MCP Observatory
npm analyzed 0.64.1

experimental-ash

v0.64.1
npm

Filesystem-first framework for durable backend AI agents that run anywhere.

maintainer
matheuss
license
Apache-2.0
first seen
2026-06-04
last seen
2026-06-16
releases · 30d
73
short id

Drift inferred · capture-to-capture

  1. HIGH code analysis flagged committed secret, dynamic code execution in experimental-ash
capabilities0 tools
transport stdio · http counts 0 tools · 0 res · 0 prompts permission surface via code analysis

no tools enumerated yet for this server.

skills & danger signalsnpm-tarball
prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed v0.64.1 · analyzer v17 · 2d ago

skills & prompt files 5

code evidencev0.64.1 · npm-tarball
evidence-backed findings quoted directly from the published source artifact — not inferred

filesystem 1

  • fs package/bin/ash.js :4 import { access, readdir, realpath, stat } from "node:fs/promises";

shell / exec 10

  • shell package/bin/ash.js :3 import { spawn } from "node:child_process";
  • shell package/dist/src/compiled/@workflow/core/runtime.js :1 import{i as e,r as t,t as n}from"../../_chunks/workflow/chunk-DSjMdhoD.js";import{C as r,D as i,E as a,F as o,I as s,O as c,S as l,T as u,a as d,b as f,c as p,d as m,f as h,h as g,i as _,j as v,k as y
  • shell package/dist/src/compiled/commander/index.js :10 - unrecognised flag format`)}if(t===void 0&&n===void 0)throw Error(`option creation failed due to no flags found in '${e}'.`);return{shortFlag:t,longFlag:n}}e.Option=n,e.DualOptions=r})),h=s((e=>{func
  • shell package/dist/src/evals/runner/resolve-git-metadata.js :1 import{execSync}from"node:child_process";function resolveLocalGitMetadata(e){let t=execGitCommand(`git rev-parse HEAD`,e);return{branch:execGitCommand(`git branch --show-current`,e)||void 0,sha:t||voi
  • shell package/dist/src/internal/nitro/host/start-production-server.js :1 import{ASH_HEALTH_ROUTE_PATH}from"#protocol/routes.js";import{join,resolve}from"node:path";import{spawn}from"node:child_process";import{existsSync}from"node:fs";import{loadDevelopmentEnvironmentFiles}
  • shell package/dist/src/packages/ash-scaffold/src/primitives/run-pnpm.js :1 import{createProcessOutputBuffer}from"./process-output.js";import{resolvePnpmInvocation}from"./pnpm-invocation.js";import{join}from"node:path";import{spawn}from"node:child_process";import{existsSync}f
  • shell package/dist/src/packages/ash-scaffold/src/primitives/run-vercel.js :1 import{createProcessOutputBuffer}from"./process-output.js";import{spawn}from"node:child_process";const CONNECT_FEATURE_FLAG_ENV={FF_CONNECT_ENABLED:`1`},VERCEL_NOT_FOUND_MESSAGE=`Vercel CLI not found.
  • shell package/dist/src/public/next/server.js :1 import{ASH_ROUTE_PREFIX}from"#protocol/routes.js";import{join}from"node:path";import{mkdir,open,readFile,rm,stat,writeFile}from"node:fs/promises";import{spawn}from"node:child_process";import{existsSyn
  • shell package/dist/src/public/nuxt/dev-server.js :1 import{joinRoutePrefix,normalizeOrigin}from"./routing.js";import{ASH_ROUTE_PREFIX}from"#protocol/routes.js";import{join}from"node:path";import{mkdir,open,readFile,rm,stat,writeFile}from"node:fs/promis
  • shell package/dist/src/public/sveltekit/dev-server.js :1 import{joinRoutePrefix,normalizeOrigin}from"./routing.js";import{ASH_ROUTE_PREFIX}from"#protocol/routes.js";import{join}from"node:path";import{mkdir,open,readFile,rm,stat,writeFile}from"node:fs/promis

