← Home

@anthropic-ai/claude-agent-sdk

npm Homepage

SDK for building AI agents with Claude Code's capabilities. Programmatically interact with Claude to build autonomous agents that can understand codebases, edit files, and execute workflows.

85
Versions
SEE LICENSE IN README.md
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

zak-anthropicdylanc-anthropicbenjmannnikhil-anthropicejlangev-antjv-anthropicollie-ant-2025packy-anthropicnoahz-anthropicsbidasariawolffiexigorkofmanfelixrieseberg-anthropicjoan-anthropic

Keywords

aiagentsdkclaudeanthropicautomationcode-generation

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:bridge.mjs AI (source-diff): Standard bundler output for bridge module; copyright header matches Anthropic; expected for SDK bundle. ai
source-diff net-exec-file:bridge.mjs AI (source-diff): Agent SDK bridge module legitimately requires network and execution capabilities; official Anthropic package. ai
source-diff obfuscated-file:browser-sdk.js AI (source-diff): browser-sdk.js is a legitimate bundled/minified browser entry point with Anthropic copyright header; standard for browser-targeted SDK bundles. ai
source-diff net-exec-file:browser-sdk.js AI (source-diff): Browser SDK bundle naturally contains network calls (API client) and dynamic code patterns from bundled validators (Ajv/Zod); not malicious. ai
semgrep semgrep:api-obfuscation-reflect AI (semgrep): Reflect.get() in minified SDK bundle is standard JavaScript bundler output; no malicious context. Stable false positive for this package. ai
semgrep semgrep:new-function-constructor AI (semgrep): Bundled AJV JSON schema validator uses new Function() for compiled validators — well-known pattern, not a risk. ai
semgrep semgrep:env-spread AI (semgrep): Standard pattern for spawning Claude Code subprocess with inherited environment. Expected for this SDK. ai
source-diff encoded-string-file:cli.js AI (source-diff): Bundled/minified CLI code with standard tool-parsing and utility logic; not obfuscated malicious payloads. Stable for this package. ai
npm-metadata bundled-binaries AI (npm-metadata): Bundled ripgrep and audio-capture binaries are expected for a code agent SDK needing fast search and audio input across platforms. Official Anthropic package. ai
source-diff encoded-string-file:bridge.mjs AI (source-diff): Bundled/minified SDK output containing git utility code. Standard for this package's build process. ai
source-diff encoded-string-file:assistant.mjs AI (source-diff): Bundled/minified SDK output containing inlined dependencies like mime-types. Standard for this package's build process. ai
provenance no-provenance AI (provenance): Established Anthropic package; no provenance is a minor gap, not a risk signal. ai

Versions (showing 85 of 185)

Version Deps Published
0.2.18 0 / 0
0.2.17 0 / 0
0.2.16 0 / 0
0.2.15 0 / 0
0.2.14 0 / 0
0.2.12 0 / 0
0.2.11 0 / 0
0.2.10 0 / 0
0.2.9 0 / 0
0.2.8 0 / 0
0.2.7 0 / 0
0.2.6 0 / 0
0.2.5 0 / 0
0.2.4 0 / 0
0.2.3 0 / 0
0.2.2 0 / 0
0.2.1 0 / 0
0.2.0 0 / 0
0.1.77 0 / 0
0.1.76 0 / 0
0.1.75 0 / 0
0.1.74 0 / 0
0.1.73 0 / 0
0.1.72 0 / 0
0.1.71 0 / 0
0.1.70 0 / 0
0.1.69 0 / 0
0.1.68 0 / 0
0.1.67 0 / 0
0.1.66 0 / 0
0.1.65 0 / 0
0.1.63 0 / 0
0.1.62 0 / 0
0.1.61 0 / 0
0.1.60 0 / 0
0.1.59 0 / 0
0.1.58 0 / 0
0.1.57 0 / 0
0.1.56 0 / 0
0.1.55 0 / 0
0.1.54 0 / 0
0.1.53 0 / 0
0.1.52 0 / 0
0.1.51 0 / 0
0.1.50 0 / 0
0.1.49 0 / 0
0.1.47 0 / 0
0.1.46 0 / 0
0.1.45 0 / 0
0.1.44 0 / 0
0.1.43 0 / 0
0.1.42 0 / 0
0.1.39 0 / 0
0.1.37 0 / 0
0.1.36 0 / 0
0.1.35 0 / 0
0.1.34 0 / 0
0.1.33 0 / 0
0.1.31 0 / 0
0.1.30 0 / 0
0.1.29 0 / 0
0.1.28 0 / 0
0.1.27 0 / 0
0.1.26 0 / 0
0.1.25 0 / 0
0.1.23 0 / 0
0.1.22 0 / 0
0.1.21 0 / 0
0.1.20 0 / 0
0.1.19 0 / 0
0.1.17 0 / 0
0.1.16 0 / 0
0.1.15 0 / 0
0.1.14 0 / 0
0.1.13 0 / 0
0.1.12 0 / 0
0.1.11 0 / 0
0.1.10 0 / 0
0.1.9 0 / 0
0.1.8 0 / 0
0.1.5 0 / 0
0.1.2 0 / 0
0.1.1 0 / 0
0.1.0 0 / 0
0.0.4 0 / 0

