@vercel/agent-eval
Framework for testing AI coding agents in isolated sandboxes
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| email-domain | unclaimed-email:magic.io | AI (email-domain): Package is @vercel-scoped with SLSA provenance via CI; email domain risk is mitigated by strong supply chain attestation. | ai | |
| phantom-deps | phantom-dep:ai | AI (phantom-deps): ai is a peer/optional dep for an AI eval framework; not directly imported in library code is expected. | ai | |
| phantom-deps | phantom-dep:glob | AI (phantom-deps): glob is legitimately declared and referenced in config; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@ai-sdk/anthropic | AI (phantom-deps): @ai-sdk/anthropic is legitimately declared and referenced in config; stable false positive for this package. | ai | |
| dependencies | unvetted-dep:dockerode | AI (dependencies): dockerode is a well-known Docker API client; its use is appropriate for a sandbox/agent-eval framework. Not a security concern. | ai | |
| dependencies | unvetted-dep:@vercel/sandbox | AI (dependencies): @vercel/sandbox is a first-party Vercel package appropriate for this framework's purpose of running agents in isolated sandboxes. | ai | |
| provenance | slsa-provenance | AI (provenance): Package consistently published with SLSA provenance via Vercel's CI/CD pipeline; this is a stable positive signal for this package. | ai |
Versions (showing 45 of 45)
| Version | Deps | Published |
|---|---|---|
| 0.14.4 | 14 / 8 | |
| 0.14.3 | 14 / 8 | |
| 0.14.2 | 14 / 8 | |
| 0.14.1 | 14 / 8 | |
| 0.14.0 | 14 / 8 | |
| 0.13.1 | 14 / 8 | |
| 0.13.0 | 14 / 8 | |
| 0.12.1 | 14 / 8 | |
| 0.12.0 | 14 / 8 | |
| 0.11.0 | 14 / 8 | |
| 0.10.1 | 14 / 8 | |
| 0.10.0 | 14 / 8 | |
| 0.9.5 | 14 / 8 | |
| 0.9.4 | 14 / 8 | |
| 0.9.3 | 14 / 8 | |
| 0.9.2 | 14 / 8 | |
| 0.9.1 | 14 / 8 | |
| 0.9.0 | 14 / 8 | |
| 0.8.0 | 14 / 8 | |
| 0.7.1 | 13 / 8 | |
| 0.7.0 | 13 / 8 | |
| 0.6.2 | 13 / 8 | |
| 0.6.1 | 13 / 8 | |
| 0.6.0 | 13 / 8 | |
| 0.5.0 | 13 / 8 | |
| 0.4.1 | 12 / 8 | |
| 0.4.0 | 12 / 8 | |
| 0.3.2 | 12 / 8 | |
| 0.3.1 | 12 / 8 | |
| 0.3.0 | 12 / 8 | |
| 0.2.0 | 12 / 8 | |
| 0.1.0 | 12 / 8 | |
| 0.0.15 | 11 / 8 | |
| 0.0.14 | 11 / 8 | |
| 0.0.13 | 11 / 8 | |
| 0.0.12 | 10 / 8 | |
| 0.0.11 | 10 / 10 | |
| 0.0.9 | 10 / 8 | |
| 0.0.8 | 10 / 8 | |
| 0.0.6 | 10 / 8 | |
| 0.0.5 | 10 / 8 | |
| 0.0.4 | 8 / 6 | |
| 0.0.3 | 8 / 6 | |
| 0.0.2 | 8 / 6 | |
| 0.0.1 | 8 / 6 |
v0.14.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.2
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.1
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.0
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.1
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.0
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.2
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.1
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.0
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.0
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.15
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.14
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.13
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.12
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.11
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.9
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.8
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.6
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.5
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.4
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.3
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.2
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.1
2 findingsMaintainer email '[email protected]' uses domain 'magic.io' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.