network 32

  • net package/dist/src/chunks/use-ash-agent-D7LvOfgD.js :262 const response = await fetch(url, {
  • net package/dist/src/chunks/use-ash-agent-DPYNpc07.js :262 const response = await fetch(url, {
  • net package/dist/src/client/client.js :1 import{ASH_HEALTH_ROUTE_PATH}from"#protocol/routes.js";import{ClientError}from"#client/client-error.js";import{ClientSession}from"#client/session.js";import{createInitialSessionState}from"#client/sess
  • net package/dist/src/client/open-stream.js :1 import{createAshMessageStreamRoutePath}from"#protocol/routes.js";import{ClientError}from"#client/client-error.js";import{createClientUrl}from"#client/url.js";import{isStreamDisconnectError,readNdjsonS
  • net package/dist/src/client/session.js :1 import{ASH_CREATE_SESSION_ROUTE_PATH,createAshContinueSessionRoutePath,createAshMessageStreamRoutePath}from"#protocol/routes.js";import{openStreamIterable}from"#client/open-stream.js";import{ASH_SESSI
  • net package/dist/src/compiled/@chat-adapter/slack/index.js :46 \`\`\``:this.defaultNodeToText(e,e=>this.nodeToMrkdwn(e))}};function Wr(e){if(e.contextId||e.privateMetadata)return JSON.stringify({c:e.contextId,m:e.privateMetadata})}function Gr(e){if(!e)return{};tr
  • net package/dist/src/compiled/@vercel/oidc/index.js :1 import{createRequire as e}from"node:module";var t=Object.create,n=Object.defineProperty,r=Object.getOwnPropertyDescriptor,i=Object.getOwnPropertyNames,a=Object.getPrototypeOf,o=Object.prototype.hasOwn
  • net package/dist/src/compiled/@workflow/core/runtime.js :4 `);for(let t of e){let e=t.trim().match(/^\s*TCP\s+(?:\[[\da-f:]+\]|[\d.]+):(\d+)\s+/i);if(e){let t=lr(e[1]);t!==void 0&&n.push(t)}}}return n}catch{return[]}}async function mr(){let{pid:e,platform:t}=
  • net package/dist/src/compiled/_chunks/node/auth-BsyzphzW.js :2 `)}const C=`${d.hostname()} @ vercel/sandbox/${i} node-${process.version} ${d.platform()} (${d.arch()})`,w=new URL(`https://vercel.com`),T=`cl_HYyOPBNtFMfHhaUn9L4QPfTZz6TP47bp`,E=r.object({issuer:r.st
  • net package/dist/src/compiled/_chunks/node/dist-BQYUcBqu.js :75 `).at(-1);if(t&&t.trim().length>0)return`${e}\u200B`}return e},Rl=RegExp(`(?<=[\\p{L}\\p{N}_])~(?!~)(?=[\\p{L}\\p{N}_])`,`gu`),zl=e=>!e||typeof e!=`string`||!e.includes(`~`)?e:e.replace(Rl,(t,n)=>X(e,
  • net package/dist/src/compiled/_chunks/workflow/dist-gEXVSMPU.js :10 ${t}`,l++;break;case`id`:s=t.includes(`\0`)?void 0:t;break;case`retry`:/^\d+$/.test(t)?r(parseInt(t,10)):n(new it(`Invalid \`retry\` value: "${t}"`,{type:`invalid-retry`,value:t,line:i}));break;defaul
  • net package/dist/src/compiled/_chunks/workflow/resume-hook-BFK9mgsb.js :1 import{i as e,n as t,t as n}from"./chunk-DSjMdhoD.js";import{A as r,E as i,F as a,I as o,M as s,N as c,P as l,T as u,a as d,c as f,d as p,f as m,i as h,j as g,n as _,o as v,s as y,w as b}from"./dist-z
  • net package/dist/src/compiler/model-catalog.js :1 import{z}from"#compiled/zod/index.js";import{join}from"node:path";import{mkdir,readFile,writeFile}from"node:fs/promises";const COMPILED_RUNTIME_MODEL_CATALOG_CACHE_KIND=`ash-model-catalog-cache`,catal
  • net package/dist/src/execution/remote-agent-dispatch.js :1 import{createAshCallbackRoutePath}from"#protocol/routes.js";import{ASH_SESSION_ID_HEADER}from"#protocol/message.js";import{createWorkflowCallbackUrl}from"#execution/workflow-callback-url.js";import{fo
  • net package/dist/src/execution/session-callback-step.js :1 import{createLogger}from"#internal/logging.js";import{SessionCallbackKey}from"#context/keys.js";import{toErrorMessage}from"#shared/errors.js";import{parseSessionCallback}from"#channel/session-callback
