
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
AI endpoint proxy with web dashboard - A JavaScript port of CLIProxyAPI.

Router4 is a powerful AI API proxy server that provides unified access to multiple AI providers through a single endpoint. It features automatic format translation, intelligent fallback routing, OAuth authentication, and a modern web dashboard for easy management.
Key Highlights:
# Run directly with npx (recommended)
npx router4
# Or install globally
npm install -g router4
router4
router4 # Start server with default settings
router4 --port 8080 # Custom port
router4 --no-browser # Don't open browser
router4 --skip-update # Skip auto-update check
router4 --help # Show help
Dashboard: http://localhost:20128/dashboard
User data stored at:
~/.router4/db.json%APPDATA%/router4/db.json# Clone repository
git clone https://github.com/yourusername/router4.git
cd router4
# Install dependencies
npm install
# Start development server
npm run dev
router4/
├── bin/ # CLI entry point
│ ├── cli.js # Main CLI script
│ └── hooks/ # CLI hooks (WebSearch)
├── src/
│ ├── app/ # Next.js app (dashboard & API routes)
│ ├── lib/ # Core libraries (DB, OAuth, etc.)
│ ├── shared/ # Shared components & utilities
│ └── sse/ # SSE streaming handlers
├── open-sse/ # Core proxy engine (translator, handlers)
│ ├── translator/ # Format translators
│ ├── handlers/ # Request handlers
│ ├── services/ # Core services
│ └── config/ # Provider configurations
└── public/ # Static assets
# Build standalone binary
npm run build:standalone
# Test locally
npm link
router4 --help
# Publish to npm
npm login
npm publish
| Layer | Technology |
|---|---|
| Runtime | Node.js 20+ / Bun |
| Framework | Next.js 15 |
| Dashboard | React 19 + Tailwind CSS 4 |
| Database | LowDB (JSON file-based) |
| CLI | Node.js CLI with auto-update |
| Streaming | Server-Sent Events (SSE) |
| Auth | OAuth 2.0 (PKCE) + API Keys |
| Deployment | Standalone / VPS |
| State Management | Zustand |
Special thanks to:
MIT License - see LICENSE for details.
FAQs
Endpoint proxy server with web dashboard
We found that router4 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.