# Mukunda Rao Katta — complete package inventory > Every open-source package authored by Mukunda Rao Katta across npm, PyPI, > crates.io, and the official Model Context Protocol Registry. Auto-refreshed > from registry APIs every 3 days. See /llms.txt for the curated summary. Totals: 144 npm + 52 PyPI + 176 crates.io + 20 MCP Registry servers ## npm — @mukundakatta (144 packages) - [@mukundakatta/age-mcp](https://www.npmjs.com/package/@mukundakatta/age-mcp): MCP server: compute the duration between two dates in years/months/days. - [@mukundakatta/agent-loop-breaker](https://www.npmjs.com/package/@mukundakatta/agent-loop-breaker): Detect repeated agent steps and stop runaway loops. - [@mukundakatta/agent-regression-lens](https://www.npmjs.com/package/@mukundakatta/agent-regression-lens): Detect regressions between baseline and current AI agent runs. - [@mukundakatta/agent-trajectory-replay](https://www.npmjs.com/package/@mukundakatta/agent-trajectory-replay): Replay and diff AI agent event trajectories for debugging regressions. - [@mukundakatta/agentbudget](https://www.npmjs.com/package/@mukundakatta/agentbudget): Token + dollar budget caps for AI agents — throws when an LLM call would push past the ceiling. Zero deps, drop into any provider SDK. - [@mukundakatta/agentcast](https://www.npmjs.com/package/@mukundakatta/agentcast): Structured output for any LLM call. Validate the model's response, retry with the validation error as feedback, return typed data or throw after N attempts. Bring your own validator (zod/valibot/JSON Schema/anything). Zero deps. - [@mukundakatta/agentcast-mcp](https://www.npmjs.com/package/@mukundakatta/agentcast-mcp): MCP server: structured-output enforcer. Extract JSON from messy LLM output, validate against a shape spec, and produce retry feedback when the model returns the wrong shape. Wraps @mukundakatta/agentcast. - [@mukundakatta/agentfit](https://www.npmjs.com/package/@mukundakatta/agentfit): Fit your messages into the LLM context window. Token-aware truncation with multiple strategies (drop-oldest, drop-middle, priority), pluggable tokenizers, zero dependencies. - [@mukundakatta/agentfit-mcp](https://www.npmjs.com/package/@mukundakatta/agentfit-mcp): MCP server for agentfit: token-aware message truncation. Fit a chat history into the model's context budget with drop-oldest, drop-middle, or priority strategies. - [@mukundakatta/agentguard](https://www.npmjs.com/package/@mukundakatta/agentguard): Network egress firewall for AI agents — declarative allowlist of domains an agent's tools can fetch, throws or 403s on violation. Zero dependencies. - [@mukundakatta/agentguard-mcp](https://www.npmjs.com/package/@mukundakatta/agentguard-mcp): MCP server for agentguard: declarative network-egress firewall for agent tools. Check whether a URL is allowed under a policy before any fetch. - [@mukundakatta/agentkit](https://www.npmjs.com/package/@mukundakatta/agentkit): The agent reliability stack: fit, guard, snap, vet, cast. One install for all five sibling libraries (token-aware truncation, network-egress firewall, snapshot tests, tool-arg validation, structured-output enforcer). - [@mukundakatta/agentmemory](https://www.npmjs.com/package/@mukundakatta/agentmemory): Honest pull-model alternative to Anthropic Dreaming. Time-bucketed episodic store + on-demand summarizer for LLM agents. Reversible deletes, no silent context injection, no background consolidation. Includes Postgres adapter and Claude demo. - [@mukundakatta/agentsnap](https://www.npmjs.com/package/@mukundakatta/agentsnap): Snapshot tests for AI agents — record tool-call traces, diff against baselines, fail CI on regressions. Zero dependencies, drops into any test runner. - [@mukundakatta/agentsnap-mcp](https://www.npmjs.com/package/@mukundakatta/agentsnap-mcp): MCP server: snapshot tests for tool-call traces. Capture, normalize, and diff agent tool-use traces to catch silent regressions. Wraps @mukundakatta/agentsnap for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/agentvet](https://www.npmjs.com/package/@mukundakatta/agentvet): Validate LLM-generated tool args before execution. Wrap your tools with a schema; throws ToolArgError with an LLM-friendly retry hint when the model hallucinates wrong types. Zero deps. - [@mukundakatta/agentvet-mcp](https://www.npmjs.com/package/@mukundakatta/agentvet-mcp): MCP server for agentvet: validate LLM-generated tool-call args before execution. Returns a typed error with an LLM-friendly retry hint when the args don't match. - [@mukundakatta/ai-eval-forge](https://www.npmjs.com/package/@mukundakatta/ai-eval-forge): Zero-dependency eval harness for LLM and agent regression testing. - [@mukundakatta/ai-supply-chain-manifest](https://www.npmjs.com/package/@mukundakatta/ai-supply-chain-manifest): Build and validate lightweight AI model/data/tool manifests. - [@mukundakatta/base32-mcp](https://www.npmjs.com/package/@mukundakatta/base32-mcp): MCP server: encode and decode RFC 4648 base32 (standard and Crockford). - [@mukundakatta/base64-mcp](https://www.npmjs.com/package/@mukundakatta/base64-mcp): MCP server: encode/decode base64, base64url, hex, and percent-encoding. - [@mukundakatta/basenum-mcp](https://www.npmjs.com/package/@mukundakatta/basenum-mcp): MCP server: convert numbers between binary, octal, decimal, hex, and arbitrary bases (2-36). - [@mukundakatta/bcrypt-mcp](https://www.npmjs.com/package/@mukundakatta/bcrypt-mcp): MCP server: hash and verify passwords with bcrypt — adjustable cost factor. - [@mukundakatta/bedrock-ops-mcp](https://www.npmjs.com/package/@mukundakatta/bedrock-ops-mcp): MCP server: AWS Bedrock model capability lookup + feature pre-check + PII-safe response redaction. Wraps the Python bedrock-ops library. - [@mukundakatta/bytes-mcp](https://www.npmjs.com/package/@mukundakatta/bytes-mcp): MCP server: parse and format byte sizes — 1024 ↔ '1 KB', '1.5 MB' ↔ 1572864. - [@mukundakatta/case-mcp](https://www.npmjs.com/package/@mukundakatta/case-mcp): MCP server: convert strings between camelCase, snake_case, kebab-case, PascalCase, and more. - [@mukundakatta/citation-integrity-check](https://www.npmjs.com/package/@mukundakatta/citation-integrity-check): Verify answer citations refer to supplied source ids. - [@mukundakatta/citecite-mcp](https://www.npmjs.com/package/@mukundakatta/citecite-mcp): MCP server for RAG citation marker [1] [2] injection, parsing, and stripping. Helps LLMs round-trip citations in retrieval-augmented outputs. - [@mukundakatta/codex-skill-kit](https://www.npmjs.com/package/@mukundakatta/codex-skill-kit): Scaffold and validate Codex skills from the command line. - [@mukundakatta/color-mcp](https://www.npmjs.com/package/@mukundakatta/color-mcp): MCP server: convert colors between hex/rgb/hsl and compute WCAG contrast ratios. - [@mukundakatta/consent-redaction-log](https://www.npmjs.com/package/@mukundakatta/consent-redaction-log): Record consent-aware redactions for privacy review trails. - [@mukundakatta/context-drift-detector](https://www.npmjs.com/package/@mukundakatta/context-drift-detector): Detect topic drift between user intent, retrieved context, and AI answers. - [@mukundakatta/context-forge](https://www.npmjs.com/package/@mukundakatta/context-forge): Context engineering toolkit for ranking, packing, and risk-scanning RAG context. - [@mukundakatta/context-window-packer](https://www.npmjs.com/package/@mukundakatta/context-window-packer): Pack context chunks into a budget by relevance and priority. - [@mukundakatta/count-mcp](https://www.npmjs.com/package/@mukundakatta/count-mcp): MCP server: counts for text — lines, words, characters, code points, paragraphs. - [@mukundakatta/cron-mcp](https://www.npmjs.com/package/@mukundakatta/cron-mcp): MCP server: parse a cron expression and preview the next N run times. - [@mukundakatta/csv-mcp](https://www.npmjs.com/package/@mukundakatta/csv-mcp): MCP server: parse and stringify CSV (RFC 4180). Header rows, quoting, custom delimiters. - [@mukundakatta/csv-tools-mcp](https://www.npmjs.com/package/@mukundakatta/csv-tools-mcp): MCP server for reliable CSV parsing and generation. Handles quoting, embedded commas, BOMs, and ragged rows correctly. - [@mukundakatta/designlint](https://www.npmjs.com/package/@mukundakatta/designlint): UI/UX design linter for HTML/CSS: accessibility, contrast, spacing, touch targets, and responsive design. - [@mukundakatta/dice-mcp](https://www.npmjs.com/package/@mukundakatta/dice-mcp): MCP server: parse and roll dice-notation expressions (1d20+5, 4d6, 2d10*3). - [@mukundakatta/diff-mcp](https://www.npmjs.com/package/@mukundakatta/diff-mcp): MCP server: structured text diff (line/word/char) between two strings. - [@mukundakatta/distance-mcp](https://www.npmjs.com/package/@mukundakatta/distance-mcp): MCP server: haversine distance between two lat/lon coordinates. - [@mukundakatta/dns-mcp](https://www.npmjs.com/package/@mukundakatta/dns-mcp): MCP server: resolve A / AAAA / MX / TXT / CNAME / NS records for a