Stack Coverage
Find your stack at a glance. Arcis ships first-party adapters for 10 Node frameworks, 4 Python frameworks, and 5 Go frameworks. The core sanitizers and validators work standalone in any environment.
Web frameworks
| Language | Framework | Status | Import |
|---|---|---|---|
| Node | Express | Built-in | import { arcis } from '@arcis/node' |
| Node | Fastify | Adapter | @arcis/node/fastify |
| Node | Koa | Adapter | @arcis/node/koa |
| Node | Hono | Adapter | @arcis/node/hono |
| Node | Next.js | Adapter | @arcis/node/nextjs |
| Node | NestJS | Adapter | @arcis/node/nestjs |
| Node | SvelteKit | Adapter | @arcis/node/sveltekit |
| Node | Astro | Adapter | @arcis/node/astro |
| Node | Nuxt | Adapter | @arcis/node/nuxt |
| Node | Bun | Adapter | @arcis/node/bun |
| Python | FastAPI | Adapter | from arcis.fastapi import ArcisMiddleware |
| Python | Flask | Adapter | from arcis import Arcis |
| Python | Django | Adapter | 'arcis.django.ArcisMiddleware' |
| Python | Litestar (+ any ASGI host) | Adapter | from arcis.litestar import ArcisMiddleware |
| Go | Gin | Adapter | github.com/GagancM/arcis/gin |
| Go | Echo | Adapter | github.com/GagancM/arcis/echo |
| Go | chi | Adapter | github.com/GagancM/arcis/chi |
| Go | Fiber | Adapter | github.com/GagancM/arcis/fiber |
| Go | net/http (stdlib) | Adapter | github.com/GagancM/arcis/nethttp |
Every adapter is a thin (~100-line) wrapper over the framework-agnostic core. If your framework is not listed, the core functions still work; see Framework Adapters for a custom-adapter recipe.
Runtime support
| Runtime | Status |
|---|---|
| Node.js 18+ | Primary |
| Bun | First-party adapter |
| Deno | Core functions work; framework adapter on roadmap |
| Python 3.9+ (CPython) | Primary |
| PyPy | Best-effort; not in CI |
| Go 1.21+ | Primary |
| AWS Lambda (Node, Python) | Works via standard handler patterns |
| Vercel Edge / Cloudflare Workers | Subset works; rate-limit needs Redis store. SSRF protection works. |
Rate-limit stores
| Store | Node | Python | Go |
|---|---|---|---|
| In-memory (default) | Yes | Yes | Yes |
Redis (ioredis / redis-py / go-redis) | Yes | Yes | Yes |
AI / LLM-handler endpoints
Arcis ships protections for LLM-handler routes across all three SDKs:
| Surface | What it does | Node | Python | Go |
|---|---|---|---|---|
detectPromptInjection / detect_prompt_injection | 28 signatures + 5 v1.6 toolcall patterns | Yes | Yes | Yes |
tokenBudget middleware | Per-key sliding window LLM token cap | Yes | Yes | Yes |
detectDeserialization (V33) | pickle / FastJSON / PHP / Ruby / .NET payload markers | Yes | Yes | v1.7 |
graphqlGuard (V34) | Depth + introspection + alias bomb + fragment cycle | Yes | Yes | v1.7 |
CorrelationWindow | Per-IP rolling window: scanner / credential stuffing / race | Yes | Yes | v1.7 |
The MCP server (@arcis/mcp) exposes arcis_audit, arcis_sca, arcis_scan, and arcis_detect_prompt_injection as MCP tools that Cursor, Claude Code, and any MCP-aware agent can call.
CLI coverage
| Command | Status | Languages |
|---|---|---|
arcis audit | Stable | Python, JavaScript, TypeScript (24 rules) |
arcis scan | Stable | Language-agnostic; probes any HTTP endpoint |
arcis sca | Stable | npm + PyPI lockfiles, node_modules/, site-packages |
| Interactive REPL (v1.6) | Stable | Wraps all of the above |
Platform binaries
The native CLI ships five binaries via the @arcis/cli npm package:
- Linux x86_64
- Linux ARM64
- macOS x86_64
- macOS ARM64 (Apple Silicon)
- Windows x86_64
The npm postinstall picks the right binary for your platform. WSL is detected and the launcher emits a friendly error if the wrong slice is invoked.
Not listed? File an issue at github.com/Gagancm/arcis/issues and tag adapter-request. The core sanitizers and validators have no framework dependency, so most "X is missing" requests are answered with a 20-line custom adapter.