v0.2.18

2 findings
HIGH env-spread: sdk.mjs:55 semgrep

Spreading entire process.env into an object — may capture all secrets 53 | ]))`;continue}}if($.s&&Y[B]==="."){W+=G?`${Y[B]}\r 54 | `:`[${Y[B]}\r > 55 | ]`;continue}if(W+=Y[B],Y[B]==="\\")J=!0;else if(G&&Y[B]==="]")G=!1;else if(!G&&Y[B]==="[")G=!0}try{new RegExp(W)}catch{r 56 | `);else z7.streamInput(X);return z7}function l_(X){return V8(X)}function m_(X,Q){return zW(X,Q)}async function c_(X,Q){l

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.17

2 findings
HIGH env-spread: sdk.mjs:55 semgrep

Spreading entire process.env into an object — may capture all secrets 53 | ]))`;continue}}if($.s&&Y[B]==="."){W+=G?`${Y[B]}\r 54 | `:`[${Y[B]}\r > 55 | ]`;continue}if(W+=Y[B],Y[B]==="\\")J=!0;else if(G&&Y[B]==="]")G=!1;else if(!G&&Y[B]==="[")G=!0}try{new RegExp(W)}catch{r 56 | `);else z7.streamInput(X);return z7}function l_(X){return V8(X)}function m_(X,Q){return zW(X,Q)}async function c_(X,Q){l

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.16

2 findings
HIGH env-spread: sdk.mjs:55 semgrep

Spreading entire process.env into an object — may capture all secrets 53 | ]))`;continue}}if($.s&&Y[B]==="."){W+=G?`${Y[B]}\r 54 | `:`[${Y[B]}\r > 55 | ]`;continue}if(W+=Y[B],Y[B]==="\\")J=!0;else if(G&&Y[B]==="]")G=!1;else if(!G&&Y[B]==="[")G=!0}try{new RegExp(W)}catch{r 56 | `);else z7.streamInput(X);return z7}function l_(X){return V8(X)}function m_(X,Q){return zW(X,Q)}async function c_(X,Q){l

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.15

2 findings
HIGH env-spread: sdk.mjs:55 semgrep

Spreading entire process.env into an object — may capture all secrets 53 | ]))`;continue}}if($.s&&Y[B]==="."){W+=G?`${Y[B]}\r 54 | `:`[${Y[B]}\r > 55 | ]`;continue}if(W+=Y[B],Y[B]==="\\")J=!0;else if(G&&Y[B]==="]")G=!1;else if(!G&&Y[B]==="[")G=!0}try{new RegExp(W)}catch{r 56 | `);else z7.streamInput(X);return z7}function f_(X){return V8(X)}function u_(X,Q){return zW(X,Q)}async function l_(X,Q){l

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.14

3 findings
HIGH env-spread: sdk.mjs:7637 semgrep

Spreading entire process.env into an object — may capture all secrets 7635 | extraArgs = {}, 7636 | pathToClaudeCodeExecutable, > 7637 | env = { ...process.env }, 7638 | maxThinkingTokens, 7639 | maxTurns,

HIGH env-spread: sdk.mjs:21369 semgrep

Spreading entire process.env into an object — may capture all secrets 21367 | let processEnv = env; 21368 | if (!processEnv) { > 21369 | processEnv = { ...process.env }; 21370 | } 21371 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.12

3 findings
HIGH env-spread: sdk.mjs:7637 semgrep

Spreading entire process.env into an object — may capture all secrets 7635 | extraArgs = {}, 7636 | pathToClaudeCodeExecutable, > 7637 | env = { ...process.env }, 7638 | maxThinkingTokens, 7639 | maxTurns,

HIGH env-spread: sdk.mjs:21369 semgrep

Spreading entire process.env into an object — may capture all secrets 21367 | let processEnv = env; 21368 | if (!processEnv) { > 21369 | processEnv = { ...process.env }; 21370 | } 21371 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.11

3 findings
HIGH env-spread: sdk.mjs:7637 semgrep

Spreading entire process.env into an object — may capture all secrets 7635 | extraArgs = {}, 7636 | pathToClaudeCodeExecutable, > 7637 | env = { ...process.env }, 7638 | maxThinkingTokens, 7639 | maxTurns,

HIGH env-spread: sdk.mjs:21369 semgrep

Spreading entire process.env into an object — may capture all secrets 21367 | let processEnv = env; 21368 | if (!processEnv) { > 21369 | processEnv = { ...process.env }; 21370 | } 21371 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.10

3 findings
HIGH env-spread: sdk.mjs:7637 semgrep

Spreading entire process.env into an object — may capture all secrets 7635 | extraArgs = {}, 7636 | pathToClaudeCodeExecutable, > 7637 | env = { ...process.env }, 7638 | maxThinkingTokens, 7639 | maxTurns,