hostname. - [@mukundakatta/domain-mcp](https://www.npmjs.com/package/@mukundakatta/domain-mcp): MCP server: extract eTLD, eTLD+1, subdomain from a domain name using the Public Suffix List. - [@mukundakatta/dotenv-mcp](https://www.npmjs.com/package/@mukundakatta/dotenv-mcp): MCP server: parse and serialize .env files. Handles quotes, comments, multiline. - [@mukundakatta/embedding-dedupe](https://www.npmjs.com/package/@mukundakatta/embedding-dedupe): Deduplicate near-identical embedding records by cosine similarity. - [@mukundakatta/embspec-mcp](https://www.npmjs.com/package/@mukundakatta/embspec-mcp): MCP server: embedding pipeline ops + drift detection for production RAG. Assert query encoder matches index manifest; compute retriever stability between two index versions on a frozen probe set. - [@mukundakatta/emoji-mcp](https://www.npmjs.com/package/@mukundakatta/emoji-mcp): MCP server: convert between emoji characters and shortcodes, with metadata. - [@mukundakatta/encoding-mcp](https://www.npmjs.com/package/@mukundakatta/encoding-mcp): MCP server: encode and decode HTML entities, URL-encoding, and Unicode escapes. - [@mukundakatta/escape-mcp](https://www.npmjs.com/package/@mukundakatta/escape-mcp): MCP server: escape strings for safe use inside regex, shell, SQL, JSON, or HTML. - [@mukundakatta/eval-dataset-smith](https://www.npmjs.com/package/@mukundakatta/eval-dataset-smith): Generate balanced eval cases from bugs, docs, examples, and policies. - [@mukundakatta/eval-flake-detector](https://www.npmjs.com/package/@mukundakatta/eval-flake-detector): Detect flaky LLM eval cases across repeated runs. - [@mukundakatta/fingerprint-mcp](https://www.npmjs.com/package/@mukundakatta/fingerprint-mcp): MCP server: content hashing (SHA-256, SHA-1, MD5) for cache keys, dedup, fingerprinting. - [@mukundakatta/hallucination-risk-meter](https://www.npmjs.com/package/@mukundakatta/hallucination-risk-meter): Estimate hallucination risk from answer, context, citations, and uncertainty language. - [@mukundakatta/hash-mcp](https://www.npmjs.com/package/@mukundakatta/hash-mcp): MCP server: hash files or strings with sha-2, sha-3, blake2/3, or xxhash. - [@mukundakatta/headers-mcp](https://www.npmjs.com/package/@mukundakatta/headers-mcp): MCP server: parse and stringify HTTP header blocks. - [@mukundakatta/html-mcp](https://www.npmjs.com/package/@mukundakatta/html-mcp): MCP server: strip HTML tags, extract plain text, and sanitize HTML. - [@mukundakatta/html-to-markdown-mcp](https://www.npmjs.com/package/@mukundakatta/html-to-markdown-mcp): MCP server for HTML → Markdown conversion. For web-scraping and read-the-page agents that want clean text. - [@mukundakatta/iban-mcp](https://www.npmjs.com/package/@mukundakatta/iban-mcp): MCP server: validate, format, and split IBAN bank account numbers. - [@mukundakatta/ini-mcp](https://www.npmjs.com/package/@mukundakatta/ini-mcp): MCP server: convert between INI files and JSON. Section + bare-key support. - [@mukundakatta/ip-mcp](https://www.npmjs.com/package/@mukundakatta/ip-mcp): MCP server: validate IPv4/IPv6 addresses, test CIDR membership, classify private/public. - [@mukundakatta/isbn-mcp](https://www.npmjs.com/package/@mukundakatta/isbn-mcp): MCP server: validate and convert ISBN-10 / ISBN-13 numbers. - [@mukundakatta/jailbreak-corpus-mini](https://www.npmjs.com/package/@mukundakatta/jailbreak-corpus-mini): Small local jailbreak and prompt-injection fixture set for tests. - [@mukundakatta/jmespath-mcp](https://www.npmjs.com/package/@mukundakatta/jmespath-mcp): MCP server for JMESPath JSON queries. Pure-JS, no native binary. AWS-style data extraction LLMs can call reliably. - [@mukundakatta/json5-mcp](https://www.npmjs.com/package/@mukundakatta/json5-mcp): MCP server: parse and stringify JSON5 — relaxed JSON with comments and trailing commas. - [@mukundakatta/jsonpath-mcp](https://www.npmjs.com/package/@mukundakatta/jsonpath-mcp): MCP server: query a JSON value with JSONPath ($.foo.bar[*]). - [@mukundakatta/jwt-mcp](https://www.npmjs.com/package/@mukundakatta/jwt-mcp): MCP server: decode JWT to inspect header and claims (no verification). - [@mukundakatta/kana-mcp](https://www.npmjs.com/package/@mukundakatta/kana-mcp): MCP server: convert Japanese between romaji, hiragana, and katakana. - [@mukundakatta/kavach](https://www.npmjs.com/package/@mukundakatta/kavach): Small, inspectable threat-scoring library for AI-app security monitoring. - [@mukundakatta/lev-mcp](https://www.npmjs.com/package/@mukundakatta/lev-mcp): MCP server: string-distance metrics (Levenshtein, Damerau, Jaro-Winkler, similarity). - [@mukundakatta/license-mcp](https://www.npmjs.com/package/@mukundakatta/license-mcp): MCP server: look up SPDX license identifiers, names, and OSI status. - [@mukundakatta/llm-cost-guard](https://www.npmjs.com/package/@mukundakatta/llm-cost-guard): Estimate AI request cost and enforce per-request or session budgets. - [@mukundakatta/llm-output-sanitizer](https://www.npmjs.com/package/@mukundakatta/llm-output-sanitizer): Sanitize LLM outputs before rendering, SQL, shell, or markdown sinks. - [@mukundakatta/llm-output-sanitizer-mcp](https://www.npmjs.com/package/@mukundakatta/llm-output-sanitizer-mcp): MCP server exposing llm-output-sanitizer: strip dangerous HTML, SQL, and shell snippets from LLM output before rendering, executing, or persisting. Built for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/llm-response-schema-lite](https://www.npmjs.com/package/@mukundakatta/llm-response-schema-lite): Tiny schema validator for structured LLM responses. - [@mukundakatta/llm-trace-sampler](https://www.npmjs.com/package/@mukundakatta/llm-trace-sampler): Sample LLM traces by risk, errors, latency, and deterministic ids. - [@mukundakatta/lorem-mcp](https://www.npmjs.com/package/@mukundakatta/lorem-mcp): MCP server: generate lorem ipsum filler text by paragraphs, sentences, or words. - [@mukundakatta/luhn-mcp](https://www.npmjs.com/package/@mukundakatta/luhn-mcp): MCP server: compute and verify the Luhn (mod-10) checksum for credit cards and IDs. - [@mukundakatta/markdown-mcp](https://www.npmjs.com/package/@mukundakatta/markdown-mcp): MCP server: convert Markdown to HTML with frontmatter and inline-formula support. - [@mukundakatta/markdowntoc-mcp](https://www.npmjs.com/package/@mukundakatta/markdowntoc-mcp): MCP server: generate a table of contents from Markdown headings. - [@mukundakatta/maskprompt-mcp](https://www.npmjs.com/package/@mukundakatta/maskprompt-mcp): MCP server: redact PII (emails, phones, credit cards, SSNs, IPs, AWS keys, GitHub tokens, JWTs) from text before it leaves your control. Built for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/mathexpr-mcp](https://www.npmjs.com/package/@mukundakatta/mathexpr-mcp): MCP server: evaluate mathematical expressions (mathjs-backed) with units and constants. - [@mukundakatta/mcpcheck](https://www.npmjs.com/package/@mukundakatta/mcpcheck): Validate MCP (Model Context Protocol) config files for Claude, Cursor, Cline, Windsurf, and Zed. CLI + GitHub Action with SARIF output. - [@mukundakatta/mdtable-mcp](https://www.npmjs.com/package/@mukundakatta/mdtable-mcp): MCP server: convert JSON arrays of objects to GitHub-flavored Markdown tables. - [@mukundakatta/mime-mcp](https://www.npmjs.com/package/@mukundakatta/mime-mcp): MCP server: look up MIME content types from file extensions and vice versa. - [@mukundakatta/model-fallback-planner](https://www.npmjs.com/package/@mukundakatta/model-fallback-planner): Plan model fallback chains from capability, cost, and health data. - [@mukundakatta/model-router-policy](https://www.npmjs.com/package/@mukundakatta/model-router-policy): Policy-based model routing by capability, cost, latency, and privacy. - [@mukundakatta/morse-mcp](https://www.npmjs.com/package/@mukundakatta/morse-mcp): MCP server: encode and decode International Morse code. - [@mukundakatta/mustache-mcp](https://www.npmjs.com/package/@mukundakatta/mustache-mcp): MCP server: render Mustache templates with a JSON view. - [@mukundakatta/number-mcp](https://www.npmjs.com/package/@mukundakatta/number-mcp): MCP server: format numbers as currency, percent, compact (1.2k), or locale-aware decimal. - [@mukundakatta/openai-responses-testkit](https://www.npmjs.com/package/@mukundakatta/openai-responses-testkit): Zero-dependency helpers for testing OpenAI Responses API outputs, streams, and tool calls. - [@mukundakatta/otp-mcp](https://www.npmjs.com/package/@mukundakatta/otp-mcp): MCP server: generate and verify TOTP and HOTP one-time passwords. - [@mukundakatta/password-mcp](https://www.npmjs.com/package/@mukundakatta/password-mcp): MCP server: generate strong passwords and score password strength with zxcvbn. - [@mukundakatta/phone-mcp](https://www.npmjs.com/package/@mukundakatta/phone-mcp): MCP server: parse, validate, and format phone numbers (E.164, international, national). - [@mukundakatta/pii-sentry](https://www.npmjs.com/package/@mukundakatta/pii-sentry): Detect and redact PII and secret-like values