@volue/wave-mcp
An MCP server that connects AI tools to the Wave Design System
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/index-BFbS1JvB.js | AI (source-diff): Minified output from pkgroll --minify build step; content is readable bundled source with no malicious patterns. | ai | |
| provenance | no-provenance | AI (provenance): Internal org package; provenance absence is consistent across the @volue scope. | ai | |
| source-diff | obfuscated-file:dist/index-x3YulsFz.js | AI (source-diff): Minified bundle output from pkgroll --minify; content is design-system UI code, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/index-D5eBIUwA.js | AI (source-diff): Minified output from pkgroll --minify build step; content is design-system component code, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/index-LQNhghKN.js | AI (source-diff): Minified bundle produced by pkgroll --minify; content is clearly legitimate UI/design-system code from @volue org packages. | ai | |
| source-diff | obfuscated-file:dist/index-TBYX8fgI.js | AI (source-diff): Minified output from pkgroll --minify build step; content is design-system imports, not obfuscated malware. | ai | |
| phantom-deps | phantom-dep:@types/cors | AI (phantom-deps): Type-only dep; not imported at runtime, expected pattern. | ai | |
| phantom-deps | phantom-dep:@types/mdast | AI (phantom-deps): Type-only dep; not imported at runtime, expected pattern. | ai | |
| phantom-deps | phantom-dep:@types/express | AI (phantom-deps): Type-only dep; not imported at runtime, expected pattern. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Bundled by pkgroll; not imported directly but legitimately used in build output. | ai | |
| phantom-deps | phantom-dep:@volue/design-icons | AI (phantom-deps): Same-org dep; bundled by pkgroll for design system content. | ai | |
| phantom-deps | phantom-dep:@volue/design-colors | AI (phantom-deps): Same-org dep; bundled by pkgroll for design system content. | ai | |
| phantom-deps | phantom-dep:@volue/design-media-queries | AI (phantom-deps): Same-org dep; bundled by pkgroll for design system content. | ai | |
| phantom-deps | phantom-dep:@types/express-serve-static-core | AI (phantom-deps): Type-only dep; not imported at runtime, expected pattern. | ai | |
| phantom-deps | phantom-dep:cors | AI (phantom-deps): Bundled by pkgroll; legitimate runtime dep for HTTP transport. | ai | |
| phantom-deps | phantom-dep:express | AI (phantom-deps): Bundled by pkgroll; legitimate runtime dep for HTTP transport. | ai | |
| phantom-deps | phantom-dep:unified | AI (phantom-deps): Bundled by pkgroll; legitimate dep for markdown processing. | ai | |
| phantom-deps | phantom-dep:remark-parse | AI (phantom-deps): Bundled by pkgroll; legitimate dep for markdown processing. | ai | |
| phantom-deps | phantom-dep:xtend | AI (phantom-deps): Bundled by pkgroll; transitive utility dep. | ai |
Versions (showing 13 of 13)
| Version | Deps | Published |
|---|---|---|
| 0.1.12 | 14 / 10 | |
| 0.1.11 | 14 / 10 | |
| 0.1.10 | 14 / 10 | |
| 0.1.9 | 14 / 10 | |
| 0.1.8 | 14 / 10 | |
| 0.1.7 | 14 / 10 | |
| 0.1.6 | 14 / 10 | |
| 0.1.5 | 14 / 10 | |
| 0.1.4 | 14 / 10 | |
| 0.1.3 | 14 / 10 | |
| 0.1.2 | 14 / 10 | |
| 0.1.1 | 14 / 10 | |
| 0.1.0 | 14 / 10 |
v0.1.12
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.8
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.7
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.6
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.1.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.