Please do not file a public issue for a security vulnerability. Report it privately via the repository's security advisories page so a fix can be coordinated before disclosure.

The Node SDK is published to npm only under the @agent-assembly scope. The canonical packages are:

The four runtime-* packages are pulled in automatically as optionalDependencies of @agent-assembly/sdk; you never install them directly.

Anything outside this list is not us. Unscoped names (e.g. agent-assembly), look-alike scopes, or near-miss spellings are typosquats — do not install them.

Every release is published through an operator-gated, OIDC-authenticated pipeline (release-node.yml) and ships two consumer-verifiable integrity signals.

Each package is published with --provenance, so npm records a signed, tamper-evident link back to the exact GitHub Actions run and source commit that built it. Verify it:

# Verify the registry signatures + provenance attestations of your install tree.
npm audit signatures

You can also see the Provenance panel on the package page at https://www.npmjs.com/package/@agent-assembly/sdk. A package built outside the sanctioned pipeline carries no provenance — its absence is the tell.

Each GitHub Release attaches a CycloneDX Software Bill of Materials, sbom.cdx.json, listing the exact dependency set that release was built against. Download it from the matching release on the Releases page and cross-check it against your installed tree and your advisory feed of choice.

Dependencies are scanned on every PR and push by the dependency-audit workflow (pnpm audit --audit-level=high); a known-vuln dependency fails CI and blocks the release. Advisories with no available fix are allowlisted, with a dated rationale, in the root package.json under pnpm.auditConfig.