before AI processing. - [@mukundakatta/pii-sentry-mcp](https://www.npmjs.com/package/@mukundakatta/pii-sentry-mcp): MCP server exposing pii-sentry: detect and redact PII (emails, phones, SSNs, credit cards, API keys) from text before AI processing. Built for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/pluralize-mcp](https://www.npmjs.com/package/@mukundakatta/pluralize-mcp): MCP server: convert English words between singular and plural; handles irregulars. - [@mukundakatta/prompt-injection-shield](https://www.npmjs.com/package/@mukundakatta/prompt-injection-shield): Prompt-injection risk scanner for untrusted AI context. - [@mukundakatta/prompt-injection-shield-mcp](https://www.npmjs.com/package/@mukundakatta/prompt-injection-shield-mcp): MCP server exposing prompt-injection-shield: scan untrusted text for prompt-injection signals, score risk, strip dangerous lines. Built for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/prompt-token-trim](https://www.npmjs.com/package/@mukundakatta/prompt-token-trim): Trim prompt messages to fit a token budget while preserving priority. - [@mukundakatta/prompt-version-diff](https://www.npmjs.com/package/@mukundakatta/prompt-version-diff): Diff prompt templates and flag risky instruction changes. - [@mukundakatta/promptbudget-mcp](https://www.npmjs.com/package/@mukundakatta/promptbudget-mcp): MCP server for token-budget-aware text truncation. Helps an LLM fit text into a context window mid-task. - [@mukundakatta/rag-quality-kit](https://www.npmjs.com/package/@mukundakatta/rag-quality-kit): Heuristic quality metrics for RAG retrieval and grounded answers. - [@mukundakatta/rag-staleness-auditor](https://www.npmjs.com/package/@mukundakatta/rag-staleness-auditor): Find stale RAG chunks by age, version, and freshness requirements. - [@mukundakatta/ragdrift-mcp](https://www.npmjs.com/package/@mukundakatta/ragdrift-mcp): MCP server for RAG drift diagnostics. Interpret drift scores, recommend thresholds, and explain the five drift dimensions. - [@mukundakatta/ragmetric-mcp](https://www.npmjs.com/package/@mukundakatta/ragmetric-mcp): MCP server for RAG retrieval evaluation metrics: Recall@k, Hit@k, MRR, NDCG@k. Helps LLMs score retrieval quality. - [@mukundakatta/randomstr-mcp](https://www.npmjs.com/package/@mukundakatta/randomstr-mcp): MCP server: generate random strings — hex, alphanumeric, base64, custom alphabet. - [@mukundakatta/range-mcp](https://www.npmjs.com/package/@mukundakatta/range-mcp): MCP server: generate numeric ranges (Python-style: start, stop, step). - [@mukundakatta/regex-mcp](https://www.npmjs.com/package/@mukundakatta/regex-mcp): MCP server: test a regex against text and get matches with positions and capture groups. - [@mukundakatta/regex-test-mcp](https://www.npmjs.com/package/@mukundakatta/regex-test-mcp): MCP server for trustworthy regex testing. Returns real match offsets, group dicts, and full vs partial matches. - [@mukundakatta/retrieval-acl-filter](https://www.npmjs.com/package/@mukundakatta/retrieval-acl-filter): Enforce document ACLs after retrieval and before prompting. - [@mukundakatta/roman-mcp](https://www.npmjs.com/package/@mukundakatta/roman-mcp): MCP server: convert between Arabic numerals and Roman numerals (1-3999). - [@mukundakatta/secretsniff-mcp](https://www.npmjs.com/package/@mukundakatta/secretsniff-mcp): MCP server: scan text/code for accidentally-committed secrets — AWS/GitHub/Slack/Stripe keys, JWTs, RSA private keys, and high-entropy strings. Built for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/semantic-cache-key](https://www.npmjs.com/package/@mukundakatta/semantic-cache-key): Stable semantic cache keys for AI prompts, tools, models, and retrieval context. - [@mukundakatta/semver-mcp](https://www.npmjs.com/package/@mukundakatta/semver-mcp): MCP server: parse, compare, increment, and satisfy SemVer ranges. - [@mukundakatta/shellquote-mcp](https://www.npmjs.com/package/@mukundakatta/shellquote-mcp): MCP server for safe shell argument escaping (bash, sh, cmd.exe, PowerShell). Stops LLM-generated shell commands from breaking on quotes, spaces, $vars, and backslashes. - [@mukundakatta/shlex-mcp](https://www.npmjs.com/package/@mukundakatta/shlex-mcp): MCP server: split a shell-style command string into argv tokens (POSIX rules). - [@mukundakatta/skillint](https://www.npmjs.com/package/@mukundakatta/skillint): Linter for Claude Code skill files (SKILL.md). Validates YAML frontmatter, required fields, descriptions, and secret leaks. CLI + GitHub Action. - [@mukundakatta/slug-mcp](https://www.npmjs.com/package/@mukundakatta/slug-mcp): MCP server: slugify strings for URLs/filenames. Unicode-aware, configurable separator, case folding. - [@mukundakatta/soundex-mcp](https://www.npmjs.com/package/@mukundakatta/soundex-mcp): MCP server: phonetic encoding (Soundex, Metaphone). - [@mukundakatta/sql-mcp](https://www.npmjs.com/package/@mukundakatta/sql-mcp): MCP server: format SQL queries (Postgres, MySQL, SQLite, BigQuery, MSSQL, etc.). - [@mukundakatta/sqlfmt-mcp](https://www.npmjs.com/package/@mukundakatta/sqlfmt-mcp): MCP server for deterministic SQL formatting. 16 dialects (Postgres, MySQL, BigQuery, Snowflake, Redshift, etc.). - [@mukundakatta/stats-mcp](https://www.npmjs.com/package/@mukundakatta/stats-mcp): MCP server: descriptive statistics over a numeric array (mean, median, stddev, percentiles). - [@mukundakatta/streamparse](https://www.npmjs.com/package/@mukundakatta/streamparse): Streaming JSON parser that yields partial valid trees as tokens arrive. Built for LLM tool-call payloads, structured output streams, and any place a regular JSON.parse waits too long. - [@mukundakatta/streamparse-mcp](https://www.npmjs.com/package/@mukundakatta/streamparse-mcp): MCP server exposing streamparse: parse partial / truncated JSON, extract JSON from messy LLM output, validate JSON streams. Built for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/system-prompt-leak-scan](https://www.npmjs.com/package/@mukundakatta/system-prompt-leak-scan): Detect system prompt leakage in model outputs. - [@mukundakatta/textsanity-mcp](https://www.npmjs.com/package/@mukundakatta/textsanity-mcp): MCP server: fast unicode/whitespace/encoding cleanup before LLM input. NFKC, zero-width strip, control strip, smart-punctuation conversion, emoji strip. Built for Claude Desktop, Cursor, Cline, Windsurf, and Zed. - [@mukundakatta/timestamp-mcp](https://www.npmjs.com/package/@mukundakatta/timestamp-mcp): MCP server: parse, format, and convert timestamps and date strings. - [@mukundakatta/timezone-mcp](https://www.npmjs.com/package/@mukundakatta/timezone-mcp): MCP server: convert times between IANA timezones, list zones, get current offset. - [@mukundakatta/toml-mcp](https://www.npmjs.com/package/@mukundakatta/toml-mcp): MCP server: convert between TOML and JSON. - [@mukundakatta/toml-yaml-json-mcp](https://www.npmjs.com/package/@mukundakatta/toml-yaml-json-mcp): MCP server for TOML/YAML/JSON parsing and conversion. Round-trip configs across the three formats. - [@mukundakatta/tool-call-contracts](https://www.npmjs.com/package/@mukundakatta/tool-call-contracts): Validate LLM tool-call payloads with small JSON-like contracts. - [@mukundakatta/tool-permission-gate](https://www.npmjs.com/package/@mukundakatta/tool-permission-gate): Policy-check agent tool calls before execution. - [@mukundakatta/tool-result-taint](https://www.npmjs.com/package/@mukundakatta/tool-result-taint): Track untrusted tool output before it enters prompts or actions. - [@mukundakatta/ulid-mcp](https://www.npmjs.com/package/@mukundakatta/ulid-mcp): MCP server: generate and decode ULIDs (sortable, 128-bit, base32 identifiers). - [@mukundakatta/url-mcp](https://www.npmjs.com/package/@mukundakatta/url-mcp): MCP server: parse and build URLs. Host, port, path, query params, fragment. - [@mukundakatta/uuid-mcp](https://www.npmjs.com/package/@mukundakatta/uuid-mcp): MCP server: generate, validate, and decode UUID v4 and v7. - [@mukundakatta/validate-mcp](https://www.npmjs.com/package/@mukundakatta/validate-mcp): MCP server: validate JSON against a JSON Schema (draft-07) with detailed error paths. - [@mukundakatta/vector-poison-score](https://www.npmjs.com/package/@mukundakatta/vector-poison-score): Score retrieved documents for vector/RAG poisoning signals. - [@mukundakatta/whitespace-mcp](https://www.npmjs.com/package/@mukundakatta/whitespace-mcp): MCP server: normalize, trim, collapse, or expand whitespace in text. - [@mukundakatta/wordcount-mcp](https://www.npmjs.com/package/@mukundakatta/wordcount-mcp): MCP server: word/sentence/paragraph counts plus reading-time estimate. - [@mukundakatta/wrap-mcp](https://www.npmjs.com/package/@mukundakatta/wrap-mcp): MCP server: word-wrap text at a configurable column width. - [@mukundakatta/xml-mcp](https://www.npmjs.com/package/@mukundakatta/xml-mcp): MCP server: convert between XML and JSON. Attribute-aware, CDATA-safe. - [@mukundakatta/yaml-mcp](https://www.npmjs.com/package/@mukundakatta/yaml-mcp): MCP