@browserbasehq/stagehand

An AI web browsing framework focused on simplicity and extensibility.

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

seanmcguire12kylejeongnosajzerofooldesaadiajmcquilkinmiguel_gbrowserz

Keywords

aibrowserautomationweb-scrapingtesting

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:pino-pretty	AI (phantom-deps): pino-pretty is a transport loaded at runtime by pino; not directly imported but required.	ai	2026/04/28
phantom-deps	phantom-dep:@langchain/openai	AI (phantom-deps): Optional integration dep; referenced in config/dynamic imports, not static imports.	ai	2026/04/28
provenance	publisher-changed	AI (provenance): Transition from desaadi to paul-klein-browserbase is an org-internal handoff within Browserbase; both are established accounts.	ai	2026/04/26
dependencies	unvetted-dep:anthropic	AI (dependencies): anthropic@^0.0.0 is declared but confirmed not directly imported (phantom-dep finding accepted). The real Anthropic SDK used is @anthropic-ai/sdk. This stub dependency poses no runtime risk for this package.	ai	2026/04/26
publish-pattern	new-deps-added	AI (publish-pattern): @browserbasehq/sdk is the organization's own first-party SDK; adding it to a Browserbase product is expected and low-risk.	ai	2026/04/24
maintainer-change	maintainer-added	AI (maintainer-change): Maintainer addition (anirudhkamath) appears to be a legitimate team change within the Browserbase org; publisher paul-klein-browserbase has strong track record and is the package author.	ai	2026/04/24
maintainer-change	maintainer-removed	AI (maintainer-change): Removal of three maintainers alongside an addition is consistent with team restructuring at Browserbase; no signs of hostile takeover.	ai	2026/04/24
phantom-deps	phantom-dep:anthropic	AI (phantom-deps): anthropic@^0.0.0 is a placeholder/stub dep; actual SDK is @anthropic-ai/sdk. Not directly imported — stable false positive for this package.	ai	2026/04/24
provenance	no-provenance	AI (provenance): Established package from known publisher; lack of provenance is common (~88% of npm) and not a risk signal here.	ai	2026/04/24
phantom-deps	phantom-dep:anthropic-ai	AI (phantom-deps): anthropic-ai is a compatibility shim, not directly imported. Stable false positive for this package.	ai	2026/04/24

Versions (showing 10 of 10)

Version	Deps	Published
3.3.0	15 / 16	2026-04-27
3.0.5	15 / 8	2025-11-24
1.3.0	6 / 15	2024-11-21
1.2.0	6 / 15	2024-11-19
1.1.2	6 / 15	2024-11-11
1.1.1	6 / 15	2024-11-10
1.1.0	6 / 15	2024-11-10
1.0.3	5 / 15	2024-11-01
1.0.2	5 / 15	2024-10-29
1.0.1	5 / 15	2024-10-29

v3.3.0

3 findings

HIGH Missing gitHead — previous versions had it provenance

This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: GitHub Actions.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

INFO Publisher changed: paul-klein-browserbase → GitHub Actions (on 2026-04-27) provenance

[Accepted risk] This version was published by a different npm account than previous versions on 2026-04-27. This could indicate a legitimate maintainer transition or an account compromise.

v3.0.5

2 findings

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

INFO Publisher changed: paul-klein-browserbase → seanmcguire12 (on 2025-11-24) provenance

[Accepted risk] This version was published by a different npm account than previous versions on 2025-11-24. This could indicate a legitimate maintainer transition or an account compromise.

v1.3.0

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.2.0

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.1.2

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.1.1

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.1.0

2 findings

HIGH Publisher changed: desaadi → paul-klein-browserbase (on 2024-11-10) provenance

This version was published by a different npm account than previous versions on 2024-11-10. This could indicate a legitimate maintainer transition or an account compromise.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.3

2 findings

HIGH Publisher changed: desaadi → paul-klein-browserbase (on 2024-11-01) provenance

This version was published by a different npm account than previous versions on 2024-11-01. This could indicate a legitimate maintainer transition or an account compromise.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.2

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.1

1 finding

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.