@treeseed/agent No license 40 versions

@treeseed/agent

npm Repository Homepage

40

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

adrianwebb

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist/scripts/.ts-run-1778900516495-zut48am17ij.js	AI (source-diff): Temp build script artifact with readable TS/esbuild code; long lines from bundled output, not obfuscation.	ai	2026/05/28
source-diff	obfuscated-file:dist/scripts/.ts-run-1778896355021-i8m8hf11ewf.js	AI (source-diff): Temp esbuild artifact from TypeScript build pipeline; content is readable build tooling, not obfuscated malware.	ai	2026/05/28
source-diff	obfuscated-file:dist/scripts/.ts-run-1778885982330-pyljea0xcw.js	AI (source-diff): Temp build artifact with readable TS/esbuild source; long lines from bundled imports, not obfuscation.	ai	2026/05/28
source-diff	obfuscated-file:dist/scripts/.ts-run-1778898185074-1ea33s71v1k.js	AI (source-diff): Temp build artifact with readable TS/esbuild compilation code; long lines from bundled output, not obfuscation.	ai	2026/05/28
source-diff	obfuscated-file:dist/scripts/.ts-run-1778834868334-8jzs09l73w8.js	AI (source-diff): Bundled build/compile script (esbuild+TypeScript); long lines are minified tooling output, not obfuscation.	ai	2026/05/28
source-diff	obfuscated-file:dist/scripts/.ts-run-1778877303748-hc6e48x2ffd.js	AI (source-diff): Temp build script artifact with readable TS/esbuild source; long lines from bundled code, not obfuscation.	ai	2026/05/24
source-diff	obfuscated-file:dist/scripts/.ts-run-1778746587666-7bxejgk4f3v.js	AI (source-diff): Temp build script artifact with readable esbuild/TS source; long lines from bundled imports, not obfuscation.	ai	2026/05/23
source-diff	obfuscated-file:dist/scripts/.ts-run-1778693591073-99tjj8tk25a.js	AI (source-diff): Temp build artifact from ts-run tooling; readable esbuild/TS compilation code, not obfuscated malware.	ai	2026/05/14
source-diff	obfuscated-file:dist/scripts/.ts-run-1778729085748-ekoqe86s8nu.js	AI (source-diff): Temp ts-run build artifact with readable esbuild/TS tooling code; long lines from bundled output, not obfuscation.	ai	2026/05/14
source-diff	obfuscated-file:dist/scripts/.ts-run-1778570722415-o6vufmexc3.js	AI (source-diff): Bundled build tooling script (esbuild/tsc); long lines from bundling, not obfuscation. Readable source confirms benign content.	ai	2026/05/13
source-diff	obfuscated-file:dist/scripts/.ts-run-1778523718268-eg22qut2mk7.js	AI (source-diff): Bundled build script (esbuild output); readable source, not malicious obfuscation. Pattern will recur with each build.	ai	2026/05/13
source-diff	obfuscated-file:dist/scripts/.ts-run-1778487657087-47rihuztkz3.js	AI (source-diff): Temp esbuild bundle of build scripts; readable TS source, not obfuscated malware. Pattern is stable for this package.	ai	2026/05/13
source-diff	obfuscated-file:dist/scripts/.ts-run-1778474003306-tplfb7du22.js	AI (source-diff): Temp esbuild artifact with readable build-tool source; long lines from bundling, not obfuscation.	ai	2026/05/13

Versions (showing 40 of 40)

Version	Deps	Published
0.11.0	6 / 2	2026-06-12
0.10.21	6 / 2	2026-06-05
0.10.20	6 / 2	2026-06-04
0.10.19	6 / 2	2026-06-04
0.10.18	6 / 2	2026-06-02
0.10.17	6 / 2	2026-06-02
0.10.16	6 / 2	2026-05-28
0.10.15	6 / 2	2026-05-28
0.10.14	6 / 2	2026-05-28
0.10.13	6 / 2	2026-05-28
0.10.12	6 / 2	2026-05-28
0.10.11	6 / 2	2026-05-28
0.10.10	6 / 2	2026-05-27
0.10.9	6 / 2	2026-05-27
0.10.8	6 / 2	2026-05-27
0.10.7	6 / 2	2026-05-27
0.10.6	6 / 2	2026-05-24
0.10.5	6 / 2	2026-05-23
0.10.4	6 / 2	2026-05-23
0.10.3	6 / 2	2026-05-23
0.10.2	6 / 2	2026-05-22
0.10.1	6 / 2	2026-05-22
0.10.0	6 / 2	2026-05-21
0.9.3	6 / 2	2026-05-21
0.9.0	6 / 2	2026-05-19
0.8.19	6 / 2	2026-05-16
0.8.18	6 / 2	2026-05-16
0.8.17	6 / 2	2026-05-16
0.8.16	6 / 2	2026-05-15
0.8.15	6 / 2	2026-05-15
0.8.14	6 / 2	2026-05-15
0.8.13	6 / 2	2026-05-14
0.8.12	6 / 2	2026-05-14
0.8.11	6 / 2	2026-05-13
0.8.10	5 / 2	2026-05-13
0.8.9	5 / 2	2026-05-12
0.8.8	5 / 2	2026-05-11
0.8.7	5 / 2	2026-05-11
0.8.6	5 / 2	2026-05-11
0.8.5	5 / 2	2026-05-11

v0.11.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.21

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.20

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.19

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.18

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.17

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.16

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.15

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.14

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.13

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.12

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.11

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.10

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.9

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.8

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.6

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.4

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.10.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.19

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778900516495-zut48am17ij.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.18

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778898185074-1ea33s71v1k.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.17

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778896355021-i8m8hf11ewf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.16

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778885982330-pyljea0xcw.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.15

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778877303748-hc6e48x2ffd.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.14

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778834868334-8jzs09l73w8.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.13

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778746587666-7bxejgk4f3v.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.12

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778729085748-ekoqe86s8nu.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.11

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778693591073-99tjj8tk25a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.10

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.9

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778570722415-o6vufmexc3.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.8

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778523718268-eg22qut2mk7.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.7

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778487657087-47rihuztkz3.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.6

2 findings

HIGH New obfuscated file: dist/scripts/.ts-run-1778474003306-tplfb7du22.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.8.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.