server: convert between YAML and JSON. Preserves keys, arrays, nested structures. ## PyPI (52 packages) - [agent-loop-breaker-py](https://pypi.org/project/agent-loop-breaker-py/): Detect repeated agent steps and stop runaway loops. Python port of @mukundakatta/agent-loop-breaker. - [agent-regression-lens-py](https://pypi.org/project/agent-regression-lens-py/): Detect regressions between baseline and current AI agent runs. Python port of @mukundakatta/agent-regression-lens. - [agent-run-diff](https://pypi.org/project/agent-run-diff/): Compare baseline vs current agent runs and surface regressions as structured reasons: success loss, new errors, failed tool calls, output drift, step/latency/cost bloat. - [agent-trajectory-replay-py](https://pypi.org/project/agent-trajectory-replay-py/): Replay and diff AI agent event trajectories for debugging regressions. Python port of @mukundakatta/agent-trajectory-replay. - [agentcast-py](https://pypi.org/project/agentcast-py/): Structured output for any LLM call. Validate-and-retry loop for JSON responses; BYO LLM and validator. Python port of @mukundakatta/agentcast. - [agentfit-py](https://pypi.org/project/agentfit-py/): Fit your messages into the LLM context window. Token-aware truncation with multiple strategies, pluggable tokenizers. Python port of @mukundakatta/agentfit. - [agentguard-firewall](https://pypi.org/project/agentguard-firewall/): Network egress firewall for AI agents. Declarative allow/deny list of hosts your agent tools may reach. Python port of @mukundakatta/agentguard. - [agentsnap-py](https://pypi.org/project/agentsnap-py/): Snapshot tests for AI agents. Record an agent's tool-call trace, diff against a baseline, fail CI on regressions. Python port of @mukundakatta/agentsnap. - [agentvet-py](https://pypi.org/project/agentvet-py/): Validate LLM-generated tool args before execution. Wraps tool functions with arg validation, raises ToolArgError with LLM-friendly retry hint. Python port of @mukundakatta/agentvet. - [ai-eval-forge](https://pypi.org/project/ai-eval-forge/): Zero-dependency eval harness for LLM and agent regression testing. Scores outputs with exact, contains, regex, JSON, citation, and token-F1 checks. Compares two runs to flag regressions. - [ai-supply-chain-manifest-py](https://pypi.org/project/ai-supply-chain-manifest-py/): Build and validate lightweight AI model / data / tool manifests. Python port of @mukundakatta/ai-supply-chain-manifest. - [citation-integrity-check](https://pypi.org/project/citation-integrity-check/): Verify answer citations refer to supplied source ids and that cited sources actually support the claims. Python port of @mukundakatta/citation-integrity-check. - [claude-commands-check](https://pypi.org/project/claude-commands-check/): Linter for Claude Code slash-command files (.claude/commands/*.md). Validates YAML frontmatter, allowed-tools shape, description quality, and flags hardcoded secrets. - [claude-hooks-check](https://pypi.org/project/claude-hooks-check/): Linter for Claude Code hooks configuration (the 'hooks' block of settings.json). Validates event names, matcher shape, command entries, and flags dangerous commands or hardcoded secrets. - [claude-skill-check](https://pypi.org/project/claude-skill-check/): Linter for Claude Code SKILL.md files. Validates YAML frontmatter, required fields, description length, and common secret patterns. - [codex-skill-kit](https://pypi.org/project/codex-skill-kit/): Scaffold and validate Codex skills from the command line. - [consent-redaction-log-py](https://pypi.org/project/consent-redaction-log-py/): Record consent-aware redactions for privacy review trails. Zero-dep Python port of @mukundakatta/consent-redaction-log. - [context-drift-detector-py](https://pypi.org/project/context-drift-detector-py/): Detect topic drift between user intent, retrieved context, and AI answers. Python port of @mukundakatta/context-drift-detector. - [context-forge-py](https://pypi.org/project/context-forge-py/): Context engineering toolkit for ranking, packing, and risk-scanning RAG context. Python port of @mukundakatta/context-forge. - [context-window-packer-py](https://pypi.org/project/context-window-packer-py/): Pack context chunks into a budget by relevance and priority. Python port of @mukundakatta/context-window-packer. - [designlint-py](https://pypi.org/project/designlint-py/): HTML/CSS accessibility and design linter: contrast, touch targets, headings, form labels, leaked secrets. Stdlib-only Python port of @mukundakatta/designlint. - [embedding-dedupe](https://pypi.org/project/embedding-dedupe/): Deduplicate near-identical embedding records by cosine similarity. Pure Python, zero runtime deps. Python port of @mukundakatta/embedding-dedupe. - [eval-dataset-smith-py](https://pypi.org/project/eval-dataset-smith-py/): Generate balanced AI eval fixtures from source examples, bugs, docs, and policies. Python port of @mukundakatta/eval-dataset-smith. - [eval-flake-detector](https://pypi.org/project/eval-flake-detector/): Detect flaky LLM eval cases across repeated runs. Pass-rate + standard-deviation per case, with per-case severity. Python port of @mukundakatta/eval-flake-detector. - [hallucination-risk-meter](https://pypi.org/project/hallucination-risk-meter/): Estimate hallucination risk in LLM answers from uncertainty language, unsupported specifics, citations, and context coverage. Python port of @mukundakatta/hallucination-risk-meter. - [jailbreak-corpus-mini-py](https://pypi.org/project/jailbreak-corpus-mini-py/): Small local jailbreak and prompt-injection fixture set for tests. Python port of @mukundakatta/jailbreak-corpus-mini. - [kavach-py](https://pypi.org/project/kavach-py/): Small, inspectable threat-scoring library for AI-app security monitoring. Zero-dep Python port of @mukundakatta/kavach. - [llm-cost-guard-py](https://pypi.org/project/llm-cost-guard-py/): Estimate LLM request cost and enforce per-request or per-session budgets. Python port of @mukundakatta/llm-cost-guard. - [llm-output-sanitizer-py](https://pypi.org/project/llm-output-sanitizer-py/): Sanitize LLM outputs before HTML, SQL, shell, or markdown sinks. Python port of @mukundakatta/llm-output-sanitizer. - [llm-response-schema-lite-py](https://pypi.org/project/llm-response-schema-lite-py/): Tiny schema validator for structured LLM responses. Python port of @mukundakatta/llm-response-schema-lite. - [llm-trace-sampler-py](https://pypi.org/project/llm-trace-sampler-py/): Sample LLM traces by risk, errors, latency, and deterministic ids. Python port of @mukundakatta/llm-trace-sampler. - [llm-usage-report](https://pypi.org/project/llm-usage-report/): Parse LLM API response logs (Anthropic, OpenAI, Google) and generate token / cost reports. Supports a --alert-at budget alarm that exits non-zero when total cost exceeds a threshold. No framework adoption required. - [mcp-config-check](https://pypi.org/project/mcp-config-check/): Linter for MCP (Model Context Protocol) config files used by Claude Desktop, Cursor, Cline, Windsurf, and Zed. CLI + library API. - [mcpcheck-py](https://pypi.org/project/mcpcheck-py/): Lint MCP config files for Claude Desktop, Claude Code, Cursor, Cline, Windsurf, and Zed. Stdlib-only Python port of @mukundakatta/mcpcheck. - [mk-agentkit](https://pypi.org/project/mk-agentkit/): The agent reliability stack in one install: agentfit + agentguard + agentsnap + agentvet + agentcast (Python ports). - [model-fallback-planner-py](https://pypi.org/project/model-fallback-planner-py/): Plan model fallback chains from capability, cost, and health data. Python port of @mukundakatta/model-fallback-planner. - [model-router-policy-py](https://pypi.org/project/model-router-policy-py/): Policy-based model routing by capability, cost, latency, and privacy. Python port of @mukundakatta/model-router-policy. - [partial-json-stream](https://pypi.org/project/partial-json-stream/): Streaming JSON parser that yields partial valid trees as tokens arrive. For LLM tool calls, structured outputs, and partial recovery. - [pii-sentry-py](https://pypi.org/project/pii-sentry-py/): Detect and redact PII and secret-like values before logging or sending text to AI providers. Python port of @mukundakatta/pii-sentry. - [prompt-injection-shield-py](https://pypi.org/project/prompt-injection-shield-py/): Scan retrieved text for prompt-injection risk before adding it to model context. Python port of @mukundakatta/prompt-injection-shield. - [prompt-token-trim-py](https://pypi.org/project/prompt-token-trim-py/): Trim prompt messages to fit a token budget while preserving priority. Python port of @mukundakatta/prompt-token-trim. - [prompt-version-diff-py](https://pypi.org/project/prompt-version-diff-py/): Diff prompt templates and flag risky instruction changes. Python port of @mukundakatta/prompt-version-diff. - [rag-quality-kit](https://pypi.org/project/rag-quality-kit/): Heuristic quality metrics for RAG retrieval and grounded answers. Python port of @mukundakatta/rag-quality-kit. - [rag-staleness-auditor-py](https://pypi.org/project/rag-staleness-auditor-py/): Find stale RAG chunks by age, version, and freshness requirements. Python port of @mukundakatta/rag-staleness-auditor. - [retrieval-acl-filter-py](https://pypi.org/project/retrieval-acl-filter-py/): Enforce document ACLs after retrieval and before prompting. Python port of @mukundakatta/retrieval-acl-filter. - [semantic-cache-key](https://pypi.org/project/semantic-cache-key/): Stable semantic cache keys for LLM requests. Invariant to whitespace, casing, and key ordering; sensitive to model swaps, tool list, and retrieval context. Python port of @mukundakatta/semantic-cache-key. - [skillint-py](https://pypi.org/project/skillint-py/): Lint Claude Code SKILL.md files for frontmatter, required fields, descriptions, and hardcoded secrets. Stdlib-only Python port of @mukundakatta/skillint. - [system-prompt-leak-scan](https://pypi.org/project/system-prompt-leak-scan/): Detect system prompt leakage in LLM model outputs via known patterns, configured-prompt substring matching, and unique fingerprint phrases. Python port of @mukundakatta/system-prompt-leak-scan. - [tool-call-contracts-py](https://pypi.org/project/tool-call-contracts-py/): Validate LLM tool-call payloads with small JSON-like contracts. Python port of @mukundakatta/tool-call-contracts. - [tool-permission-gate-py](https://pypi.org/project/tool-permission-gate-py/): Policy-check agent tool calls before execution. Python port of @mukundakatta/tool-permission-gate. - [tool-result-taint-py](https://pypi.org/project/tool-result-taint-py/): Track untrusted tool output before it enters prompts or actions. Python port of @mukundakatta/tool-result-taint. - [vector-poison-score](https://pypi.org/project/vector-poison-score/): Score (query, document) pairs for vector/RAG poisoning signals: vector-text mismatch, instruction-like payloads, NaN, suspiciously round numbers. Python port of @mukundakatta/vector-poison-score. ## crates.io — MukundaKatta (176 crates) - [agent-budget-alarm](https://crates.io/crates/agent-budget-alarm): Set threshold alarms on agent cost or token budgets - [agent-citation](https://crates.io/crates/agent-citation): WHERE-layer structured citations for AI agent outputs: attach, validate, and audit source pointers. - [agent-config-store](https://crates.io/crates/agent-config-store): Key-value config store for LLM agents with typed accessors - [agent-context-builder](https://crates.io/crates/agent-context-builder): Compose LLM system prompts from named sections with ordering and conditionals - [agent-context-slice](https://crates.io/crates/agent-context-slice): Extract a bounded context slice from a long LLM conversation history - [agent-conversation-state](https://crates.io/crates/agent-conversation-state): Track conversation state and phase transitions for LLM agents - [agent-cost-tracker](https://crates.io/crates/agent-cost-tracker): Track API costs across an LLM agent session - [agent-deadline](https://crates.io/crates/agent-deadline): Cooperative per-task deadline primitive for AI agent workflows. - [agent-decision-log](https://crates.io/crates/agent-decision-log): WHY-layer decision log for AI agents: record options considered, the option chosen, the rationale, and the outcome, then persist as JSONL. - [agent-epoch-counter](https://crates.io/crates/agent-epoch-counter): Named counters that reset on epoch boundaries for per-session rate tracking - [agent-error-recovery](https://crates.io/crates/agent-error-recovery): Composable error recovery strategies for LLM agent tool calls - [agent-event-bus](https://crates.io/crates/agent-event-bus): Tiny in-process pub/sub for agent loop events. Sync-only Rust mirror of the Python agent-event-bus library: register handlers by event name (or `*` for every event), emit, and remove via opaque Subscription handles. Subscriber panics are isolated so the bus keeps dispatching. - [agent-event-emit](https://crates.io/crates/agent-event-emit): Structured event emitter for agent runs. Append-only, JSON-line-serializable events with monotonic ids, run id, and timestamps. Zero deps beyond serde_json. - [agent-event-log](https://crates.io/crates/agent-event-log): Structured lifecycle event log for AI agent runs - [agent-feature-gate](https://crates.io/crates/agent-feature-gate): Feature flags and capability gates for AI agent tool access - [agent-fn-registry](https://crates.io/crates/agent-fn-registry): Registry of LLM agent tools: callable + schema + side-effects + defaults - [agent-health-check](https://crates.io/crates/agent-health-check): Health status tracker for LLM agent components - [agent-heartbeat](https://crates.io/crates/agent-heartbeat): Periodic heartbeat recorder and stall detector for AI agents - [agent-knowledge-base](https://crates.io/crates/agent-knowledge-base): Simple keyword-indexed knowledge base for LLM agents - [agent-lock](https://crates.io/crates/agent-lock): Cooperative execution lock to prevent concurrent agent runs on the same key - [agent-memory-store](https://crates.io/crates/agent-memory-store): Simple key-value memory store for AI agents — persist facts across turns - [agent-message-window](https://crates.io/crates/agent-message-window): Sliding window of recent LLM conversation turns with paired-protection: never drop a tool_use without its tool_result sibling. Zero deps (serde_json only). - [agent-output-filter](https://crates.io/crates/agent-output-filter): Filter and transform LLM agent output before delivery - [agent-persona](https://crates.io/crates/agent-persona): Define and apply personas for LLM agent system prompts - [agent-prompt-history](https://crates.io/crates/agent-prompt-history): Rolling history buffer for LLM conversation turns - [agent-rate-limiter](https://crates.io/crates/agent-rate-limiter): Token bucket rate limiter for LLM agent API calls - [agent-reflection](https://crates.io/crates/agent-reflection): Self-evaluation and reflection loop for LLM agent outputs - [agent-replay-trace](https://crates.io/crates/agent-replay-trace): Load and step through JSONL agent traces - [agent-run-id](https://crates.io/crates/agent-run-id): Generate and propagate correlation run IDs through agent sessions and HTTP headers - [agent-run-metadata](https://crates.io/crates/agent-run-metadata): Attach structured metadata to AI agent runs for tracing and attribution - [agent-scratchpad](https://crates.io/crates/agent-scratchpad): Scratchpad for intermediate reasoning steps in LLM agents - [agent-session-id](https://crates.io/crates/agent-session-id): Generate and track session IDs for LLM agent conversations - [agent-shadow-mode](https://crates.io/crates/agent-shadow-mode): Toggle shadow mode for agent tool calls: record what would have happened without running real side-effecting code. - [agent-state-machine](https://crates.io/crates/agent-state-machine): Generic labeled state machine for AI agent control flows - [agent-task-queue](https://crates.io/crates/agent-task-queue): Priority queue of agent tasks with status tracking - [agent-tool-allowlist](https://crates.io/crates/agent-tool-allowlist): Allowlist/blocklist guard for LLM agent tool calls - [agent-tool-middleware](https://crates.io/crates/agent-tool-middleware): Middleware pipeline for LLM agent tool call pre/post processing - [agent-tool-timeout](https://crates.io/crates/agent-tool-timeout): Per-tool deadline enforcement for LLM agent tool calls - [agent-topic-tracker](https://crates.io/crates/agent-topic-tracker): Track which topics have been covered in a conversation - [agent-turn-limit](https://crates.io/crates/agent-turn-limit): Enforce a max-turn cap on LLM agent loops - [agent-watchdog](https://crates.io/crates/agent-watchdog): Watchdog that detects stuck or stalled LLM agent loops - [agentcast](https://crates.io/crates/agentcast): Structured-output enforcer for LLM responses. Repair + validate + (optional) retry-with-LLM. BYO-LLM, BYO-schema. - [agentfit](https://crates.io/crates/agentfit): Fit messages to an LLM context window. Token-aware truncation with pluggable tokenizers and multiple strategies. - [agentguard](https://crates.io/crates/agentguard): Network egress firewall for AI agent tools. Declarative domain allowlist; throws on violation. Optional reqwest-middleware integration. - [agentidemp](https://crates.io/crates/agentidemp): Idempotency keys for LLM agent retries. Deterministic content-derived keys (UUIDv5 or sha256-hex) so retries dedupe at the provider. - [agentprompt](https://crates.io/crates/agentprompt): LLM prompt templates with Jinja2 syntax. Render system/user/assistant turns into a typed message list, ready for the Anthropic or OpenAI SDK. - [agentsnap](https://crates.io/crates/agentsnap): Snapshot tests for AI agent traces. Record once, replay-and-compare on every run; the agent equivalent of Jest snapshots. - [agenttap](https://crates.io/crates/agenttap): Wire-level prompt introspection for LLM SDK calls. See exactly what was sent, with credentials