← Home

@ai-sdk/anthropic

npm Repository Homepage

The **[Anthropic provider](https://ai-sdk.dev/providers/ai-sdk-providers/anthropic)** for the [AI SDK](https://ai-sdk.dev/docs) contains language model support for the [Anthropic Messages API](https://docs.anthropic.com/claude/reference/messages_post).

51
Versions
Apache-2.0
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

vercel-release-botmatheussmatt.straka

Keywords

ai

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
semgrep semgrep:base64-decode AI (semgrep): Base64 decoding in this SDK is used to convert binary content (e.g., images) passed to the Anthropic API. This is standard, documented behavior for an AI provider SDK — not a malicious payload pattern. ai
provenance publisher-changed AI (provenance): Transition from jaredpalmer to vercel-release-bot is Vercel's standard CI/CD publish pattern; bot has 403 approved packages and 1528-day history. ai
provenance missing-githead AI (provenance): Consequence of moving to vercel-release-bot CI/CD pipeline; not a security concern for this well-established Vercel package. ai
npm-metadata suspicious-initial-version AI (npm-metadata): The @ai-sdk monorepo uses 0.0.0 as a standard placeholder version across all its packages. This is a known pattern for this publisher, not a malicious signal. ai
source-diff large-new-source-files AI (source-diff): 40 new files reflect major version feature growth in a public GitHub monorepo; files are source maps, bundles, and TypeScript sources — no suspicious content. ai
maintainer-change maintainer-removed AI (maintainer-change): jaredpalmer stepping back from active SDK maintenance is consistent with known Vercel team changes; no compromise indicators. ai
source-diff source-size-tripled AI (source-diff): Size increase from v1.1.7 to v3.0.59 spans two major versions with substantial feature additions; no obfuscation or injection signals present. ai
maintainer-change maintainer-added AI (maintainer-change): New maintainers (matheuss, matt.straka) are Vercel engineers; publisher remains vercel-release-bot. Normal team evolution, not a takeover. ai
provenance no-provenance AI (provenance): vercel-release-bot is a well-established publisher with 1296 approved packages; lack of Sigstore provenance is not a meaningful risk signal here. ai
dependencies unvetted-dep:@ai-sdk/provider-utils AI (dependencies): @ai-sdk/provider-utils is a first-party Vercel AI SDK package from the same monorepo; stable false positive for this package. ai

Versions (showing 51 of 459)

Hide prereleases View all versions
Version Deps Published
3.0.81 2 / 6
3.0.80 2 / 6
3.0.79 2 / 6
3.0.78 2 / 6
3.0.77 2 / 6
3.0.76 2 / 6
3.0.75 2 / 6
3.0.74 2 / 6
3.0.73 2 / 6
3.0.72 2 / 6
3.0.71 2 / 6
3.0.70 2 / 6
3.0.69 2 / 6
3.0.68 2 / 6
3.0.67 2 / 6
3.0.66 2 / 6
3.0.65 2 / 6
3.0.64 2 / 6
3.0.63 2 / 6
3.0.62 2 / 6
3.0.61 2 / 6
3.0.60 2 / 6
3.0.59 2 / 6
3.0.58 2 / 6
3.0.57 2 / 6
3.0.56 2 / 6
3.0.55 2 / 6
3.0.54 2 / 6
3.0.53 2 / 6
3.0.52 2 / 6
3.0.51 2 / 6
3.0.50 2 / 6
3.0.49 2 / 6
3.0.48 2 / 6
3.0.47 2 / 6
3.0.46 2 / 6
3.0.45 2 / 6
3.0.44 2 / 6
3.0.43 2 / 6
3.0.42 2 / 6
3.0.41 2 / 6
3.0.40 2 / 6
3.0.39 2 / 6
3.0.38 2 / 6
3.0.37 2 / 6
3.0.36 2 / 6
3.0.35 2 / 6
3.0.34 2 / 6
3.0.33 2 / 6
3.0.32 2 / 6
3.0.31 2 / 6

v3.0.81

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.80

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.79

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.78

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.77

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.76

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.75

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.74

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.73

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.0.72

2 findings
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

INFO Publisher changed: vercel-release-bot → GitHub Actions (on 2026-04-29) provenance

[Accepted risk] This version was published by a different npm account than previous versions on 2026-04-29. This could indicate a legitimate maintainer transition or an account compromise.