HIGH env-spread: sdk.mjs:21369 semgrep

Spreading entire process.env into an object — may capture all secrets 21367 | let processEnv = env; 21368 | if (!processEnv) { > 21369 | processEnv = { ...process.env }; 21370 | } 21371 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.9

3 findings
HIGH env-spread: sdk.mjs:7636 semgrep

Spreading entire process.env into an object — may capture all secrets 7634 | extraArgs = {}, 7635 | pathToClaudeCodeExecutable, > 7636 | env = { ...process.env }, 7637 | maxThinkingTokens, 7638 | maxTurns,

HIGH env-spread: sdk.mjs:21368 semgrep

Spreading entire process.env into an object — may capture all secrets 21366 | let processEnv = env; 21367 | if (!processEnv) { > 21368 | processEnv = { ...process.env }; 21369 | } 21370 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.8

3 findings
HIGH env-spread: sdk.mjs:7635 semgrep

Spreading entire process.env into an object — may capture all secrets 7633 | extraArgs = {}, 7634 | pathToClaudeCodeExecutable, > 7635 | env = { ...process.env }, 7636 | maxThinkingTokens, 7637 | maxTurns,

HIGH env-spread: sdk.mjs:21364 semgrep

Spreading entire process.env into an object — may capture all secrets 21362 | let processEnv = env; 21363 | if (!processEnv) { > 21364 | processEnv = { ...process.env }; 21365 | } 21366 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.7

3 findings
HIGH env-spread: sdk.mjs:7634 semgrep

Spreading entire process.env into an object — may capture all secrets 7632 | extraArgs = {}, 7633 | pathToClaudeCodeExecutable, > 7634 | env = { ...process.env }, 7635 | maxThinkingTokens, 7636 | maxTurns,

HIGH env-spread: sdk.mjs:21358 semgrep

Spreading entire process.env into an object — may capture all secrets 21356 | let processEnv = env; 21357 | if (!processEnv) { > 21358 | processEnv = { ...process.env }; 21359 | } 21360 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.6

3 findings
HIGH env-spread: sdk.mjs:7634 semgrep

Spreading entire process.env into an object — may capture all secrets 7632 | extraArgs = {}, 7633 | pathToClaudeCodeExecutable, > 7634 | env = { ...process.env }, 7635 | maxThinkingTokens, 7636 | maxTurns,

HIGH env-spread: sdk.mjs:21358 semgrep

Spreading entire process.env into an object — may capture all secrets 21356 | let processEnv = env; 21357 | if (!processEnv) { > 21358 | processEnv = { ...process.env }; 21359 | } 21360 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.5

3 findings
HIGH env-spread: sdk.mjs:7633 semgrep

Spreading entire process.env into an object — may capture all secrets 7631 | extraArgs = {}, 7632 | pathToClaudeCodeExecutable, > 7633 | env = { ...process.env }, 7634 | maxThinkingTokens, 7635 | maxTurns,

HIGH env-spread: sdk.mjs:21357 semgrep

Spreading entire process.env into an object — may capture all secrets 21355 | let processEnv = env; 21356 | if (!processEnv) { > 21357 | processEnv = { ...process.env }; 21358 | } 21359 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.4

3 findings
HIGH env-spread: sdk.mjs:7633 semgrep

Spreading entire process.env into an object — may capture all secrets 7631 | extraArgs = {}, 7632 | pathToClaudeCodeExecutable, > 7633 | env = { ...process.env }, 7634 | maxThinkingTokens, 7635 | maxTurns,

HIGH env-spread: sdk.mjs:21357 semgrep

Spreading entire process.env into an object — may capture all secrets 21355 | let processEnv = env; 21356 | if (!processEnv) { > 21357 | processEnv = { ...process.env }; 21358 | } 21359 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.3

3 findings
HIGH env-spread: sdk.mjs:7633 semgrep

Spreading entire process.env into an object — may capture all secrets 7631 | extraArgs = {}, 7632 | pathToClaudeCodeExecutable, > 7633 | env = { ...process.env }, 7634 | maxThinkingTokens, 7635 | maxTurns,

HIGH env-spread: sdk.mjs:21357 semgrep

Spreading entire process.env into an object — may capture all secrets 21355 | let processEnv = env; 21356 | if (!processEnv) { > 21357 | processEnv = { ...process.env }; 21358 | } 21359 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.2

3 findings
HIGH env-spread: sdk.mjs:7649 semgrep

Spreading entire process.env into an object — may capture all secrets 7647 | extraArgs = {}, 7648 | pathToClaudeCodeExecutable, > 7649 | env = { ...process.env }, 7650 | maxThinkingTokens, 7651 | maxTurns,

HIGH env-spread: sdk.mjs:21373 semgrep

Spreading entire process.env into an object — may capture all secrets 21371 | let processEnv = env; 21372 | if (!processEnv) { > 21373 | processEnv = { ...process.env }; 21374 | } 21375 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.1