redacted by default. - [agenttrace](https://crates.io/crates/agenttrace): Cost + latency aggregation for LLM agent runs. Group calls into named runs, get totals, p50/p95, and per-model breakdowns. Composes with cachebench. - [agentvet](https://crates.io/crates/agentvet): Validate LLM-generated tool args before execution. Throws a structured ToolArgError with LLM-friendly retry hints when the model hallucinates wrong types or missing fields. - [annflat-core](https://crates.io/crates/annflat-core): Pure-Rust core for annflat: small in-memory flat-file ANN over f32 vectors. - [bedrock-cost](https://crates.io/crates/bedrock-cost): Calculate AWS Bedrock invocation cost across vendors (Llama, Mistral, Cohere, Titan, AI21). Cross-region inference profile aware. No SDK dependency. - [bm25-rerank](https://crates.io/crates/bm25-rerank): BM25 reranker for RAG: in-memory term-frequency reranking against a small candidate set. Stateless, zero deps. - [bom-strip](https://crates.io/crates/bom-strip): Strip UTF-8/16/32 BOM bytes and stray U+FEFF code points from text before parsing or hashing. Zero deps. - [cachebench](https://crates.io/crates/cachebench): Prompt-cache observability for LLM APIs. Per-call hit ratio, cost saved, regression alerts. Anthropic, OpenAI, Bedrock. - [char-token-est](https://crates.io/crates/char-token-est): Tokenless byte/char-based token-count estimator for LLM prompts. Per-model-family calibration for Claude, GPT, Gemini, Llama. Zero deps. - [chunk-flush](https://crates.io/crates/chunk-flush): Flush-on-newline buffer for streaming LLM output. Holds bytes until a newline or N millis pass, then yields a complete chunk. Zero deps. - [citecite](https://crates.io/crates/citecite): Citation-marker [1] [2] injector + parser for RAG outputs. Round-trips between sources and rendered text. - [claude-cost](https://crates.io/crates/claude-cost): Calculate Claude API call cost from a usage block. Cache-aware (cache_creation, cache_read), supports Anthropic API and AWS Bedrock model IDs, BYO pricing override. No SDK dependency. - [claude-stream](https://crates.io/crates/claude-stream): Parse Anthropic's Server-Sent Events stream into typed events. No SDK dependency — feed it bytes, get back message_start, content_block_delta, etc. - [code-chunk](https://crates.io/crates/code-chunk): Split source code into RAG-friendly chunks that respect function and class boundaries. Brace and indent-aware, language-agnostic heuristics. Zero deps. - [content-cas](https://crates.io/crates/content-cas): Content-addressed cache primitive: store bytes under their SHA-256 hex, retrieve by hex, atomic on-disk persistence. Zero deps. - [conversation-codec](https://crates.io/crates/conversation-codec): JSONL save/load for LLM conversation messages with optional per-message redaction. Zero deps beyond serde_json. - [cosine-fast](https://crates.io/crates/cosine-fast): Hot-loop cosine similarity for f32 slices. Auto-vectorized scalar core, optional precompute-norms helper. Zero deps. - [cost-meter](https://crates.io/crates/cost-meter): Aggregate LLM API cost across providers, models, and time windows. Provider-agnostic — pairs with claude-cost, openai-cost, gemini-cost, bedrock-cost. No SDK dependency. - [embed-key](https://crates.io/crates/embed-key): Deterministic cache key for an embedding request: hash text + mix in provider, model, and dimensionality. So a cache survives model upgrades without false hits. Zero deps. - [embedcache-core](https://crates.io/crates/embedcache-core): Pure-Rust core for embedcache: a content-addressed embedding cache. - [embedrank](https://crates.io/crates/embedrank): Batched cosine, dot, L2 distance for f32 embeddings, with a heap-based top-k selector. No BLAS, no allocator surprises. - [emoji-sanitize](https://crates.io/crates/emoji-sanitize): Normalize or strip emoji-related Unicode (presentation selectors, variation selectors, zero-width joiners) from text before LLM input. Zero deps. - [eval-flake-rs](https://crates.io/crates/eval-flake-rs): Detect flaky LLM eval cases by tracking pass/fail across repeated runs. Returns per-case flip-rate and an overall flakiness score. Zero deps. - [gemini-cost](https://crates.io/crates/gemini-cost): Calculate Google Gemini API call cost from a usage block. Cache-aware, supports Gemini 2.5 Pro/Flash/Flash-Lite and 2.0 families, BYO pricing override. No SDK dependency. - [gold-cmp](https://crates.io/crates/gold-cmp): Pairwise comparison runner for gold-set LLM evals: A vs B winner counting, statistical-significance helper, win-rate summary. Zero deps. - [homoglyph-detect](https://crates.io/crates/homoglyph-detect): Detect Cyrillic/Greek lookalike chars masquerading as ASCII. For prompt-injection and phishing defense. Zero deps. - [html-entity-fix](https://crates.io/crates/html-entity-fix): Decode HTML entities (& < > " ' numeric refs) that LLMs sometimes emit in plain-text output. Zero deps. - [json-pluck](https://crates.io/crates/json-pluck): Pluck a single value out of a serde_json::Value by dotted path or simple JSONPath. Lossy, forgiving, intended for LLM-emitted JSON. - [json-streamparse-rs](https://crates.io/crates/json-streamparse-rs): Streaming JSON balance detector: feed bytes incrementally, ask whether the buffer currently holds a complete top-level value. String/escape aware. Zero deps. - [latency-buckets](https://crates.io/crates/latency-buckets): Streaming histogram + percentile estimator for LLM call latencies. Fixed log-scale buckets, O(1) record, p50/p90/p95/p99 in microseconds. Zero deps. - [lineify](https://crates.io/crates/lineify): Turn a token-by-token stream into stable line events. Buffer until a newline arrives, then emit the whole line. Zero deps. - [llm-budget-window](https://crates.io/crates/llm-budget-window): Time-windowed token + USD budget. Define multiple rolling windows (e.g. $5/minute, $100/day) and reject when any window's cap would be breached. Thread-safe, zero deps. - [llm-circuit-breaker](https://crates.io/crates/llm-circuit-breaker): Tiny circuit breaker for LLM API calls. Opens after N consecutive failures, half-opens to probe after a reset window, closes on success. Thread-safe, no async runtime lock-in. - [llm-content-blocks](https://crates.io/crates/llm-content-blocks): Typed fluent builder for Anthropic Messages-API content blocks (text, image, tool_use, tool_result, document). Emits the exact JSON shape the API expects. No SDK dependency. - [llm-context-budget](https://crates.io/crates/llm-context-budget): Track and enforce context window budget for LLM conversations - [llm-cost-cap](https://crates.io/crates/llm-cost-cap): Pre-flight USD cost gate for LLM calls. Estimate input plus output cost from token counts and reject calls that would exceed a configured cap. - [llm-error-class](https://crates.io/crates/llm-error-class): Classify LLM provider error responses (rate-limit, auth, server, context-window, content-policy, malformed). Anthropic, OpenAI, Google, AWS Bedrock. Zero deps. - [llm-fallback-chain](https://crates.io/crates/llm-fallback-chain): Multi-provider failover for LLM calls. Try provider A, fall back to B then C on failure. - [llm-fallback-router](https://crates.io/crates/llm-fallback-router): Multi-provider failover for LLM calls. Try Anthropic, fall back to OpenAI/Gemini/Bedrock on retryable errors. Per-attempt audit log. Zero runtime deps. BYO clients. - [llm-json-extractor](https://crates.io/crates/llm-json-extractor): Extract JSON from LLM outputs that may contain preamble or postamble text - [llm-json-repair](https://crates.io/crates/llm-json-repair): Clean and parse JSON emitted by LLMs. Strips markdown fences, trailing commas, and surrounding prose so serde_json::from_str works. - [llm-message-dedup](https://crates.io/crates/llm-message-dedup): Remove duplicate or near-duplicate messages from LLM conversation history - [llm-message-dispatch](https://crates.io/crates/llm-message-dispatch): Route incoming messages to named handlers based on keyword or prefix rules - [llm-message-hash](https://crates.io/crates/llm-message-hash): Stable canonical hash of LLM request/message structures. Recursive key-sorting JSON canonicalization + sha256, with per-provider ignore-lists so semantically-equal Anthropic/OpenAI/Bedrock requests produce the same hash. Useful for cache keys and idempotency. - [llm-mock](https://crates.io/crates/llm-mock): Deterministic mock LLM for testing agent pipelines - [llm-model-selector](https://crates.io/crates/llm-model-selector): Select the best LLM model based on task requirements and budget - [llm-multi-turn-builder](https://crates.io/crates/llm-multi-turn-builder): Fluent builder for LLM multi-turn conversation message lists - [llm-output-validator](https://crates.io/crates/llm-output-validator): Rule-based validator for LLM output strings. Enforce length, regex, JSON, allowed values, or custom predicates. - [llm-pii-redact](https://crates.io/crates/llm-pii-redact): Regex-based PII redaction for LLM prompts and tool outputs, with