@agent-native/core
Framework for agent-native application development — where AI agents and UI share state via files
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/server/og-fonts-data.js | AI (source-diff): Long lines are a Base64-encoded font blob with auto-generation header; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cli/pr-visual-recap-workflow.d.ts | AI (source-diff): Type declaration for the embedded YAML string; same benign pattern. | ai | |
| source-diff | obfuscated-file:dist/cli/pr-visual-recap-workflow.js | AI (source-diff): Long line is an embedded YAML workflow string with explanatory header; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/server/og-fonts-data.d.ts | AI (source-diff): Type declaration mirroring the Base64 font constant; same benign pattern. | ai | |
| phantom-deps | phantom-dep:nanoid | AI (phantom-deps): Likely used transitively or in config; stable false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/client/blocks/library/ApiEndpointBlock.js | AI (source-diff): Minified React/JSX bundle with readable imports; no obfuscation or encoded payload. | ai | |
| source-diff | obfuscated-file:dist/cli/context-xray-local.js | AI (source-diff): Bundled CLI tool reading AI agent config dirs; consistent with package purpose, no malicious payload. | ai | |
| phantom-deps | phantom-dep:tw-animate-css | AI (phantom-deps): CSS tooling dep referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@resvg/resvg-js | AI (phantom-deps): Referenced in config for SVG rendering; stable false positive. | ai | |
| phantom-deps | phantom-dep:@tiptap/y-tiptap | AI (phantom-deps): Collaboration extension referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@assistant-ui/react-markdown | AI (phantom-deps): UI dep referenced in config; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/client/settings/AutomationsSection.js | AI (source-diff): Sample shows readable compiled JSX/TS output, not obfuscation; long lines are from bundled imports. | ai | |
| phantom-deps | phantom-dep:p-limit | AI (phantom-deps): Declared for config/tooling use; not a runtime import concern for this framework package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Scaffold/framework package; README link dump reflects documentation style, not phishing. Stable pattern across versions. | ai | |
| phantom-deps | phantom-dep:@tiptap/pm | AI (phantom-deps): Peer/transitive dep declared for compatibility; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:minimatch | AI (phantom-deps): Declared for config/tooling use; stable false positive for this package. | ai | |
| typosquat | typosquat.levenshtein:cors | AI (typosquat): Scoped package @agent-native/core; levenshtein match to 'cors' is a false positive for this namespace. | ai |
Versions (showing 10 of 10)
| Version | Deps | Published |
|---|---|---|
| 0.45.0 | 80 / 43 | |
| 0.36.0 | 61 / 37 | |
| 0.31.2 | 57 / 37 | |
| 0.30.6 | 57 / 37 | |
| 0.22.43 | 53 / 37 | |
| 0.22.25 | 53 / 37 | |
| 0.2.3 | 5 / 16 | |
| 0.2.1 | 5 / 16 | |
| 0.2.0 | 5 / 16 | |
| 0.1.0 | 5 / 16 |
v0.45.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.36.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.31.2
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.30.6
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.22.43
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.22.25
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.