3 findings
HIGH env-spread: sdk.mjs:7648 semgrep

Spreading entire process.env into an object — may capture all secrets 7646 | extraArgs = {}, 7647 | pathToClaudeCodeExecutable, > 7648 | env = { ...process.env }, 7649 | maxThinkingTokens, 7650 | maxTurns,

HIGH env-spread: sdk.mjs:21372 semgrep

Spreading entire process.env into an object — may capture all secrets 21370 | let processEnv = env; 21371 | if (!processEnv) { > 21372 | processEnv = { ...process.env }; 21373 | } 21374 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.2.0

3 findings
HIGH env-spread: sdk.mjs:7648 semgrep

Spreading entire process.env into an object — may capture all secrets 7646 | extraArgs = {}, 7647 | pathToClaudeCodeExecutable, > 7648 | env = { ...process.env }, 7649 | maxThinkingTokens, 7650 | maxTurns,

HIGH env-spread: sdk.mjs:21372 semgrep

Spreading entire process.env into an object — may capture all secrets 21370 | let processEnv = env; 21371 | if (!processEnv) { > 21372 | processEnv = { ...process.env }; 21373 | } 21374 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.77

3 findings
HIGH env-spread: sdk.mjs:7648 semgrep

Spreading entire process.env into an object — may capture all secrets 7646 | extraArgs = {}, 7647 | pathToClaudeCodeExecutable, > 7648 | env = { ...process.env }, 7649 | maxThinkingTokens, 7650 | maxTurns,

HIGH env-spread: sdk.mjs:21372 semgrep

Spreading entire process.env into an object — may capture all secrets 21370 | let processEnv = env; 21371 | if (!processEnv) { > 21372 | processEnv = { ...process.env }; 21373 | } 21374 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.76

3 findings
HIGH env-spread: sdk.mjs:13046 semgrep

Spreading entire process.env into an object — may capture all secrets 13044 | extraArgs = {}, 13045 | pathToClaudeCodeExecutable, > 13046 | env = { ...process.env }, 13047 | maxThinkingTokens, 13048 | maxTurns,

HIGH env-spread: sdk.mjs:26768 semgrep

Spreading entire process.env into an object — may capture all secrets 26766 | let processEnv = env; 26767 | if (!processEnv) { > 26768 | processEnv = { ...process.env }; 26769 | } 26770 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.75

3 findings
HIGH env-spread: sdk.mjs:13046 semgrep

Spreading entire process.env into an object — may capture all secrets 13044 | extraArgs = {}, 13045 | pathToClaudeCodeExecutable, > 13046 | env = { ...process.env }, 13047 | maxThinkingTokens, 13048 | maxTurns,

HIGH env-spread: sdk.mjs:26768 semgrep

Spreading entire process.env into an object — may capture all secrets 26766 | let processEnv = env; 26767 | if (!processEnv) { > 26768 | processEnv = { ...process.env }; 26769 | } 26770 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.74

3 findings
HIGH env-spread: sdk.mjs:13046 semgrep

Spreading entire process.env into an object — may capture all secrets 13044 | extraArgs = {}, 13045 | pathToClaudeCodeExecutable, > 13046 | env = { ...process.env }, 13047 | maxThinkingTokens, 13048 | maxTurns,

HIGH env-spread: sdk.mjs:26768 semgrep

Spreading entire process.env into an object — may capture all secrets 26766 | let processEnv = env; 26767 | if (!processEnv) { > 26768 | processEnv = { ...process.env }; 26769 | } 26770 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.73

3 findings
HIGH env-spread: sdk.mjs:13045 semgrep

Spreading entire process.env into an object — may capture all secrets 13043 | extraArgs = {}, 13044 | pathToClaudeCodeExecutable, > 13045 | env = { ...process.env }, 13046 | maxThinkingTokens, 13047 | maxTurns,

HIGH env-spread: sdk.mjs:26729 semgrep

Spreading entire process.env into an object — may capture all secrets 26727 | let processEnv = env; 26728 | if (!processEnv) { > 26729 | processEnv = { ...process.env }; 26730 | } 26731 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.72

3 findings
HIGH env-spread: sdk.mjs:13045 semgrep

Spreading entire process.env into an object — may capture all secrets 13043 | extraArgs = {}, 13044 | pathToClaudeCodeExecutable, > 13045 | env = { ...process.env }, 13046 | maxThinkingTokens, 13047 | maxTurns,

HIGH env-spread: sdk.mjs:26751 semgrep

Spreading entire process.env into an object — may capture all secrets 26749 | let processEnv = env; 26750 | if (!processEnv) { > 26751 | processEnv = { ...process.env }; 26752 | } 26753 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.71

3 findings
HIGH env-spread: sdk.mjs:13044 semgrep

Spreading entire process.env into an object — may capture all secrets 13042 | extraArgs = {}, 13043 | pathToClaudeCodeExecutable, > 13044 | env = { ...process.env }, 13045 | maxThinkingTokens, 13046 | maxTurns,