reversible placeholders. - [llm-prefix-match](https://crates.io/crates/llm-prefix-match): Check if LLM output matches expected prefix patterns for accept/reject gating - [llm-prompt-cache-stats](https://crates.io/crates/llm-prompt-cache-stats): Track Anthropic prompt cache hit rates and savings - [llm-provider-id](https://crates.io/crates/llm-provider-id): Normalize and parse LLM provider and model identifiers - [llm-request-log](https://crates.io/crates/llm-request-log): Structured log of LLM API requests with IDs, timing, and token counts - [llm-response-cache](https://crates.io/crates/llm-response-cache): In-memory LRU cache for LLM responses keyed by request hash - [llm-response-window](https://crates.io/crates/llm-response-window): Sliding window of recent LLM responses for context tracking - [llm-retry](https://crates.io/crates/llm-retry): Runtime-agnostic exponential backoff with full jitter for LLM API calls. Built-in retryable-error code lists for Anthropic, OpenAI, AWS Bedrock, Google. Sync + tokio. Pure-std core. - [llm-sampling-params](https://crates.io/crates/llm-sampling-params): Builder for LLM sampling parameters (temperature, top_p, top_k, stop sequences) - [llm-stop-conditions](https://crates.io/crates/llm-stop-conditions): Composable stop conditions for LLM agent loops: max iters, USD, tokens, seconds, no-progress, custom. - [llm-stop-token-guard](https://crates.io/crates/llm-stop-token-guard): Detect if LLM output was truncated by a stop token or max-tokens limit - [llm-stream-accumulator](https://crates.io/crates/llm-stream-accumulator): Accumulate LLM streaming chunks into a complete response - [llm-structured-retry](https://crates.io/crates/llm-structured-retry): Retry LLM calls by injecting previous error as a follow-up user message - [llm-think-tag-strip](https://crates.io/crates/llm-think-tag-strip): Strip / reasoning blocks from LLM output (Claude, DeepSeek, etc.) - [llm-token-split](https://crates.io/crates/llm-token-split): Split long text into overlapping chunks for LLM context windows - [llm-tool-registry](https://crates.io/crates/llm-tool-registry): Registry of available tools with schema for LLM agents - [llm-turn-counter](https://crates.io/crates/llm-turn-counter): Count LLM conversation turns with per-role breakdown and limit enforcement - [llmfleet](https://crates.io/crates/llmfleet): Fleet-level batch dispatcher for LLM APIs. Pool requests across tasks, route to provider Batch APIs, save 50% on cost without rewriting your agent loops. - [lru-tokens](https://crates.io/crates/lru-tokens): LRU cache where eviction is weighted by token count, not entry count. Bound a prompt cache by tokens (or any other size unit) instead of N entries. Zero deps. - [lshdedup-core](https://crates.io/crates/lshdedup-core): Pure-Rust core for lshdedup: MinHash + LSH near-duplicate detection. - [markdown-chunk](https://crates.io/crates/markdown-chunk): Split Markdown into RAG-friendly chunks that respect heading hierarchy. Keeps each chunk under a soft char cap; never splits inside a fenced code block. Zero deps. - [markdown-strip](https://crates.io/crates/markdown-strip): Strip Markdown formatting (headers, bold, italic, links, code, blockquotes) to plain text. Conservative, fast, zero deps. - [maskprompt-core](https://crates.io/crates/maskprompt-core): Pure-Rust core for maskprompt: PII redaction for LLM prompts. - [mmr-rerank](https://crates.io/crates/mmr-rerank): Maximal Marginal Relevance reranker for RAG: diversify a set of retrieved documents by balancing query-relevance against pairwise novelty. Zero deps. - [openai-cost](https://crates.io/crates/openai-cost): Calculate OpenAI API call cost from a usage block. Cache-aware (cached_input_tokens), supports GPT-5, GPT-4.1, o3, o4 model families, BYO pricing override. No SDK dependency. - [otel-genai-bridge](https://crates.io/crates/otel-genai-bridge): Translate LLM telemetry attributes between OpenInference and OpenTelemetry GenAI semantic conventions. No telemetry SDK dependency. - [output-sanitize-rs](https://crates.io/crates/output-sanitize-rs): Strip dangerous HTML/SQL/shell snippets from LLM output before render, query, or shell sinks. Rust port of @mukundakatta/llm-output-sanitizer. Zero deps. - [prompt-cache-key](https://crates.io/crates/prompt-cache-key): Stable Anthropic prompt-cache scope hashes. Given (system, tools, model), produce a deterministic key that survives benign reordering. - [prompt-cache-warmer](https://crates.io/crates/prompt-cache-warmer): Pre-warm Anthropic prompt cache before user traffic. Injects cache_control breakpoints, fires a tiny warmup call, optionally verifies the cache hit, and reports tokens, latency, and estimated cost. No SDK dependency. - [prompt-eval-rubric](https://crates.io/crates/prompt-eval-rubric): Score LLM outputs against named 0.0-1.0 rubrics. Rubrics rank; validators reject. Weighted aggregation, exception-isolated scoring. - [prompt-fence-strip](https://crates.io/crates/prompt-fence-strip): Strip ```code fences```, leading prose, and trailing chatter from LLM output so the structured payload survives. Zero deps. - [prompt-hash](https://crates.io/crates/prompt-hash): Deterministic cache key for an LLM prompt: normalize whitespace, hash messages, mix in model + temperature. Pairs with semantic-cache-key. Zero deps. - [prompt-inj-rs](https://crates.io/crates/prompt-inj-rs): Prompt-injection risk scanner. Rust port of @mukundakatta/prompt-injection-shield. Returns a 0-1 score plus per-rule findings. Zero deps. - [prompt-length-guard](https://crates.io/crates/prompt-length-guard): Enforce minimum and maximum length constraints on LLM prompts - [prompt-part-builder](https://crates.io/crates/prompt-part-builder): Build structured prompt parts: instruction, example, context, format, constraint - [prompt-shield](https://crates.io/crates/prompt-shield): Pattern-based prompt-injection detection for LLM apps. - [prompt-token-counter](https://crates.io/crates/prompt-token-counter): Approximate token counts for LLM messages, system prompts, and tools. Zero-config chars/4 heuristic, BYO tokenizer, content-block aware (text/image/tool_use/tool_result/document). One serde_json dep. - [promptbudget](https://crates.io/crates/promptbudget): Token-budget-aware text truncation with multiple strategies. Bring-your-own tokenizer, no hard tiktoken dep. - [promptver](https://crates.io/crates/promptver): Hash and version prompt templates so eval results, cache keys, and audit logs stay stable when templates change. Whitespace-normalized SHA-256. Zero deps. - [ragdrift](https://crates.io/crates/ragdrift): Five-dimensional drift detection for production RAG systems. Re-export of ragdrift-core. - [ragdrift-core](https://crates.io/crates/ragdrift-core): Pure-Rust core for ragdrift: 5-dimensional drift detection for RAG systems. - [ragmetric](https://crates.io/crates/ragmetric): IR metrics for RAG retrieval evaluation: recall@k, MRR, NDCG@k, hit@k. Pure data ops, no model dependencies. - [regex-pii-rs](https://crates.io/crates/regex-pii-rs): Regex-only PII detector for emails, phones, SSNs, credit cards, and prefixed API keys. Rust port of pii-sentry. Zero deps. - [rerank-blend](https://crates.io/crates/rerank-blend): Blend N RAG reranker score streams (dense, BM25, cross-encoder) with configurable weights and rank-aware normalization. Zero deps. - [rtl-flip-detect](https://crates.io/crates/rtl-flip-detect): Detect right-to-left override (U+202E) and other bidi-control characters that flip rendering of strings. Used in filename-spoof and prompt-injection attacks. Zero deps. - [schema-coerce](https://crates.io/crates/schema-coerce): Coerce LLM JSON values to a simple field-schema: string->int, bool, float; strip wrapper objects; fill defaults. Forgiving structured-output recovery. - [secret-mask](https://crates.io/crates/secret-mask): Mask known secret patterns (API keys, JWTs, AWS access keys, GitHub tokens) in log lines before they reach stdout/files/sinks. Zero deps. - [secretsniff-core](https://crates.io/crates/secretsniff-core): Pure-Rust core for secretsniff: source-code secret scanner. - [snipsplit-core](https://crates.io/crates/snipsplit-core): Pure-Rust core for snipsplit: token-aware text chunker for RAG ingestion. - [sse-frame](https://crates.io/crates/sse-frame): Streaming parser for Server-Sent Events frames as used by LLM APIs (OpenAI, Anthropic, Vertex). Push bytes, get back complete event records. Zero deps. - [step-id](https://crates.io/crates/step-id): Stable IDs for agent steps: deterministic hash of (run_id, step_index, kind) so events and traces share keys across reruns. Zero deps. - [stopstream](https://crates.io/crates/stopstream): Streaming-safe stop-sequence detector for LLM token streams. Handles partial matches at chunk boundaries. - [stream-chunkrec](https://crates.io/crates/stream-chunkrec): Recombine LLM streaming token deltas into stable text. Buffers partial words, handles UTF-8 fragments across chunks. Zero