Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Publisher
- GitHub ActionsTrusted automation · −70% score
Effective trust discount applied: −70% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.
Recommended action
Block this updateStatic evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["@agent-native/[email protected]"],"fail_on":"high"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["@agent-native/[email protected]"],"fail_on":"high"}'Why flagged
What the scanner saw
Credential file access
1 candidate cluster(s) currently reference this release.
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk high · score 519 · status changed
Related candidates
Linked campaigns and clusters
Credential file access
1042 members · evidence strength 90Credential file access
1042 members · max score 289Evidence
Static findings
71 static · 0 from release diff · showing high-signal first.
| Severity | Kind | Path | Detail | Points |
|---|---|---|---|---|
| high | Credential file access | package/dist/a2a/auth-policy.js | — | 30 |
| high | Credential file access | package/dist/scripts/call-agent.js | — | 30 |
| high | Credential file access | package/dist/connections/catalog.js | — | 30 |
| high | Credential file access | package/dist/db/client.js | — | 30 |
| high | Credential file access | package/dist/server/google-realtime-session.js | — | 30 |
| high | Credential file access | package/dist/db/migrations.js | — | 30 |
| high | Credential file access | package/dist/integrations/pending-tasks-retry-job.js | — | 30 |
| high | Credential file access | package/dist/agent/run-manager.js | — | 30 |
| high | Credential file access | package/dist/server/voice-providers-status.js | — | 30 |
| high | Credential file access | package/dist/client/settings/VoiceTranscriptionSection.js | — | 30 |
| medium | Remote Payload | package/dist/server/agent-chat-plugin.js | — | 12 |
| medium | Remote Payload | package/dist/mcp/build-server.js | — | 12 |
| medium | Remote Payload | package/dist/cli/create.js | — | 12 |
| medium | Remote Payload | package/dist/extensions/html-shell.js | — | 12 |
Show all 71 findings (low-signal and informational)
Showing 60 of 71 findings.
| Severity | Kind | Path | Detail | Points |
|---|---|---|---|---|
| high | Credential file access | package/dist/a2a/auth-policy.js | — | 30 |
| high | Credential file access | package/dist/scripts/call-agent.js | — | 30 |
| high | Credential file access | package/dist/connections/catalog.js | — | 30 |
| high | Credential file access | package/dist/db/client.js | — | 30 |
| high | Credential file access | package/dist/server/google-realtime-session.js | — | 30 |
| high | Credential file access | package/dist/db/migrations.js | — | 30 |
| high | Credential file access | package/dist/integrations/pending-tasks-retry-job.js | — | 30 |
| high | Credential file access | package/dist/agent/run-manager.js | — | 30 |
| high | Credential file access | package/dist/server/voice-providers-status.js | — | 30 |
| high | Credential file access | package/dist/client/settings/VoiceTranscriptionSection.js | — | 30 |
| medium | Remote Payload | package/dist/server/agent-chat-plugin.js | — | 12 |
| medium | Remote Payload | package/dist/mcp/build-server.js | — | 12 |
| medium | Remote Payload | package/dist/cli/create.js | — | 12 |
| medium | Remote Payload | package/dist/extensions/html-shell.js | — | 12 |
| low | Obfuscation | package/dist/client/agent-chat-adapter.js | — | 3 |
| low | Obfuscation | package/dist/server/agent-chat-plugin.js | — | 3 |
| low | Obfuscation | package/dist/client/extensions/agent-native-extension-runtime.js | — | 3 |
| low | Obfuscation | package/dist/client/AgentPanel.js | — | 3 |
| low | Obfuscation | package/dist/client/terminal/AgentTerminal.js | — | 3 |
| low | Obfuscation | package/dist/client/components/ApiKeySettings.js | — | 3 |
| low | Obfuscation | package/dist/client/AssistantChat.js | — | 3 |
| low | Obfuscation | package/dist/server/auth.js | — | 3 |
| low | Obfuscation | package/dist/server/builder-browser.js | — | 3 |
| low | Obfuscation | package/dist/mcp/builtin-tools.js | — | 3 |
| low | Obfuscation | package/dist/client/resources/BuiltinCapabilityDetail.js | — | 3 |
| low | Obfuscation | package/dist/collab/client.js | — | 3 |
| low | Obfuscation | package/dist/client/CommandMenu.js | — | 3 |
| low | Obfuscation | package/dist/cli/connect.js | — | 3 |
| low | Obfuscation | package/dist/client/ConnectBuilderCard.js | — | 3 |
| low | Obfuscation | package/dist/client/settings/DemoModeSection.js | — | 3 |
| low | Obfuscation | package/dist/client/dev-overlay/DevOverlay.js | — | 3 |
| low | Obfuscation | package/dist/integrations/adapters/email.js | — | 3 |
| low | Obfuscation | package/dist/server/embed-session.js | — | 3 |
| low | Obfuscation | package/dist/observability/evals.js | — | 3 |
| low | Obfuscation | package/dist/client/extensions/ExtensionSlot.js | — | 3 |
| low | Obfuscation | package/dist/client/extensions/ExtensionViewer.js | — | 3 |
| low | Obfuscation | package/dist/server/google-oauth.js | — | 3 |
| low | Obfuscation | package/dist/resources/handlers.js | — | 3 |
| low | Obfuscation | package/dist/client/org/InvitationBanner.js | — | 3 |
| low | Obfuscation | package/dist/client/mcp-apps/McpAppRenderer.js | — | 3 |
| low | Obfuscation | package/dist/client/resources/McpServerDetail.js | — | 3 |
| low | Obfuscation | package/dist/client/NewWorkspaceAppFlow.js | — | 3 |
| low | Obfuscation | package/dist/client/notifications/NotificationsBell.js | — | 3 |
| low | Obfuscation | package/dist/server/oauth-return-url.js | — | 3 |
| low | Obfuscation | package/dist/mcp/oauth-route.js | — | 3 |
| low | Obfuscation | package/dist/shared/oauth-state.js | — | 3 |
| low | Obfuscation | package/dist/server/open-route.js | — | 3 |
| low | Obfuscation | package/dist/client/composer/PastedTextChip.js | — | 3 |
| low | Obfuscation | package/dist/extensions/path.js | — | 3 |
| low | Obfuscation | package/dist/client/extensions/portable-extension.js | — | 3 |
| low | Obfuscation | package/dist/file-upload/pre-upload-attachments.js | — | 3 |
| low | Obfuscation | package/dist/terminal/pty-server.js | — | 3 |
| low | Obfuscation | package/dist/client/resources/ResourceEditor.js | — | 3 |
| low | Obfuscation | package/dist/client/resources/ResourcesPanel.js | — | 3 |
| low | Obfuscation | package/dist/client/resources/ResourceTree.js | — | 3 |
| low | Obfuscation | package/dist/client/settings/SecretsSection.js | — | 3 |
| low | Obfuscation | package/dist/client/settings/SettingsPanel.js | — | 3 |
| low | Obfuscation | package/dist/server/short-lived-token.js | — | 3 |
| low | Obfuscation | package/dist/collab/storage.js | — | 3 |
| low | Obfuscation | package/dist/observability/store.js | — | 3 |
Manifest
Package metadata
Scripts 6
Sign in to view install / lifecycle script contents.
Dependencies2
@agent-native/corelatestpostgres^3.4.9