@framers/agentos
Modular AgentOS orchestration library
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | net-exec-file:dist/emergent/SandboxedToolForge.js | AI (source-diff): SandboxedToolForge is a documented sandboxing utility; net+exec combination is intentional and security-hardened. | ai | |
| source-diff | net-exec-file:dist/emergent/SandboxedToolForge.d.ts | AI (source-diff): Type declaration file for SandboxedToolForge; same rationale as the .js file — intentional sandbox design. | ai | |
| dependencies | unvetted-peer-dep:hnswlib-node | AI (dependencies): Peer dependency for optional vector search functionality; consumers control inclusion and vetting. | ai | |
| dependencies | unvetted-peer-dep:ppu-paddle-ocr | AI (dependencies): Peer dependency for optional OCR functionality; consumers control inclusion and vetting. | ai | |
| dependencies | unvetted-peer-dep:@framers/sql-storage-adapter | AI (dependencies): Peer dependency for optional SQL storage; marked optional in peerDependenciesMeta; consumers control inclusion. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Package is an AI orchestration library with many optional modules; large source file additions are expected with minor version bumps as new capabilities are added. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Legitimate orchestration library with active maintenance (263 versions, 5.7k weekly downloads). Spam signals are weak metadata heuristics; no malware indicators present. | ai | |
| dependencies | unvetted-dep:natural | AI (dependencies): natural is a well-established NLP library; its use is consistent with this package's NLP/orchestration purpose and poses no security risk. | ai | |
| phantom-deps | phantom-dep:openredaction | AI (phantom-deps): openredaction is declared in dependencies and referenced in config; phantom-dep flag is a minor packaging concern, not a security issue for this package. | ai | |
| provenance | no-provenance | AI (provenance): Established package with 263 versions and 5.7k weekly downloads; lack of provenance is common and not a security disqualifier for this package. | ai |
Versions (showing 100 of 401)
| Version | Deps | Published |
|---|---|---|
| 0.1.192 | 19 / 32 | |
| 0.1.191 | 19 / 32 | |
| 0.1.190 | 19 / 32 | |
| 0.1.189 | 19 / 32 | |
| 0.1.188 | 19 / 32 | |
| 0.1.187 | 19 / 32 | |
| 0.1.186 | 19 / 32 | |
| 0.1.185 | 19 / 32 | |
| 0.1.184 | 19 / 32 | |
| 0.1.183 | 19 / 32 | |
| 0.1.182 | 19 / 32 | |
| 0.1.181 | 19 / 32 | |
| 0.1.180 | 19 / 32 | |
| 0.1.179 | 19 / 32 | |
| 0.1.178 | 19 / 32 | |
| 0.1.177 | 19 / 32 | |
| 0.1.176 | 19 / 32 | |
| 0.1.175 | 19 / 32 | |
| 0.1.174 | 19 / 32 | |
| 0.1.173 | 19 / 32 | |
| 0.1.172 | 19 / 32 | |
| 0.1.171 | 19 / 32 | |
| 0.1.170 | 18 / 32 | |
| 0.1.169 | 18 / 32 | |
| 0.1.168 | 18 / 32 | |
| 0.1.167 | 18 / 32 | |
| 0.1.166 | 18 / 32 | |
| 0.1.165 | 18 / 32 | |
| 0.1.164 | 18 / 32 | |
| 0.1.163 | 18 / 32 | |
| 0.1.162 | 18 / 32 | |
| 0.1.161 | 18 / 32 | |
| 0.1.160 | 18 / 32 | |
| 0.1.159 | 18 / 32 | |
| 0.1.158 | 18 / 32 | |
| 0.1.157 | 18 / 32 | |
| 0.1.156 | 18 / 32 | |
| 0.1.155 | 18 / 32 | |
| 0.1.154 | 18 / 32 | |
| 0.1.153 | 18 / 32 | |
| 0.1.152 | 18 / 32 | |
| 0.1.151 | 18 / 32 | |
| 0.1.150 | 18 / 32 | |
| 0.1.149 | 18 / 32 | |
| 0.1.148 | 18 / 32 | |
| 0.1.147 | 18 / 32 | |
| 0.1.146 | 18 / 32 | |
| 0.1.145 | 18 / 32 | |
| 0.1.144 | 18 / 32 | |
| 0.1.143 | 18 / 32 | |
| 0.1.142 | 18 / 32 | |
| 0.1.141 | 18 / 32 | |
| 0.1.140 | 18 / 32 | |
| 0.1.139 | 18 / 32 | |
| 0.1.138 | 18 / 32 | |
| 0.1.137 | 18 / 32 | |
| 0.1.136 | 18 / 32 | |
| 0.1.135 | 18 / 32 | |
| 0.1.134 | 18 / 32 | |
| 0.1.133 | 18 / 32 | |
| 0.1.132 | 18 / 32 | |
| 0.1.131 | 18 / 31 | |
| 0.1.130 | 18 / 31 | |
| 0.1.129 | 18 / 31 | |
| 0.1.128 | 18 / 31 | |
| 0.1.127 | 18 / 30 | |
| 0.1.126 | 18 / 30 | |
| 0.1.125 | 18 / 30 | |
| 0.1.124 | 18 / 30 | |
| 0.1.123 | 18 / 30 | |
| 0.1.122 | 18 / 30 | |
| 0.1.121 | 18 / 30 | |
| 0.1.120 | 16 / 29 | |
| 0.1.119 | 16 / 28 | |
| 0.1.118 | 16 / 28 | |
| 0.1.117 | 16 / 28 | |
| 0.1.116 | 16 / 28 | |
| 0.1.115 | 16 / 28 | |
| 0.1.114 | 16 / 28 | |
| 0.1.113 | 16 / 28 | |
| 0.1.112 | 16 / 28 | |
| 0.1.111 | 16 / 28 | |
| 0.1.110 | 16 / 28 | |
| 0.1.109 | 16 / 28 | |
| 0.1.108 | 16 / 28 | |
| 0.1.107 | 16 / 28 | |
| 0.1.106 | 16 / 28 | |
| 0.1.105 | 16 / 28 | |
| 0.1.104 | 16 / 28 | |
| 0.1.103 | 16 / 28 | |
| 0.1.102 | 16 / 28 | |
| 0.1.101 | 12 / 27 | |
| 0.1.100 | 12 / 27 | |
| 0.1.99 | 12 / 27 | |
| 0.1.98 | 12 / 27 | |
| 0.1.97 | 12 / 27 | |
| 0.1.96 | 12 / 27 | |
| 0.1.95 | 12 / 27 | |
| 0.1.94 | 12 / 27 | |
| 0.1.93 | 12 / 27 |
v0.1.192
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.191
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.190
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.189
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.188
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.187
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.186
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.185
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.184
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.183
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.182
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.181
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.180
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.179
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.178
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.177
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.176
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.175
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.174
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.173
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.172
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.171
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.170
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.169
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.168
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.167
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.166
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.165
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.164
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.163
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.162
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.161
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.160
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.159
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.158
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.157
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.156
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.155
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.154
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.153
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.152
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.151
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.150
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.149
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.148
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.147
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.146
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.145
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.144
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.143
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.142
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.141
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.140
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.139
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.138
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.137
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.136
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.135
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.134
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.133
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.132
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.131
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.130
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.129
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.128
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.127
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.126
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.125
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.124
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.123
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.122
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.121
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.120
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.119
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.118
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.117
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.116
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.115
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.114
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.113
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.112
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.111
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.110
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.109
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.108
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.107
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.106
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.105
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.104
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.103
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.102
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.101
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.100
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.99
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.98
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.97
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.96
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.95
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.94
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.93
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.