We’re building Hextrap (https://hextrap.com/products/firewall/), a package firewall to make it easier for teams and organizations to govern the packages installed from their favorite NPM, PyPI, Go, and Rust registries using managed allow/deny lists, custom OPA policies, and built-in safeguards like soak time (new versions are quarantined for a configurable amount of time - most malicious packages are discovered within 48h) and typosquatting detection. Every `pip install`, `npm install`, and `go get` is proxied through Hextrap and evaluated against a target firewall.

Hextrap is designed to work with LLMs (via MCP) so tools like Claude Code will check if a package is allow-listed before downloading or adding it to a project (in addition to using the proxy at install time). This bridges the gap between Claude’s planning and execution phases and creates a more collaborative experience with the developer when libraries are being chosen (i.e. pyramid is not allow-listed, should I try Django or Flask instead?)

In addition to the above, security data and package metadata is made available to OPA so teams can use the extra information to craft their own custom Rego policies (i.e. package must have had at least n commits in the past 6 months, have at least 1,000 stars, and a Hextrap security score above 75). We pull in data directly from the public registries and generate security signals that help identify version-level threats within packages.

You can try it out without signing up or giving us an email address here: https://hextrap.com/try

We’re actively building this product and are curious what the HN crowd thinks about the proxy-approach, the MCP integration point, and whether OPA was the right choice for policy as code.