deps. - [textsanity-core](https://crates.io/crates/textsanity-core): Pure-Rust core for textsanity: unicode/whitespace/encoding cleanup. - [tiktoken-stream](https://crates.io/crates/tiktoken-stream): Streaming token counter for partial LLM responses. Accumulates token count across chunks without holding the full text. Pluggable estimator function. Zero deps. - [token-budget-pool](https://crates.io/crates/token-budget-pool): Shared token + dollar budget across concurrent LLM tasks. Thread-safe, returns BudgetExceeded when a record would push past a cap. Zero deps. - [toklab-core](https://crates.io/crates/toklab-core): Pure-Rust core for toklab: bulk tokenizer + counter for OpenAI BPE encodings. - [toml-repair](https://crates.io/crates/toml-repair): Repair messy TOML emitted by LLMs: strip markdown fences, normalize line endings, fix common quote-style slips, trim trailing whitespace. Zero deps. - [tool-arg-coerce](https://crates.io/crates/tool-arg-coerce): Fix common type slips in LLM-generated tool arguments: string->int/float/bool, single-element array->scalar, null->default. Lossy and forgiving. - [tool-arg-defaults](https://crates.io/crates/tool-arg-defaults): Apply per-tool default kwargs to LLM-generated tool calls. Caller-supplied values always win. Null is a real value, not 'use the default'. Operates over serde_json::Value. - [tool-arg-fuzzy](https://crates.io/crates/tool-arg-fuzzy): Fuzzy-match LLM-generated args to JSON Schema enum values. Zero-Levenshtein cascade (exact / case-insensitive / prefix / substring) with ambiguity guard. coerce_enums rewrites enum-constrained string properties before strict validation. - [tool-call-batcher](https://crates.io/crates/tool-call-batcher): Queue multiple pending tool calls and flush them as a batch - [tool-call-budgets](https://crates.io/crates/tool-call-budgets): Per-tool call count caps for AI agents. Stops runaway tool loops before they hit the invoice. - [tool-call-plan](https://crates.io/crates/tool-call-plan): Build and execute ordered tool call plans for LLM agents - [tool-call-trace](https://crates.io/crates/tool-call-trace): Record and replay tool call traces for LLM agents - [tool-input-sanitizer](https://crates.io/crates/tool-input-sanitizer): Sanitize and normalize LLM tool call inputs before execution - [tool-loop-break](https://crates.io/crates/tool-loop-break): Detect repeated agent tool invocations to break runaway loops. Tracks recent (tool, args_hash) tuples and signals a loop when count exceeds a threshold. Zero deps. - [tool-loop-guard](https://crates.io/crates/tool-loop-guard): Detect when an LLM agent gets stuck calling the same tool with the same args. Sliding-window guard that raises on repeated (tool_name, args) pairs. Custom key function support, zero heavy deps. - [tool-output-schema](https://crates.io/crates/tool-output-schema): Validate and enforce JSON schema on LLM tool outputs - [tool-output-truncate](https://crates.io/crates/tool-output-truncate): Truncate tool output (file reads, command runs, search hits) before adding to LLM message history. Char-aware head/middle/tail strategies with a configurable elision marker. Zero deps. - [tool-result-aggregator](https://crates.io/crates/tool-result-aggregator): Collect and merge multiple tool call results into a single JSON object - [tool-result-cache](https://crates.io/crates/tool-result-cache): Content-addressable LRU cache for LLM agent tool calls. Same tool, same args -> same answer, returned from memory. Optional TTL, content-addressable on (tool_name, args) with canonical-JSON keys. - [tool-retry-policy](https://crates.io/crates/tool-retry-policy): Declarative retry policy for LLM tool calls: per-tool max-attempts, exponential backoff, jitter, retriable-error filter. Returns a sleep duration; you run the call. Zero deps. - [tool-secret-scrubber](https://crates.io/crates/tool-secret-scrubber): Strip secrets (API keys, JWTs, bearer tokens, AWS keys, etc.) from arbitrary JSON-like values before they hit your logs. Walks objects/arrays, preserves shape, never mutates input. - [tool-side-effects-tag](https://crates.io/crates/tool-side-effects-tag): Declare what an LLM agent tool actually does (read, write, idempotent, destructive, external, expensive, network) so the scheduler / retry layer can decide what's parallel-safe and retry-safe. Zero runtime deps; serde optional. - [tool-timing-budget](https://crates.io/crates/tool-timing-budget): Total wall-clock time budget across all tool calls in an agent run - [trace-diff](https://crates.io/crates/trace-diff): Diff two agent traces semantically: align by event type + key, ignore timestamps and ids, return added/removed/changed steps. Zero deps beyond serde_json. - [trace-redact](https://crates.io/crates/trace-redact): Redact sensitive fields (api keys, tokens, emails, phone numbers) from agent traces before exporting to OTel or a log sink. Zero deps. - [vecnorm-core](https://crates.io/crates/vecnorm-core): Pure-Rust core for vecnorm: bulk vector ops on f32 matrices. - [yaml-repair](https://crates.io/crates/yaml-repair): Repair messy YAML emitted by LLMs: strip markdown fences, tabs->spaces, dedent leading whitespace, normalize line endings. Returns cleaned text suitable for any YAML parser. Zero deps. - [zero-width-strip](https://crates.io/crates/zero-width-strip): Strip zero-width and bidi-control Unicode characters from text. Defends against invisible-payload prompt injection. Zero deps. ## MCP Registry — io.github.MukundaKatta (20 servers) - [io.github.MukundaKatta/agentcast](https://github.com/MukundaKatta/agentcast-mcp): Structured-output enforcer: extract and validate JSON from messy LLM text. - [io.github.MukundaKatta/agentfit](https://github.com/MukundaKatta/agentfit-mcp): Token-aware message truncation: fit a chat history into your model's context budget. - [io.github.MukundaKatta/agentguard](https://github.com/MukundaKatta/agentguard-mcp): Network-egress firewall for agent tools: check URLs against a declarative policy. - [io.github.MukundaKatta/agentsnap](https://github.com/MukundaKatta/agentsnap-mcp): Snapshot tests for AI tool-call traces: diff, validate, and catch silent regressions. - [io.github.MukundaKatta/agentvet](https://github.com/MukundaKatta/agentvet-mcp): Validate tool-call args before execution. Returns LLM-friendly retry hints. - [io.github.MukundaKatta/citecite-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/citecite-mcp): Inject, parse, and strip [N] citation markers in RAG outputs. - [io.github.MukundaKatta/csv-tools-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/csv-tools-mcp): Reliable CSV parsing + generation. Handles quotes, embedded commas, BOMs, CRLF. - [io.github.MukundaKatta/diff-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/diff-mcp): Character-precise unified diff + patch application + patch parsing. - [io.github.MukundaKatta/html-to-markdown-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/html-to-markdown-mcp): Convert HTML to Markdown or strip to plain text. For web-scraping agents. - [io.github.MukundaKatta/jmespath-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/jmespath-mcp): Run JMESPath queries against JSON. Pure JS, no native binary needed. - [io.github.MukundaKatta/json5-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/json5-mcp): Parse JSON5 (comments, trailing commas, unquoted keys) and emit strict JSON. - [io.github.MukundaKatta/promptbudget-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/promptbudget-mcp): Token-budget-aware text handling: count, truncate, and chunk for LLM prompts. - [io.github.MukundaKatta/ragdrift-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/ragdrift-mcp): Diagnose RAG drift: interpret scores, recommend thresholds, explain dimensions. - [io.github.MukundaKatta/ragmetric-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/ragmetric-mcp): RAG retrieval IR metrics: recall@k, hit@k, MRR, NDCG@k, evaluate_batch. - [io.github.MukundaKatta/regex-test-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/regex-test-mcp): Trustworthy JS regex testing. Real offsets, named groups, safe against zero-width loops. - [io.github.MukundaKatta/shellquote-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/shellquote-mcp): Safe shell argument escaping for bash, cmd.exe, and PowerShell. - [io.github.MukundaKatta/sqlfmt-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/sqlfmt-mcp): Deterministic SQL formatting across 19 dialects (postgres, mysql, snowflake, bigquery, etc.). - [io.github.MukundaKatta/streamparse](https://github.com/MukundaKatta/streamparse-mcp): Parse partial / truncated / messy JSON for LLM tool calls and structured outputs. - [io.github.MukundaKatta/timezone-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/timezone-mcp): IANA timezone conversions with real DST rules. - [io.github.MukundaKatta/toml-yaml-json-mcp](https://registry.modelcontextprotocol.io/v0/servers?search=io.github.MukundaKatta/toml-yaml-json-mcp): Parse, format, and convert configs across TOML, YAML, and JSON.