXC API Keys for Account Takeover

A malicious Chrome extension steals newly created MEXC API keys, exfiltrates them to Telegram, and enables full account takeover with trading and withdrawal rights.

By Kirill Boychenko  -  Jan 12, 2026