← Home

@polygonlabs/agent-cli

npm Repository Homepage

CLI + Agent Skills for building on-chain agents on Polygon

11
Versions
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

devops-polygon.technologymtwardzickimaximushaximustoniramirezmitatatajn-polygoncorbanshan8851yigitergoran.rojovicvojtechvitekstefan.negovanovictaylanpincembondargrajat90little_farmerpy-zoid

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
maintainer-change maintainer-added AI (maintainer-change): Package published via CI/CD with SLSA provenance under official 0xPolygon org; team expansion is expected for an active project. ai
phantom-deps phantom-dep:@noble/curves AI (phantom-deps): Likely transitive/config dependency for crypto operations; stable for this package. ai
phantom-deps phantom-dep:@noble/hashes AI (phantom-deps): Likely transitive/config dependency for crypto operations; stable for this package. ai
phantom-deps phantom-dep:@noble/ciphers AI (phantom-deps): Likely transitive/config dependency for crypto operations; stable for this package. ai
dependencies unvetted-dep:ethers5 AI (dependencies): ethers5 is a well-known alias for ethers v5; standard pattern in Web3 projects needing dual ethers versions. ai
phantom-deps phantom-dep:@0xsequence/builder AI (phantom-deps): Part of 0xsequence suite; declared dep, stable false positive for this package. ai
phantom-deps phantom-dep:@0xsequence/relayer AI (phantom-deps): Part of 0xsequence suite; declared dep, stable false positive for this package. ai
phantom-deps phantom-dep:dotenv AI (phantom-deps): CLI tool; dotenv declared for config, may be loaded conditionally or transitively. ai
phantom-deps phantom-dep:@0xsequence/wallet-core AI (phantom-deps): Part of 0xsequence suite; declared dep, stable false positive for this package. ai
phantom-deps phantom-dep:@0xsequence/wallet-primitives AI (phantom-deps): Part of 0xsequence suite; declared dep, stable false positive for this package. ai
phantom-deps phantom-dep:@0xsequence/wallet-wdk AI (phantom-deps): Part of 0xsequence suite; declared dep, stable false positive for this package. ai
phantom-deps phantom-dep:tweetnacl AI (phantom-deps): Crypto utility declared as dep; likely used indirectly or conditionally in CLI. ai
phantom-deps phantom-dep:@x402/core AI (phantom-deps): Declared dep in package.json; phantom-dep heuristic false positive for this package. ai
phantom-deps phantom-dep:@0xsequence/abi AI (phantom-deps): Part of 0xsequence suite; declared dep, stable false positive for this package. ai
phantom-deps phantom-dep:@0xsequence/api AI (phantom-deps): Part of 0xsequence suite; declared dep, stable false positive for this package. ai

Versions (showing 11 of 11)

Version Deps Published
0.11.0 31 / 4
0.10.4 31 / 4
0.10.2 31 / 4
0.9.5 32 / 4
0.9.0 32 / 4
0.8.0 32 / 4
0.7.2 32 / 4
0.7.0 33 / 2
0.3.0 25 / 1
0.2.2 21 / 1
0.2.1 21 / 1

v0.11.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.4

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.5

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.7.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.0

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.2.1

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.