New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

hackwriter

Package Overview
Dependencies
Maintainers
1
Versions
17
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

hackwriter

Writing agent for HackMD

latest
Source
npmnpm
Version
0.0.18
Version published
Maintainers
1
Created
Source

HackWriter

Writing Agent for HackMD - Zero-config, multi-provider LLM support

Quick Start

npx hackwriter

If you don't have API keys configured, the setup wizard will guide you through it.

That's it! No config files needed.

Installation

npm i -g hackwriter

hackwriter

Features

  • Zero-Config - detected existing environment variables
  • Multi-Provider - Anthropic, OpenAI, Ollama (auto-detected)
  • Model Switching - Switch models on-the-fly with /model
  • Session Persistence - Resume your work anytime
  • Smart Approvals - Confirms destructive actions

Configuration

Automatic Setup

Run hackwriter and follow the setup wizard. It will ask for:

  • LLM provider (Anthropic, OpenAI, or Ollama) API key (if needed)
  • HackMD API token

Manual Setup (Optional)

Environment Variables - Skip setup wizard by setting these:

export ANTHROPIC_API_KEY=sk-ant-xxx  # or OPENAI_API_KEY
export HACKMD_API_TOKEN=your-token
hackwriter  # Starts immediately!
VariableDescription
ANTHROPIC_API_KEYAnthropic API key (optional)
OPENAI_API_KEYOpenAI API key (optional)
HACKMD_API_TOKENHackMD API token (required)
HACKMD_API_URLHackMD API URL (optional, default: https://api.hackmd.io/v1)

HackMD CLI Compatibility - Also supports HackMD CLI environment variables:

export HMD_API_ACCESS_TOKEN=your-token    # Same as HACKMD_API_TOKEN
export HMD_API_ENDPOINT_URL=https://...   # Same as HACKMD_API_URL

Note: If you're already using HackMD CLI, HackWriter will automatically detect and use your existing HMD_API_ACCESS_TOKEN environment variable. No additional configuration needed!

Config File - Override defaults with ~/.hackwriter/config.json:

{
  "defaultModel": "anthropic-claude-3-5-sonnet-latest",
  "models": {
    "fast": {
      "provider": "anthropic",
      "model": "claude-3-5-haiku-latest",
      "maxContextSize": 200000
    }
  }
}

Usage

Interactive Shell

hackwriter                    # Start interactive mode
hackwriter --continue         # Resume last session
hackwriter --debug            # Enable debug logging
hackwriter -m gpt-4o          # Use specific model

Shell Commands

/help                         # Show available commands
/model                        # List/switch models
/model openai-gpt-4o          # Switch to GPT-4o
/status                       # Show current status
/exit                         # Exit (or /quit, /q)

Single Command

hackwriter -c "list my notes"
hackwriter -c "create a note titled 'Meeting Notes'"

Auto-Approve Mode

hackwriter --yolo             # Skip all confirmations

Supported Providers

Anthropic

export ANTHROPIC_API_KEY=sk-ant-xxx

Models: Claude 3.5 Haiku, Sonnet, Opus 4

OpenAI

export OPENAI_API_KEY=sk-xxx

Models: GPT-4o, GPT-4o-mini, o1

Ollama (Local)

# Ollama auto-detected if running
ollama serve

All local models automatically discovered

Keywords

hackmd
ai
agent
cli
markdown
writing

FAQs

Package last updated on 11 Feb 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026