@massu/core
AI Engineering Governance MCP Server - Session memory, knowledge system, feature registry, code intelligence, rule enforcement, tiered tooling (12 free / 72 total), 55+ workflow commands, 11 agents, 20+ patterns
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:base64-decode | AI (semgrep): Used in adapter-verifier.ts to decode a manifest for NaCl signature verification — legitimate crypto use. | ai | |
| phantom-deps | phantom-dep:tar | AI (phantom-deps): Declared dep used indirectly via build scripts; stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:vscode-languageserver-protocol | AI (phantom-deps): LSP protocol types likely used via type imports only; stable false positive for this package. | ai | |
| source-diff | net-exec-file:dist/cli.js | AI (source-diff): dist/cli.js is an esbuild-bundled CLI binary declared in package.json bin field; network+exec pattern is from bundled MCP server code, not malware. | ai | |
| typosquat | typosquat.levenshtein:cors | AI (typosquat): @massu/core is a scoped AI governance package, not a typosquat of cors; name collision is coincidental. | ai | |
| semgrep | semgrep:etc-passwd-access | AI (semgrep): Findings are in a security-gate blocklist that detects dangerous patterns, not code that accesses /etc/passwd. | ai |
Versions (showing 51 of 58)
| Version | Deps | Published |
|---|---|---|
| 1.15.0 | 15 / 6 | |
| 1.14.0 | 15 / 6 | |
| 1.13.1 | 15 / 6 | |
| 1.13.0 | 15 / 6 | |
| 1.12.2 | 15 / 6 | |
| 1.12.1 | 15 / 6 | |
| 1.12.0 | 15 / 6 | |
| 1.10.8 | 17 / 6 | |
| 1.10.6 | 17 / 6 | |
| 1.10.5 | 17 / 6 | |
| 1.10.4 | 17 / 6 | |
| 1.10.3 | 17 / 6 | |
| 1.10.2 | 17 / 6 | |
| 1.10.1 | 17 / 6 | |
| 1.10.0 | 17 / 6 | |
| 1.9.5 | 17 / 6 | |
| 1.9.3 | 17 / 6 | |
| 1.9.2 | 17 / 6 | |
| 1.9.1 | 17 / 6 | |
| 1.9.0 | 17 / 6 | |
| 1.8.0 | 17 / 6 | |
| 1.7.0 | 17 / 6 | |
| 1.6.3 | 17 / 6 | |
| 1.6.2 | 17 / 6 | |
| 1.6.1 | 17 / 6 | |
| 1.6.0 | 17 / 6 | |
| 1.5.8 | 12 / 6 | |
| 1.5.7 | 12 / 6 | |
| 1.5.6 | 12 / 6 | |
| 1.5.5 | 12 / 6 | |
| 1.5.4 | 12 / 6 | |
| 1.5.3 | 12 / 6 | |
| 1.5.2 | 12 / 6 | |
| 1.5.1 | 12 / 6 | |
| 1.5.0 | 12 / 6 | |
| 1.4.0 | 12 / 6 | |
| 1.3.0 | 6 / 5 | |
| 1.2.1 | 6 / 5 | |
| 1.2.0 | 6 / 5 | |
| 1.1.0 | 6 / 5 | |
| 1.0.0 | 6 / 5 | |
| 0.9.2 | 3 / 5 | |
| 0.9.1 | 3 / 5 | |
| 0.9.0 | 3 / 5 | |
| 0.8.1 | 3 / 5 | |
| 0.8.0 | 3 / 5 | |
| 0.7.0 | 3 / 5 | |
| 0.6.3 | 3 / 5 | |
| 0.6.2 | 3 / 5 | |
| 0.6.1 | 3 / 5 | |
| 0.6.0 | 3 / 5 |
v1.15.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.14.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.13.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.12.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.12.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.12.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.10.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.8.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.5.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.4.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.3.0
5 findingsPackage name '@massu/core' is 1 edit(s) away from popular package 'cors'.
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/massu-ai/massu/blob/f73ae1706478546fe8a81d0b52d2dd743a94da7a/src/hooks/security-gate.ts#L34 32 | { pattern: /chmod\s+777/, label: 'chmod 777 (world-writable permissions)' }, 33 | { pattern: /chmod\s+-R\s+777/, label: 'chmod -R 777 (world-writable permissions)' }, > 34 | { pattern: />\s*\/etc\/passwd/, label: 'write to /etc/passwd' }, 35 | { pattern: />\s*\/etc\/shadow/, label: 'write to /etc/shadow' }, 36 | { pattern: />\s*\/etc\/sudoers/, label: 'write to /etc/sudoers' },
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/massu-ai/massu/blob/f73ae1706478546fe8a81d0b52d2dd743a94da7a/src/hooks/security-gate.ts#L35 33 | { pattern: /chmod\s+-R\s+777/, label: 'chmod -R 777 (world-writable permissions)' }, 34 | { pattern: />\s*\/etc\/passwd/, label: 'write to /etc/passwd' }, > 35 | { pattern: />\s*\/etc\/shadow/, label: 'write to /etc/shadow' }, 36 | { pattern: />\s*\/etc\/sudoers/, label: 'write to /etc/sudoers' }, 37 | { pattern: /dd\s+if=.*of=\/dev\/(?:sda|sdb|hda|hdb|nvme)/, label: 'dd to raw device' },
Accessing /etc/passwd or /etc/shadow — credential harvesting on Linux Source: https://github.com/massu-ai/massu/blob/f73ae1706478546fe8a81d0b52d2dd743a94da7a/src/security-utils.ts#L12 10 | /** 11 | * Ensure a resolved file path stays within the project root. > 12 | * Prevents path traversal attacks via `../../etc/passwd` style inputs. 13 | * 14 | * @returns The resolved absolute path if safe
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.6.0
2 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.