@mariozechner/pi-coding-agent
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/modes/interactive/components/daxnuts.js | AI (source-diff): Hex-encoded 32x32 pixel art Easter egg, not obfuscated code. | ai | |
| source-diff | obfuscated-file:examples/extensions/doom-overlay/doom/build/doom.js | AI (source-diff): Emscripten-compiled WASM JS loader in examples dir; standard build artifact, not hand-obfuscated. | ai | |
| dependencies | unvetted-dep:@mariozechner/clipboard | AI (dependencies): Same-author, same-namespace package (@mariozechner/*) from a publisher with a clean track record. Clipboard utility is a natural dependency for a coding agent CLI. | ai | |
| phantom-deps | phantom-dep:glob | AI (phantom-deps): glob is explicitly declared as a runtime dependency in package.json; the phantom-dep finding is a false positive — it is used by the package even if not directly imported at the top level. | ai | |
| provenance | no-provenance | AI (provenance): Publisher has a clean track record; lack of provenance is common and not a risk signal for this package. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): uuid is a ubiquitous, well-vetted package; adding it as a dependency poses no supply-chain risk for this package. | ai | |
| semgrep | semgrep:steganography-image-eval | AI (semgrep): Flagged code reads a Doom WAD game data file (not steganographic image data) and loads it as a JS module. Legitimate example extension for a coding agent tool. | ai | |
| phantom-deps | phantom-dep:marked | AI (phantom-deps): marked is listed as a runtime dependency in package.json; phantom detection appears to be a false positive for this package. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): child_process used to invoke PowerShell for Windows toast notifications in notify.ts. Legitimate system notification functionality. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): IP 127.0.0.1 is localhost used as OAuth redirect URI for CLI OAuth PKCE flow — standard and expected pattern for CLI tools. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Base64 decoding of AI-generated image data written to disk. Standard image generation handling pattern, not a malicious payload. | ai | |
| semgrep | semgrep:new-function-constructor | AI (semgrep): new Function() used to dynamically load a pre-compiled Doom JS bundle in an example extension. Legitimate module loading pattern, not malicious code execution. | ai |
Versions (showing 100 of 219)
| Version | Deps | Published |
|---|---|---|
| 0.37.5 | 14 / 7 | |
| 0.37.4 | 14 / 7 | |
| 0.37.3 | 14 / 7 | |
| 0.37.2 | 13 / 7 | |
| 0.37.1 | 13 / 7 | |
| 0.37.0 | 13 / 7 | |
| 0.36.0 | 12 / 4 | |
| 0.35.0 | 12 / 4 | |
| 0.34.2 | 12 / 4 | |
| 0.34.1 | 12 / 4 | |
| 0.34.0 | 12 / 4 | |
| 0.33.0 | 12 / 4 | |
| 0.32.3 | 11 / 4 | |
| 0.32.2 | 11 / 4 | |
| 0.32.1 | 11 / 4 | |
| 0.32.0 | 11 / 4 | |
| 0.31.1 | 10 / 4 | |
| 0.31.0 | 10 / 4 | |
| 0.30.2 | 10 / 4 | |
| 0.30.1 | 10 / 4 | |
| 0.30.0 | 10 / 4 | |
| 0.29.1 | 10 / 4 | |
| 0.29.0 | 10 / 4 | |
| 0.28.0 | 10 / 4 | |
| 0.27.9 | 10 / 4 | |
| 0.27.8 | 10 / 4 | |
| 0.27.7 | 10 / 4 | |
| 0.27.6 | 10 / 4 | |
| 0.27.5 | 10 / 4 | |
| 0.27.4 | 9 / 4 | |
| 0.27.3 | 9 / 4 | |
| 0.27.2 | 9 / 4 | |
| 0.27.1 | 9 / 4 | |
| 0.27.0 | 9 / 4 | |
| 0.26.1 | 9 / 4 | |
| 0.26.0 | 9 / 4 | |
| 0.25.4 | 9 / 4 | |
| 0.25.3 | 9 / 4 | |
| 0.25.2 | 9 / 4 | |
| 0.25.1 | 9 / 4 | |
| 0.25.0 | 9 / 4 | |
| 0.24.5 | 9 / 4 | |
| 0.24.4 | 9 / 4 | |
| 0.24.3 | 9 / 4 | |
| 0.24.2 | 9 / 4 | |
| 0.24.1 | 9 / 4 | |
| 0.24.0 | 9 / 4 | |
| 0.23.5 | 9 / 4 | |
| 0.23.4 | 9 / 4 | |
| 0.23.3 | 8 / 4 | |
| 0.23.2 | 8 / 4 | |
| 0.23.1 | 7 / 4 | |
| 0.23.0 | 7 / 4 | |
| 0.22.5 | 7 / 4 | |
| 0.22.4 | 7 / 4 | |
| 0.22.3 | 7 / 4 | |
| 0.22.2 | 7 / 4 | |
| 0.22.1 | 7 / 4 | |
| 0.22.0 | 7 / 4 | |
| 0.21.0 | 7 / 4 | |
| 0.20.2 | 7 / 4 | |
| 0.20.1 | 7 / 4 | |
| 0.20.0 | 7 / 4 | |
| 0.19.2 | 7 / 4 | |
| 0.19.1 | 7 / 4 | |
| 0.19.0 | 7 / 4 | |
| 0.18.8 | 7 / 4 | |
| 0.18.7 | 7 / 4 | |
| 0.18.6 | 7 / 4 | |
| 0.18.5 | 7 / 4 | |
| 0.18.4 | 7 / 4 | |
| 0.18.3 | 7 / 4 | |
| 0.18.2 | 7 / 4 | |
| 0.18.1 | 7 / 4 | |
| 0.18.0 | 7 / 4 | |
| 0.17.0 | 6 / 4 | |
| 0.16.0 | 6 / 4 | |
| 0.15.0 | 6 / 4 | |
| 0.14.2 | 6 / 4 | |
| 0.14.1 | 6 / 4 | |
| 0.13.2 | 6 / 4 | |
| 0.13.1 | 6 / 4 | |
| 0.13.0 | 6 / 4 | |
| 0.12.15 | 6 / 4 | |
| 0.12.14 | 6 / 4 | |
| 0.12.13 | 6 / 4 | |
| 0.12.12 | 6 / 4 | |
| 0.12.11 | 6 / 4 | |
| 0.12.10 | 6 / 4 | |
| 0.12.9 | 6 / 4 | |
| 0.12.8 | 6 / 4 | |
| 0.12.7 | 6 / 4 | |
| 0.12.6 | 6 / 4 | |
| 0.12.5 | 6 / 4 | |
| 0.12.4 | 6 / 4 | |
| 0.12.3 | 6 / 4 | |
| 0.12.2 | 6 / 4 | |
| 0.12.1 | 6 / 4 | |
| 0.12.0 | 6 / 4 | |
| 0.11.6 | 6 / 4 |
v0.37.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.37.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.37.3
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.37.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.37.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.37.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.36.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.35.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.34.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.34.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.34.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.33.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.23.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.