HIGH env-spread: sdk.mjs:26746 semgrep

Spreading entire process.env into an object — may capture all secrets 26744 | let processEnv = env; 26745 | if (!processEnv) { > 26746 | processEnv = { ...process.env }; 26747 | } 26748 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.70

3 findings
HIGH env-spread: sdk.mjs:7307 semgrep

Spreading entire process.env into an object — may capture all secrets 7305 | extraArgs = {}, 7306 | pathToClaudeCodeExecutable, > 7307 | env = { ...process.env }, 7308 | stderr, 7309 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:15261 semgrep

Spreading entire process.env into an object — may capture all secrets 15259 | let processEnv = env; 15260 | if (!processEnv) { > 15261 | processEnv = { ...process.env }; 15262 | } 15263 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.69

3 findings
HIGH env-spread: sdk.mjs:7305 semgrep

Spreading entire process.env into an object — may capture all secrets 7303 | extraArgs = {}, 7304 | pathToClaudeCodeExecutable, > 7305 | env = { ...process.env }, 7306 | stderr, 7307 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:15252 semgrep

Spreading entire process.env into an object — may capture all secrets 15250 | let processEnv = env; 15251 | if (!processEnv) { > 15252 | processEnv = { ...process.env }; 15253 | } 15254 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.68

3 findings
HIGH env-spread: sdk.mjs:7305 semgrep

Spreading entire process.env into an object — may capture all secrets 7303 | extraArgs = {}, 7304 | pathToClaudeCodeExecutable, > 7305 | env = { ...process.env }, 7306 | stderr, 7307 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:15252 semgrep

Spreading entire process.env into an object — may capture all secrets 15250 | let processEnv = env; 15251 | if (!processEnv) { > 15252 | processEnv = { ...process.env }; 15253 | } 15254 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.67

3 findings
HIGH env-spread: sdk.mjs:7305 semgrep

Spreading entire process.env into an object — may capture all secrets 7303 | extraArgs = {}, 7304 | pathToClaudeCodeExecutable, > 7305 | env = { ...process.env }, 7306 | stderr, 7307 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:15252 semgrep

Spreading entire process.env into an object — may capture all secrets 15250 | let processEnv = env; 15251 | if (!processEnv) { > 15252 | processEnv = { ...process.env }; 15253 | } 15254 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.66

3 findings
HIGH env-spread: sdk.mjs:7305 semgrep

Spreading entire process.env into an object — may capture all secrets 7303 | extraArgs = {}, 7304 | pathToClaudeCodeExecutable, > 7305 | env = { ...process.env }, 7306 | stderr, 7307 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:15252 semgrep

Spreading entire process.env into an object — may capture all secrets 15250 | let processEnv = env; 15251 | if (!processEnv) { > 15252 | processEnv = { ...process.env }; 15253 | } 15254 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.65

3 findings
HIGH env-spread: sdk.mjs:7305 semgrep

Spreading entire process.env into an object — may capture all secrets 7303 | extraArgs = {}, 7304 | pathToClaudeCodeExecutable, > 7305 | env = { ...process.env }, 7306 | stderr, 7307 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:15252 semgrep

Spreading entire process.env into an object — may capture all secrets 15250 | let processEnv = env; 15251 | if (!processEnv) { > 15252 | processEnv = { ...process.env }; 15253 | } 15254 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.63

4 findings
HIGH env-spread: sdk.mjs:7265 semgrep

Spreading entire process.env into an object — may capture all secrets 7263 | extraArgs = {}, 7264 | pathToClaudeCodeExecutable, > 7265 | env = { ...process.env }, 7266 | stderr, 7267 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8178 semgrep

Spreading entire process.env into an object — may capture all secrets 8176 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8177 | } > 8178 | const processEnv = { ...process.env }; 8179 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8180 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15202 semgrep

Spreading entire process.env into an object — may capture all secrets 15200 | let processEnv = env; 15201 | if (!processEnv) { > 15202 | processEnv = { ...process.env }; 15203 | } 15204 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.62

4 findings
HIGH env-spread: sdk.mjs:6504 semgrep

Spreading entire process.env into an object — may capture all secrets 6502 | extraArgs = {}, 6503 | pathToClaudeCodeExecutable, > 6504 | env = { ...process.env }, 6505 | stderr, 6506 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8132 semgrep

Spreading entire process.env into an object — may capture all secrets 8130 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8131 | } > 8132 | const processEnv = { ...process.env }; 8133 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8134 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15154 semgrep

Spreading entire process.env into an object — may capture all secrets 15152 | let processEnv = env; 15153 | if (!processEnv) { > 15154 | processEnv = { ...process.env }; 15155 | } 15156 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.61

4 findings
HIGH env-spread: sdk.mjs:6504 semgrep

Spreading entire process.env into an object — may capture all secrets 6502 | extraArgs = {}, 6503 | pathToClaudeCodeExecutable, > 6504 | env = { ...process.env }, 6505 | stderr, 6506 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8123 semgrep

