
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
pi-chronicle
Advanced tools
Record conscious markers and typed beats during work sessions, then write chronicle markdown to your vault Progress folder.
Record conscious markers and typed beats during work sessions, then write chronicle markdown to your vault.
A Pi extension that captures intentional session logs — not automated transcripts. Mark decisions, blockers, milestones, tries, and reverts as you work, then finalize a single chronicle markdown file into your vault's Progress/ folder.
For developers and creators who want a lightweight record of why they did things in that order — raw material for flow docs, blog posts, or retrospectives.
decision, blocker, milestone, try, revertchronicle-YYYYMMDD-HHmm.md to your project's Progress/ folder/chronicle:novel generates a short novel from session marks/beats via Pi agentflow, textbook, essay, fiction) for future generationInstall the published npm package with Pi:
pi install npm:pi-chronicle
Pin a specific version when you want reproducible installs:
pi install npm:pi-chronicle@0.1.2
Install into the current project instead of your user Pi settings:
pi install npm:pi-chronicle -l
Or install from GitHub:
pi install git:github.com/eiei114/pi-chronicle
Try it without permanently installing:
pi -e npm:pi-chronicle
Try this package locally from a clone:
pi -e .
Then run:
/chronicle:mark → enter a short label
/chronicle:beat → pick type → enter label
/chronicle:end → optional closing note → writes chronicle md
/chronicle:status → show current session
/chronicle:distill → pick output format
/chronicle:novel → generate novel from session → writes to project root
Session auto-starts when Pi loads — just mark and beat as you work.
| Path | Purpose |
|---|---|
extensions/ | Pi TypeScript extension entrypoints |
lib/ | Shared session and output logic |
docs/ | Supporting docs (examples.md, release.md, template-checklist.md) |
npm install
npm run ci
npm pack --dry-run
npm run ci runs typecheck, tests, and npm run pack:check (equivalent to npm pack --dry-run).
npm Trusted Publishing — no NPM_TOKEN required.
npm version patch
git push
See docs/release.md for setup details.
Pi packages can execute code with your local permissions. Review extensions before installing third-party packages.
For vulnerability reporting, see SECURITY.md.
MIT
FAQs
Record conscious markers and typed beats during work sessions, then write chronicle markdown to your vault Progress folder.
The npm package pi-chronicle receives a total of 34 weekly downloads. As such, pi-chronicle popularity was classified as not popular.
We found that pi-chronicle demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.