@cafitac/hermit-agent No license 51 versions

@cafitac/hermit-agent

npm Repository Homepage

MCP executor for Claude Code or Codex with an npm-first launcher and cheaper local or flat-rate execution by default

51

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

cafitac

Keywords

claude-codecodexmcpmcp-servercoding-agentlocal-llmllm-routingtoken-savingscost-optimization

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
semgrep	semgrep:env-spread	AI (semgrep): Spreading process.env to pass environment to a child process with one added var is standard CLI launcher behavior, not a secret leak.	ai	2026/04/29

Versions (showing 51 of 63)

View all versions

Version	Deps	Published
0.3.76	22 / 8	2026-05-01
0.3.75	22 / 8	2026-05-01
0.3.74	22 / 8	2026-05-01
0.3.73	22 / 8	2026-05-01
0.3.72	22 / 8	2026-05-01
0.3.71	22 / 8	2026-05-01
0.3.70	22 / 8	2026-05-01
0.3.69	22 / 8	2026-05-01
0.3.68	22 / 8	2026-05-01
0.3.67	22 / 8	2026-05-01
0.3.66	22 / 8	2026-05-01
0.3.65	22 / 8	2026-05-01
0.3.64	22 / 8	2026-05-01
0.3.63	22 / 8	2026-05-01
0.3.62	22 / 8	2026-05-01
0.3.61	22 / 8	2026-05-01
0.3.60	22 / 8	2026-05-01
0.3.59	22 / 8	2026-05-01
0.3.58	22 / 8	2026-04-27
0.3.57	22 / 8	2026-04-27
0.3.56	22 / 8	2026-04-27
0.3.55	22 / 8	2026-04-27
0.3.54	22 / 8	2026-04-27
0.3.53	22 / 8	2026-04-27
0.3.52	22 / 8	2026-04-27
0.3.51	22 / 8	2026-04-27
0.3.50	22 / 8	2026-04-27
0.3.49	22 / 8	2026-04-27
0.3.48	22 / 8	2026-04-27
0.3.47	22 / 8	2026-04-27
0.3.46	22 / 8	2026-04-27
0.3.45	22 / 8	2026-04-27
0.3.44	22 / 8	2026-04-27
0.3.43	22 / 8	2026-04-27
0.3.42	22 / 8	2026-04-27
0.3.41	22 / 8	2026-04-27
0.3.40	22 / 8	2026-04-27
0.3.39	22 / 8	2026-04-27
0.3.38	22 / 8	2026-04-27
0.3.37	22 / 8	2026-04-27
0.3.36	22 / 8	2026-04-27
0.3.35	22 / 8	2026-04-27
0.3.34	22 / 8	2026-04-27
0.3.33	22 / 8	2026-04-27
0.3.32	22 / 8	2026-04-27
0.3.31	22 / 8	2026-04-26
0.3.30	22 / 8	2026-04-26
0.3.29	22 / 8	2026-04-26
0.3.28	22 / 8	2026-04-26
0.3.27	22 / 8	2026-04-26
0.3.26	22 / 8	2026-04-26

v0.3.76

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.75

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.74

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.73

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.72

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.71

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.70

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.69

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.68

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.67

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.66

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.65

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.64

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.63

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.62

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.61

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.60

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v0.3.59

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.