@sanity/ailf
AI Literacy Framework - Evaluation tool for Sanity documentation
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| provenance | publisher-changed | AI (provenance): Transition from individual (gabe.wyatt) to org account (sanity-io) within @sanity scope; legitimate org consolidation. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): Org-level maintainer consolidation under sanity-io org account; not a takeover signal. | ai | |
| source-diff | obfuscated-file:dist/_vendor/ailf-shared/generated/help-content.js | AI (source-diff): Auto-generated help content with long lines from embedded markdown; not obfuscated code. | ai | |
| source-diff | net-exec-file:dist/agent-harness/assertions-runtime.js | AI (source-diff): Documented promptfoo assertion helper for test harness; execSync runs developer-authored task definitions, not remote code. | ai | |
| source-diff | net-exec-file:dist/agent-harness/assertions-runtime.d.ts | AI (source-diff): Type declaration file for the same assertion helper; no executable payload. | ai | |
| provenance | missing-githead | AI (provenance): Sanity-org package with clean diff and strong publisher history; gitHead absence is a CI config change, not a supply-chain indicator. | ai | |
| dependencies | unvetted-dep:@portabletext/markdown | AI (dependencies): @portabletext/markdown is the official Portable Text markdown library from the Sanity ecosystem; appropriate for this package. | ai | |
| dependencies | unvetted-dep:promptfoo | AI (dependencies): promptfoo is a well-known AI evaluation framework; its use is appropriate and expected for this AI Literacy Framework evaluation tool. | ai | |
| dependencies | unvetted-dep:dotenv-cli | AI (dependencies): dotenv-cli is a standard utility for loading .env files in CLI contexts; used in package.json scripts for promptfoo commands. | ai | |
| dependencies | unvetted-dep:@sanity/client | AI (dependencies): @sanity/client is the official Sanity.io client; expected dependency for a Sanity-scoped evaluation tool. | ai | |
| semgrep | semgrep:env-spread | AI (semgrep): env spread is used to pass parent environment to a child subprocess (execFileSync), a standard CLI pattern. No exfiltration; stable for this package. | ai | |
| phantom-deps | phantom-dep:dotenv-cli | AI (phantom-deps): dotenv-cli is used as a CLI wrapper in npm scripts (dotenv -e ... -- promptfoo), not imported directly. Expected usage pattern. | ai | |
| phantom-deps | phantom-dep:promptfoo | AI (phantom-deps): promptfoo is invoked as a CLI command in npm scripts, not imported directly. This is expected usage for a CLI orchestration tool. | ai |
Versions (showing 100 of 104)
| Version | Deps | Published |
|---|---|---|
| 7.4.1 | 14 / 10 | |
| 7.4.0 | 14 / 10 | |
| 7.3.1 | 14 / 10 | |
| 7.3.0 | 14 / 10 | |
| 7.2.3 | 14 / 10 | |
| 7.2.2 | 14 / 10 | |
| 7.2.1 | 14 / 10 | |
| 7.2.0 | 14 / 10 | |
| 7.1.2 | 14 / 10 | |
| 7.1.0 | 14 / 10 | |
| 7.0.1 | 14 / 10 | |
| 7.0.0 | 14 / 10 | |
| 6.1.2 | 14 / 10 | |
| 6.1.1 | 14 / 10 | |
| 6.1.0 | 14 / 10 | |
| 6.0.0 | 14 / 10 | |
| 5.0.0 | 14 / 10 | |
| 4.6.0 | 14 / 9 | |
| 4.5.0 | 14 / 9 | |
| 4.4.0 | 14 / 9 | |
| 4.3.1 | 14 / 9 | |
| 4.3.0 | 14 / 9 | |
| 4.2.0 | 13 / 9 | |
| 4.1.0 | 13 / 9 | |
| 4.0.7 | 13 / 8 | |
| 4.0.6 | 13 / 8 | |
| 4.0.5 | 13 / 8 | |
| 4.0.4 | 13 / 8 | |
| 4.0.3 | 13 / 8 | |
| 4.0.2 | 13 / 8 | |
| 4.0.1 | 13 / 8 | |
| 4.0.0 | 13 / 8 | |
| 3.9.0 | 13 / 8 | |
| 3.8.1 | 13 / 8 | |
| 3.8.0 | 13 / 7 | |
| 3.7.0 | 13 / 7 | |
| 3.6.0 | 13 / 7 | |
| 3.5.1 | 13 / 7 | |
| 3.5.0 | 13 / 7 | |
| 3.4.1 | 13 / 7 | |
| 3.4.0 | 13 / 7 | |
| 3.3.1 | 13 / 7 | |
| 3.3.0 | 13 / 7 | |
| 3.2.0 | 13 / 7 | |
| 3.1.1 | 13 / 7 | |
| 3.1.0 | 13 / 7 | |
| 3.0.0 | 13 / 7 | |
| 2.9.0 | 13 / 7 | |
| 2.8.0 | 13 / 7 | |
| 2.7.1 | 13 / 7 | |
| 2.7.0 | 13 / 7 | |
| 2.6.0 | 13 / 7 | |
| 2.5.0 | 13 / 7 | |
| 2.4.0 | 13 / 7 | |
| 2.3.3 | 12 / 7 | |
| 2.3.2 | 12 / 7 | |
| 2.3.1 | 12 / 7 | |
| 2.3.0 | 12 / 7 | |
| 2.2.0 | 12 / 7 | |
| 2.1.0 | 12 / 6 | |
| 2.0.2 | 12 / 6 | |
| 2.0.0 | 12 / 6 | |
| 1.0.0 | 11 / 7 | |
| 0.5.0 | 10 / 7 | |
| 0.4.1 | 10 / 7 | |
| 0.4.0 | 10 / 7 | |
| 0.3.1 | 10 / 7 | |
| 0.3.0 | 10 / 7 | |
| 0.2.0 | 10 / 7 | |
| 0.1.34 | 10 / 7 | |
| 0.1.33 | 10 / 7 | |
| 0.1.32 | 10 / 7 | |
| 0.1.31 | 10 / 7 | |
| 0.1.30 | 10 / 7 | |
| 0.1.29 | 10 / 7 | |
| 0.1.28 | 10 / 7 | |
| 0.1.27 | 10 / 7 | |
| 0.1.26 | 10 / 7 | |
| 0.1.25 | 10 / 7 | |
| 0.1.24 | 10 / 7 | |
| 0.1.23 | 10 / 7 | |
| 0.1.22 | 10 / 7 | |
| 0.1.21 | 10 / 7 | |
| 0.1.20 | 10 / 7 | |
| 0.1.19 | 10 / 7 | |
| 0.1.18 | 10 / 7 | |
| 0.1.17 | 10 / 7 | |
| 0.1.16 | 10 / 7 | |
| 0.1.15 | 10 / 7 | |
| 0.1.14 | 10 / 7 | |
| 0.1.13 | 10 / 7 | |
| 0.1.12 | 10 / 7 | |
| 0.1.11 | 10 / 7 | |
| 0.1.10 | 10 / 7 | |
| 0.1.9 | 10 / 7 | |
| 0.1.8 | 10 / 7 | |
| 0.1.7 | 10 / 7 | |
| 0.1.6 | 10 / 6 | |
| 0.1.5 | 10 / 6 | |
| 0.1.4 | 10 / 6 |