Spreading entire process.env into an object — may capture all secrets 8121 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8122 | } > 8123 | const processEnv = { ...process.env }; 8124 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8125 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15145 semgrep

Spreading entire process.env into an object — may capture all secrets 15143 | let processEnv = env; 15144 | if (!processEnv) { > 15145 | processEnv = { ...process.env }; 15146 | } 15147 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.60

4 findings
HIGH env-spread: sdk.mjs:6504 semgrep

Spreading entire process.env into an object — may capture all secrets 6502 | extraArgs = {}, 6503 | pathToClaudeCodeExecutable, > 6504 | env = { ...process.env }, 6505 | stderr, 6506 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8123 semgrep

Spreading entire process.env into an object — may capture all secrets 8121 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8122 | } > 8123 | const processEnv = { ...process.env }; 8124 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8125 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15145 semgrep

Spreading entire process.env into an object — may capture all secrets 15143 | let processEnv = env; 15144 | if (!processEnv) { > 15145 | processEnv = { ...process.env }; 15146 | } 15147 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.59

4 findings
HIGH env-spread: sdk.mjs:6504 semgrep

Spreading entire process.env into an object — may capture all secrets 6502 | extraArgs = {}, 6503 | pathToClaudeCodeExecutable, > 6504 | env = { ...process.env }, 6505 | stderr, 6506 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8123 semgrep

Spreading entire process.env into an object — may capture all secrets 8121 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8122 | } > 8123 | const processEnv = { ...process.env }; 8124 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8125 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15145 semgrep

Spreading entire process.env into an object — may capture all secrets 15143 | let processEnv = env; 15144 | if (!processEnv) { > 15145 | processEnv = { ...process.env }; 15146 | } 15147 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.58

4 findings
HIGH env-spread: sdk.mjs:6504 semgrep

Spreading entire process.env into an object — may capture all secrets 6502 | extraArgs = {}, 6503 | pathToClaudeCodeExecutable, > 6504 | env = { ...process.env }, 6505 | stderr, 6506 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8123 semgrep

Spreading entire process.env into an object — may capture all secrets 8121 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8122 | } > 8123 | const processEnv = { ...process.env }; 8124 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8125 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15145 semgrep

Spreading entire process.env into an object — may capture all secrets 15143 | let processEnv = env; 15144 | if (!processEnv) { > 15145 | processEnv = { ...process.env }; 15146 | } 15147 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.57

4 findings
HIGH env-spread: sdk.mjs:6503 semgrep

Spreading entire process.env into an object — may capture all secrets 6501 | extraArgs = {}, 6502 | pathToClaudeCodeExecutable, > 6503 | env = { ...process.env }, 6504 | stderr, 6505 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8119 semgrep

Spreading entire process.env into an object — may capture all secrets 8117 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8118 | } > 8119 | const processEnv = { ...process.env }; 8120 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8121 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15140 semgrep

Spreading entire process.env into an object — may capture all secrets 15138 | let processEnv = env; 15139 | if (!processEnv) { > 15140 | processEnv = { ...process.env }; 15141 | } 15142 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.56

4 findings
HIGH env-spread: sdk.mjs:6487 semgrep

Spreading entire process.env into an object — may capture all secrets 6485 | extraArgs = {}, 6486 | pathToClaudeCodeExecutable, > 6487 | env = { ...process.env }, 6488 | stderr, 6489 | maxThinkingTokens,

HIGH env-spread: sdk.mjs:8089 semgrep

Spreading entire process.env into an object — may capture all secrets 8087 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8088 | } > 8089 | const processEnv = { ...process.env }; 8090 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8091 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15109 semgrep

Spreading entire process.env into an object — may capture all secrets 15107 | let processEnv = env; 15108 | if (!processEnv) { > 15109 | processEnv = { ...process.env }; 15110 | } 15111 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.55

4 findings
HIGH env-spread: sdk.mjs:6487 semgrep

Spreading entire process.env into an object — may capture all secrets 6485 | extraArgs = {}, 6486 | pathToClaudeCodeExecutable, > 6487 | env = { ...process.env }, 6488 | stderr, 6489 | customSystemPrompt,

HIGH env-spread: sdk.mjs:8093 semgrep

Spreading entire process.env into an object — may capture all secrets 8091 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8092 | } > 8093 | const processEnv = { ...process.env }; 8094 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8095 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15114 semgrep

Spreading entire process.env into an object — may capture all secrets 15112 | let processEnv = env; 15113 | if (!processEnv) { > 15114 | processEnv = { ...process.env }; 15115 | } 15116 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.54

4 findings
HIGH env-spread: sdk.mjs:6487 semgrep

Spreading entire process.env into an object — may capture all secrets 6485 | extraArgs = {}, 6486 | pathToClaudeCodeExecutable, > 6487 | env = { ...process.env }, 6488 | stderr, 6489 | customSystemPrompt,

