@meistrari/tela-build — Greenflagged

Look at the [Nuxt 3 documentation](https://nuxt.com/docs/getting-started/introduction) to learn more.

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

0xthierryrjmunhozamorim33henrykunhrodrigo_lgczaghiianfiremanmatheusvellonethullyocunharenanllm

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	no-provenance	AI (provenance): Established package with 87 versions; no provenance is a process gap, not a security indicator for this package.	ai	2026/05/26
phantom-deps	phantom-dep:vue-input-otp	AI (phantom-deps): Consistent with this package's pattern of convention-loaded Nuxt deps; not directly imported but used via framework config.	ai	2026/05/22
phantom-deps	phantom-dep:@vueuse/components	AI (phantom-deps): VueUse component library; consistent with Nuxt/Vue ecosystem usage pattern in this package.	ai	2026/05/14
publish-pattern	new-deps-added	AI (publish-pattern): pdfjs-dist is a well-established Mozilla library; addition is benign for a UI component build package.	ai	2026/05/04
dependencies	unvetted-dep:@unocss/nuxt	AI (dependencies): @unocss/nuxt is a well-known UnoCSS Nuxt integration; no malicious indicators.	ai	2026/05/02
dependencies	unvetted-dep:@iconify-json/ph	AI (dependencies): @iconify-json/ph is a standard Iconify icon set; no malicious indicators.	ai	2026/05/02
phantom-deps	phantom-dep:@nuxt/fonts	AI (phantom-deps): Nuxt convention-loaded module; not directly imported by design.	ai	2026/05/02
phantom-deps	phantom-dep:@unocss/nuxt	AI (phantom-deps): Nuxt module loaded via config convention, not direct import.	ai	2026/05/02
phantom-deps	phantom-dep:@floating-ui/vue	AI (phantom-deps): Declared in dependencies; UI utility used via convention.	ai	2026/04/28
phantom-deps	phantom-dep:@number-flow/vue	AI (phantom-deps): Declared in dependencies; used via convention.	ai	2026/04/28
phantom-deps	phantom-dep:tailwindcss-animate	AI (phantom-deps): Declared in dependencies; Tailwind plugin loaded via config.	ai	2026/04/28
phantom-deps	phantom-dep:import-in-the-middle	AI (phantom-deps): Declared in dependencies; Nuxt/Nitro instrumentation dep.	ai	2026/04/28
phantom-deps	phantom-dep:@internationalized/date	AI (phantom-deps): Declared in dependencies; used via convention in component library.	ai	2026/04/28
phantom-deps	phantom-dep:resize-observer-polyfill	AI (phantom-deps): Declared in dependencies; polyfill loaded via convention.	ai	2026/04/28
phantom-deps	phantom-dep:@internationalized/number	AI (phantom-deps): Declared in dependencies; used via convention.	ai	2026/04/28
phantom-deps	phantom-dep:@fontsource-variable/inter	AI (phantom-deps): Declared in dependencies; font loaded via CSS/config convention.	ai	2026/04/28
phantom-deps	phantom-dep:@fontsource-variable/geist-mono	AI (phantom-deps): Declared in dependencies; font loaded via CSS/config convention.	ai	2026/04/28
phantom-deps	phantom-dep:@iconify-json/ph	AI (phantom-deps): Declared in dependencies; icon set loaded by Nuxt icon module.	ai	2026/04/28
phantom-deps	phantom-dep:gsap	AI (phantom-deps): Declared in dependencies; used via config/convention in Nuxt layer, not direct import.	ai	2026/04/28
phantom-deps	phantom-dep:motion	AI (phantom-deps): Declared in dependencies; used via config/convention in Nuxt layer.	ai	2026/04/28
phantom-deps	phantom-dep:nitropack	AI (phantom-deps): Declared in dependencies; Nuxt framework peer, loaded by convention.	ai	2026/04/28
phantom-deps	phantom-dep:vue-router	AI (phantom-deps): Standard Nuxt peer dependency, loaded by framework convention.	ai	2026/04/28
phantom-deps	phantom-dep:number-flow	AI (phantom-deps): Declared in dependencies; used via config/convention.	ai	2026/04/28
phantom-deps	phantom-dep:@vueuse/core	AI (phantom-deps): Declared in dependencies; standard VueUse usage in Nuxt layer.	ai	2026/04/28
phantom-deps	phantom-dep:lucide-vue-next	AI (phantom-deps): Declared in dependencies; icon library used via convention.	ai	2026/04/28
install-scripts	install-script:postinstall	AI (install-scripts): nuxt prepare is a standard Nuxt type-generation command; benign and expected for Nuxt-based packages.	ai	2026/04/28
phantom-deps	phantom-dep:typescript	AI (phantom-deps): Used by nuxt prepare and ts-morph tooling; config-level reference is expected.	ai	2026/04/28
phantom-deps	phantom-dep:motion-v	AI (phantom-deps): Referenced in config files; phantom-dep heuristic false positive for this Nuxt package.	ai	2026/04/28
phantom-deps	phantom-dep:radix-vue	AI (phantom-deps): Vue component library referenced in config; phantom-dep heuristic false positive for this package.	ai	2026/04/28
phantom-deps	phantom-dep:@nuxtjs/tailwindcss	AI (phantom-deps): Nuxt module loaded by convention, not direct import.	ai	2026/04/28
phantom-deps	phantom-dep:@nuxtjs/color-mode	AI (phantom-deps): Nuxt module loaded by convention, not direct import.	ai	2026/04/28
phantom-deps	phantom-dep:@vueuse/nuxt	AI (phantom-deps): Nuxt module loaded by convention, not direct import.	ai	2026/04/28
phantom-deps	phantom-dep:@nuxt/icon	AI (phantom-deps): Framework-scoped Nuxt module loaded by convention, not direct import.	ai	2026/04/28