network-ai
Advanced tools
+29
| { | ||
| "version": 2, | ||
| "ignore": { | ||
| "evalDynamicCodeExecution": [ | ||
| { | ||
| "path": "dist/lib/blackboard-validator.js", | ||
| "reason": "False positive — this is a security detection pattern that scans for eval() usage in untrusted agent code. It is not dynamic code execution." | ||
| } | ||
| ], | ||
| "networkAccess": [ | ||
| { | ||
| "path": "dist/adapters/custom-adapter.js", | ||
| "reason": "Intentional — CustomAdapter is a user-configured HTTP adapter that calls a user-supplied URL (config.url) to connect to external AI endpoints. Network access is the explicit purpose of this adapter." | ||
| }, | ||
| { | ||
| "path": "dist/lib/mcp-transport-sse.ts", | ||
| "reason": "Intentional — McpSseTransport is an HTTP/SSE transport layer for the MCP protocol. Both the server (createServer) and client (http.request) directions are the explicit purpose of this module." | ||
| }, | ||
| { | ||
| "path": "dist/lib/mcp-transport-sse.js", | ||
| "reason": "Intentional — McpSseTransport is an HTTP/SSE transport layer for the MCP protocol. Both the server (createServer) and client (http.request) directions are the explicit purpose of this module." | ||
| }, | ||
| { | ||
| "path": "dist/bin/mcp-server.js", | ||
| "reason": "Intentional — network-ai-server is an opt-in CLI binary that starts an HTTP/SSE server to expose the Network-AI tool suite over MCP. Users invoke it explicitly; it is not a background side-effect." | ||
| } | ||
| ] | ||
| } | ||
| } |
@@ -32,3 +32,3 @@ #!/usr/bin/env node | ||
| * @module bin/mcp-server | ||
| * @version 4.0.0 | ||
| * @version 4.0.6 | ||
| */ | ||
@@ -107,3 +107,3 @@ | ||
| console.log(` | ||
| network-ai-server — Network-AI MCP Server v4.0.0 | ||
| network-ai-server — Network-AI MCP Server v4.0.6 | ||
@@ -145,3 +145,3 @@ Usage: npx ts-node bin/mcp-server.ts [options] | ||
| console.log(`\n[network-ai-server] Starting MCP Server v4.0.0`); | ||
| console.log(`\n[network-ai-server] Starting MCP Server v4.0.6`); | ||
| console.log(`[network-ai-server] Board: ${args.board} | Port: ${args.port}`); | ||
@@ -148,0 +148,0 @@ |
@@ -32,5 +32,5 @@ #!/usr/bin/env node | ||
| * @module bin/mcp-server | ||
| * @version 4.0.0 | ||
| * @version 4.0.6 | ||
| */ | ||
| export {}; | ||
| //# sourceMappingURL=mcp-server.d.ts.map |
@@ -33,3 +33,3 @@ #!/usr/bin/env node | ||
| * @module bin/mcp-server | ||
| * @version 4.0.0 | ||
| * @version 4.0.6 | ||
| */ | ||
@@ -106,3 +106,3 @@ Object.defineProperty(exports, "__esModule", { value: true }); | ||
| console.log(` | ||
| network-ai-server — Network-AI MCP Server v4.0.0 | ||
| network-ai-server — Network-AI MCP Server v4.0.6 | ||
@@ -140,3 +140,3 @@ Usage: npx ts-node bin/mcp-server.ts [options] | ||
| } | ||
| console.log(`\n[network-ai-server] Starting MCP Server v4.0.0`); | ||
| console.log(`\n[network-ai-server] Starting MCP Server v4.0.6`); | ||
| console.log(`[network-ai-server] Board: ${args.board} | Port: ${args.port}`); | ||
@@ -143,0 +143,0 @@ // -------------------------------------------------------------------------- |
+3
-2
| { | ||
| "name": "network-ai", | ||
| "version": "4.0.5", | ||
| "version": "4.0.6", | ||
| "description": "AI agent orchestration framework for TypeScript/Node.js - plug-and-play multi-agent coordination with 12 frameworks (LangChain, AutoGen, CrewAI, OpenAI Assistants, LlamaIndex, Semantic Kernel, Haystack, DSPy, Agno, MCP, OpenClaw). Built-in security, swarm intelligence, and agentic workflow patterns.", | ||
@@ -99,4 +99,5 @@ "main": "dist/index.js", | ||
| "SKILL.md", | ||
| "LICENSE" | ||
| "LICENSE", | ||
| "socket.json" | ||
| ] | ||
| } |
+1
-1
@@ -7,3 +7,3 @@ # Network-AI: Multi-Agent Orchestration Framework | ||
| [](https://github.com/jovanSAPFIONEER/Network-AI/actions/workflows/codeql.yml) | ||
| [](https://github.com/jovanSAPFIONEER/Network-AI/releases) | ||
| [](https://github.com/jovanSAPFIONEER/Network-AI/releases) | ||
| [](https://www.npmjs.com/package/network-ai) | ||
@@ -10,0 +10,0 @@ [](https://clawhub.ai/skills/network-ai) |
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
1252610
0.12%162
0.62%19968
0.15%