v7.4.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.4.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.3.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.3.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.2.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.2.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.2.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.2.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.1.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.1.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.0.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v7.0.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.1.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.1.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.1.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v6.0.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.6.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.5.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.4.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.3.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.3.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.2.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.1.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.0.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.8.0
2 findingsSpreading entire process.env into an object — may capture all secrets 47 | execFileSync("npx", ["tsx", tsSrc, ...args], { 48 | cwd: ROOT, > 49 | env: { 50 | ...process.env, 51 | AILF_CALLER_CWD: callerCwd,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.7.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.6.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.5.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.5.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.4.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.4.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.3.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.3.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.2.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.0.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.9.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.8.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.7.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.7.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.6.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.5.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.4.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.3.3
4 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: GitHub Actions.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.3.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.3.1
4 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: GitHub Actions.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.3.0
4 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: GitHub Actions.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.2.0
4 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: GitHub Actions.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2.0.2
2 findingsThis version was published by a different npm account than previous versions on 2026-04-13. This could indicate a legitimate maintainer transition or an account compromise.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2.0.0
2 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gabe.wyatt.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.0
2 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gabe.wyatt.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.5.0
2 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gabe.wyatt.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.1
2 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gabe.wyatt.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.0
2 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: gabe.wyatt.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.3.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.3.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.34
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.33
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.32
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.31
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.30
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.29
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.28
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.27
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.26
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.25
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.24
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.23
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.22
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.21
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.20
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.19
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.18
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.17
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.16
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.15
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.14
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.13
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.12
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.11
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.10
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.9
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.