@mvpscale/aoa
Semantic compression for Claude and Gemini. O(1) indexed search resolves meaning, depth, and intent in under 5µs. Self-learning, single binary, zero config. 90%+ fewer tokens.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| typosquat | typosquat.levenshtein:koa | AI (typosquat): Scoped package @mvpscale/aoa is a distinct AI CLI tool, not a typosquat of koa. | ai | |
| typosquat | typosquat.levenshtein:got | AI (typosquat): 2-edit distance from 'got' is coincidental; package is a scoped AI CLI with clear identity. | ai | |
| typosquat | typosquat.levenshtein:joi | AI (typosquat): 2-edit distance from 'joi' is coincidental; package is a scoped AI CLI with clear identity. | ai | |
| typosquat | typosquat.levenshtein:zod | AI (typosquat): 2-edit distance from 'zod' is coincidental; package is a scoped AI CLI with clear identity. | ai | |
| typosquat | typosquat.levenshtein:ajv | AI (typosquat): 2-edit distance from 'ajv' is coincidental; package is a scoped AI CLI with clear identity. | ai | |
| install-scripts | install-script:postinstall | AI (install-scripts): postinstall selects platform-specific prebuilt binary from optional deps; standard pattern for native/Go CLI tools. | ai |
Versions (showing 9 of 9)
| Version | Deps | Published |
|---|---|---|
| 2.4.9 | 0 / 0 | |
| 2.4.6 | 0 / 0 | |
| 2.2.2 | 0 / 0 | |
| 2.2.0 | 0 / 0 | |
| 2.1.6 | 0 / 0 | |
| 2.1.2 | 0 / 0 | |
| 0.1.10 | 0 / 0 | |
| 0.1.5 | 0 / 0 | |
| 0.1.2 | 0 / 0 |
v2.4.9
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.4.6
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.2
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.0
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.6
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.2
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.10
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.5
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.2
3 findingsScript: node install.js
Package name '@mvpscale/aoa' is 1 edit(s) away from popular package 'koa'.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.