HIGH env-spread: sdk.mjs:8093 semgrep

Spreading entire process.env into an object — may capture all secrets 8091 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8092 | } > 8093 | const processEnv = { ...process.env }; 8094 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8095 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15114 semgrep

Spreading entire process.env into an object — may capture all secrets 15112 | let processEnv = env; 15113 | if (!processEnv) { > 15114 | processEnv = { ...process.env }; 15115 | } 15116 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.53

4 findings
HIGH env-spread: sdk.mjs:6487 semgrep

Spreading entire process.env into an object — may capture all secrets 6485 | extraArgs = {}, 6486 | pathToClaudeCodeExecutable, > 6487 | env = { ...process.env }, 6488 | stderr, 6489 | customSystemPrompt,

HIGH env-spread: sdk.mjs:8093 semgrep

Spreading entire process.env into an object — may capture all secrets 8091 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8092 | } > 8093 | const processEnv = { ...process.env }; 8094 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8095 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15114 semgrep

Spreading entire process.env into an object — may capture all secrets 15112 | let processEnv = env; 15113 | if (!processEnv) { > 15114 | processEnv = { ...process.env }; 15115 | } 15116 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.52

4 findings
HIGH env-spread: sdk.mjs:6487 semgrep

Spreading entire process.env into an object — may capture all secrets 6485 | extraArgs = {}, 6486 | pathToClaudeCodeExecutable, > 6487 | env = { ...process.env }, 6488 | stderr, 6489 | customSystemPrompt,

HIGH env-spread: sdk.mjs:8093 semgrep

Spreading entire process.env into an object — may capture all secrets 8091 | pathToClaudeCodeExecutable = join4(dirname2, "cli.js"); 8092 | } > 8093 | const processEnv = { ...process.env }; 8094 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) { 8095 | processEnv.CLAUDE_CODE_ENTRYPOINT = "sdk-ts";

HIGH env-spread: sdk.mjs:15114 semgrep

Spreading entire process.env into an object — may capture all secrets 15112 | let processEnv = env; 15113 | if (!processEnv) { > 15114 | processEnv = { ...process.env }; 15115 | } 15116 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.51

3 findings
HIGH env-spread: sdk.mjs:6399 semgrep

Spreading entire process.env into an object — may capture all secrets 6397 | extraArgs = {}, 6398 | pathToClaudeCodeExecutable, > 6399 | env = { ...process.env }, 6400 | stderr, 6401 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14868 semgrep

Spreading entire process.env into an object — may capture all secrets 14866 | let processEnv = env; 14867 | if (!processEnv) { > 14868 | processEnv = { ...process.env }; 14869 | } 14870 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.50

3 findings
HIGH env-spread: sdk.mjs:6399 semgrep

Spreading entire process.env into an object — may capture all secrets 6397 | extraArgs = {}, 6398 | pathToClaudeCodeExecutable, > 6399 | env = { ...process.env }, 6400 | stderr, 6401 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14868 semgrep

Spreading entire process.env into an object — may capture all secrets 14866 | let processEnv = env; 14867 | if (!processEnv) { > 14868 | processEnv = { ...process.env }; 14869 | } 14870 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.49

3 findings
HIGH env-spread: sdk.mjs:6399 semgrep

Spreading entire process.env into an object — may capture all secrets 6397 | extraArgs = {}, 6398 | pathToClaudeCodeExecutable, > 6399 | env = { ...process.env }, 6400 | stderr, 6401 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14862 semgrep

Spreading entire process.env into an object — may capture all secrets 14860 | let processEnv = env; 14861 | if (!processEnv) { > 14862 | processEnv = { ...process.env }; 14863 | } 14864 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.47

3 findings
HIGH env-spread: sdk.mjs:6399 semgrep

Spreading entire process.env into an object — may capture all secrets 6397 | extraArgs = {}, 6398 | pathToClaudeCodeExecutable, > 6399 | env = { ...process.env }, 6400 | stderr, 6401 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14862 semgrep

Spreading entire process.env into an object — may capture all secrets 14860 | let processEnv = env; 14861 | if (!processEnv) { > 14862 | processEnv = { ...process.env }; 14863 | } 14864 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.46

3 findings
HIGH env-spread: sdk.mjs:6399 semgrep

Spreading entire process.env into an object — may capture all secrets 6397 | extraArgs = {}, 6398 | pathToClaudeCodeExecutable, > 6399 | env = { ...process.env }, 6400 | stderr, 6401 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14861 semgrep

Spreading entire process.env into an object — may capture all secrets 14859 | let processEnv = env; 14860 | if (!processEnv) { > 14861 | processEnv = { ...process.env }; 14862 | } 14863 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.45

3 findings
HIGH env-spread: sdk.mjs:6399 semgrep

Spreading entire process.env into an object — may capture all secrets 6397 | extraArgs = {}, 6398 | pathToClaudeCodeExecutable, > 6399 | env = { ...process.env }, 6400 | stderr, 6401 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14861 semgrep

