@dexterai/opendexter
OpenDexter - x402 search and discovery layer for AI agents. Search the OpenDexter catalog, check pricing, and pay with automatic USDC settlement.
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Declared as peer/transitive dep in a monorepo; phantom-dep heuristic fires on config-only references. | ai | |
| phantom-deps | phantom-dep:bs58 | AI (phantom-deps): Same pattern — referenced in config, not a direct import in analyzed entry points. | ai | |
| phantom-deps | phantom-dep:chalk | AI (phantom-deps): CLI utility dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:yargs | AI (phantom-deps): CLI arg parsing dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:ethers | AI (phantom-deps): EVM payments dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:tweetnacl | AI (phantom-deps): Crypto dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@x402/core | AI (phantom-deps): Core x402 protocol dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@clack/prompts | AI (phantom-deps): CLI UI dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@dexterai/x402 | AI (phantom-deps): Same-org dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@solana/web3.js | AI (phantom-deps): Solana integration dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@x402/extensions | AI (phantom-deps): x402 extensions dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@solana/spl-token | AI (phantom-deps): Solana token dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@dexterai/x402-core | AI (phantom-deps): Same-org dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@dexterai/dextercard | AI (phantom-deps): Same-org dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@dexterai/x402-mcp-tools | AI (phantom-deps): Same-org dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@modelcontextprotocol/sdk | AI (phantom-deps): MCP SDK dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@dexterai/mcp-instructions | AI (phantom-deps): Same-org dep; phantom-dep fires on config references. | ai | |
| phantom-deps | phantom-dep:@modelcontextprotocol/ext-apps | AI (phantom-deps): MCP ext-apps dep; phantom-dep fires on config references. | ai |
Versions (showing 37 of 37)
| Version | Deps | Published |
|---|---|---|
| 1.16.0 | 19 / 6 | |
| 1.15.0 | 19 / 6 | |
| 1.14.2 | 19 / 6 | |
| 1.14.1 | 19 / 6 | |
| 1.14.0 | 19 / 6 | |
| 1.13.7 | 19 / 6 | |
| 1.13.6 | 19 / 6 | |
| 1.13.5 | 19 / 6 | |
| 1.13.4 | 19 / 6 | |
| 1.13.3 | 19 / 6 | |
| 1.13.2 | 19 / 6 | |
| 1.13.1 | 19 / 6 | |
| 1.13.0 | 19 / 6 | |
| 1.12.1 | 19 / 6 | |
| 1.12.0 | 19 / 6 | |
| 1.11.0 | 19 / 6 | |
| 1.10.0 | 19 / 6 | |
| 1.9.0 | 19 / 6 | |
| 1.8.1 | 19 / 6 | |
| 1.8.0 | 19 / 6 | |
| 1.7.2 | 17 / 6 | |
| 1.7.1 | 16 / 6 | |
| 1.7.0 | 16 / 6 | |
| 1.6.0 | 16 / 6 | |
| 1.5.0 | 16 / 6 | |
| 1.4.0 | 15 / 6 | |
| 1.3.3 | 15 / 6 | |
| 1.3.2 | 15 / 6 | |
| 1.3.1 | 15 / 6 | |
| 1.3.0 | 14 / 6 | |
| 1.2.1 | 14 / 6 | |
| 1.2.0 | 14 / 6 | |
| 1.1.3 | 14 / 6 | |
| 1.1.2 | 13 / 6 | |
| 1.1.0 | 8 / 6 | |
| 1.0.1 | 8 / 6 | |
| 1.0.0 | 8 / 6 |
v1.16.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.15.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.14.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.14.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.14.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.12.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.12.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.11.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.8.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.8.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.4.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.2.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.