Spreading entire process.env into an object — may capture all secrets 14859 | let processEnv = env; 14860 | if (!processEnv) { > 14861 | processEnv = { ...process.env }; 14862 | } 14863 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.44

3 findings
HIGH env-spread: sdk.mjs:6398 semgrep

Spreading entire process.env into an object — may capture all secrets 6396 | extraArgs = {}, 6397 | pathToClaudeCodeExecutable, > 6398 | env = { ...process.env }, 6399 | stderr, 6400 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14858 semgrep

Spreading entire process.env into an object — may capture all secrets 14856 | let processEnv = env; 14857 | if (!processEnv) { > 14858 | processEnv = { ...process.env }; 14859 | } 14860 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.43

3 findings
HIGH env-spread: sdk.mjs:6398 semgrep

Spreading entire process.env into an object — may capture all secrets 6396 | extraArgs = {}, 6397 | pathToClaudeCodeExecutable, > 6398 | env = { ...process.env }, 6399 | stderr, 6400 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14858 semgrep

Spreading entire process.env into an object — may capture all secrets 14856 | let processEnv = env; 14857 | if (!processEnv) { > 14858 | processEnv = { ...process.env }; 14859 | } 14860 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.42

3 findings
HIGH env-spread: sdk.mjs:6397 semgrep

Spreading entire process.env into an object — may capture all secrets 6395 | extraArgs = {}, 6396 | pathToClaudeCodeExecutable, > 6397 | env = { ...process.env }, 6398 | stderr, 6399 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14839 semgrep

Spreading entire process.env into an object — may capture all secrets 14837 | let processEnv = env; 14838 | if (!processEnv) { > 14839 | processEnv = { ...process.env }; 14840 | } 14841 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.39

3 findings
HIGH env-spread: sdk.mjs:6397 semgrep

Spreading entire process.env into an object — may capture all secrets 6395 | extraArgs = {}, 6396 | pathToClaudeCodeExecutable, > 6397 | env = { ...process.env }, 6398 | stderr, 6399 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14839 semgrep

Spreading entire process.env into an object — may capture all secrets 14837 | let processEnv = env; 14838 | if (!processEnv) { > 14839 | processEnv = { ...process.env }; 14840 | } 14841 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.37

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14813 semgrep

Spreading entire process.env into an object — may capture all secrets 14811 | let processEnv = env; 14812 | if (!processEnv) { > 14813 | processEnv = { ...process.env }; 14814 | } 14815 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.36

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14813 semgrep

Spreading entire process.env into an object — may capture all secrets 14811 | let processEnv = env; 14812 | if (!processEnv) { > 14813 | processEnv = { ...process.env }; 14814 | } 14815 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.35

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14813 semgrep

Spreading entire process.env into an object — may capture all secrets 14811 | let processEnv = env; 14812 | if (!processEnv) { > 14813 | processEnv = { ...process.env }; 14814 | } 14815 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.34

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14813 semgrep

Spreading entire process.env into an object — may capture all secrets 14811 | let processEnv = env; 14812 | if (!processEnv) { > 14813 | processEnv = { ...process.env }; 14814 | } 14815 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.33

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14807 semgrep

Spreading entire process.env into an object — may capture all secrets 14805 | let processEnv = env; 14806 | if (!processEnv) { > 14807 | processEnv = { ...process.env }; 14808 | } 14809 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.31

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14807 semgrep

Spreading entire process.env into an object — may capture all secrets 14805 | let processEnv = env; 14806 | if (!processEnv) { > 14807 | processEnv = { ...process.env }; 14808 | } 14809 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.30

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14807 semgrep

Spreading entire process.env into an object — may capture all secrets 14805 | let processEnv = env; 14806 | if (!processEnv) { > 14807 | processEnv = { ...process.env }; 14808 | } 14809 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.29

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14799 semgrep

Spreading entire process.env into an object — may capture all secrets 14797 | let processEnv = env; 14798 | if (!processEnv) { > 14799 | processEnv = { ...process.env }; 14800 | } 14801 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.28

3 findings
HIGH env-spread: sdk.mjs:6384 semgrep

Spreading entire process.env into an object — may capture all secrets 6382 | extraArgs = {}, 6383 | pathToClaudeCodeExecutable, > 6384 | env = { ...process.env }, 6385 | stderr, 6386 | customSystemPrompt,

HIGH env-spread: sdk.mjs:14799 semgrep

Spreading entire process.env into an object — may capture all secrets 14797 | let processEnv = env; 14798 | if (!processEnv) { > 14799 | processEnv = { ...process.env }; 14800 | } 14801 | if (!processEnv.CLAUDE_CODE_ENTRYPOINT) {

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.27

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.26

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.25

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.23

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.22

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.21

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.20

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.19

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.17

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.16

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.15

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.14

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.13

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.12

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.11

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.10

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.9

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.8

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.5

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.2

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.1

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.1.0

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v0.0.4

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.