  • net package/dist/src/execution/web-fetch/tool.js :1 import{truncateHead}from"#execution/sandbox/truncate-output.js";import{ASH_PACKAGE_NAME}from"#internal/package-name.js";import{convertHtmlToMarkdown,extractTextFromHtml}from"#execution/web-fetch/html.
  • net package/dist/src/internal/nitro/host/start-production-server.js :1 import{ASH_HEALTH_ROUTE_PATH}from"#protocol/routes.js";import{join,resolve}from"node:path";import{spawn}from"node:child_process";import{existsSync}from"node:fs";import{loadDevelopmentEnvironmentFiles}
  • net package/dist/src/internal/nitro/routes/channel-dispatch.js :1 import{createGetSessionFn}from"#channel/session.js";import{createLogger,logError}from"#internal/logging.js";import{createSendFn}from"#channel/send.js";import{createCrossChannelReceiveFn,toCrossChannel
  • net package/dist/src/internal/workflow-bundle/ash-service-route-output.js :2 import { Server } from "node:http";
  • net package/dist/src/internal/workflow-bundle/vercel-workflow-output.js :2 `)}function createRoutedNitroEntrypoint(e){return[`import nitroHandler from ${JSON.stringify(e.delegateImportPath)};`,``,`function invokeNitroHandler(request, context) {`,` if (typeof nitroHandler ==
  • net package/dist/src/internal/workflow/index.js :1 export*from"#compiled/@workflow/core/index.js";async function fetch(...e){"use step";return await globalThis.fetch(...e)}export{fetch};
  • net package/dist/src/packages/ash-scaffold/src/web-template.js :1677 const response = await fetch(url);
  • net package/dist/src/public/channels/slack/api.js :1 import{createLogger,logError}from"#internal/logging.js";import{isCardElement}from"#compiled/chat/index.js";import{encodeSlackApiBody}from"#public/channels/slack/api-encoding.js";import{cardToBlocks,ca
  • net package/dist/src/public/channels/slack/attachments.js :1 import{createLogger}from"#internal/logging.js";import{evaluateFilePart,formatUploadPolicyViolation,isUploadsDisabled}from"#public/channels/upload-policy.js";import{resolveSlackBotToken}from"#public/ch
  • net package/dist/src/public/channels/slack/interactions.js :1 import{createLogger}from"#internal/logging.js";import{buildSlackBinding,resolveSlackBotToken,slackContinuationToken}from"#public/channels/slack/api.js";import{HITL_FREEFORM_MODAL_ACTION_ID,HITL_FREEFO
  • net package/dist/src/public/channels/teams/attachments.js :1 import{createLogger}from"#internal/logging.js";import{isObject}from"#shared/guards.js";import{evaluateFilePart,formatUploadPolicyViolation,isUploadsDisabled,mergeUploadPolicy}from"#public/channels/upl
  • net package/dist/src/public/next/server.js :1 import{ASH_ROUTE_PREFIX}from"#protocol/routes.js";import{join}from"node:path";import{mkdir,open,readFile,rm,stat,writeFile}from"node:fs/promises";import{spawn}from"node:child_process";import{existsSyn
  • net package/dist/src/public/nuxt/dev-server.js :1 import{joinRoutePrefix,normalizeOrigin}from"./routing.js";import{ASH_ROUTE_PREFIX}from"#protocol/routes.js";import{join}from"node:path";import{mkdir,open,readFile,rm,stat,writeFile}from"node:fs/promis
  • net package/dist/src/public/sveltekit/dev-server.js :1 import{joinRoutePrefix,normalizeOrigin}from"./routing.js";import{ASH_ROUTE_PREFIX}from"#protocol/routes.js";import{join}from"node:path";import{mkdir,open,readFile,rm,stat,writeFile}from"node:fs/promis
  • net package/dist/src/runtime/connections/openapi-client.js :1 import{isObject}from"#shared/guards.js";import{jsonSchema,tool}from"ai";import{passesToolFilter,resolveHeaders}from"#runtime/connections/mcp-client.js";import{HTTP_METHODS,operationDescription,operati
  • net package/dist/src/runtime/governance/auth/oidc.js :1 import{z}from"#compiled/zod/index.js";import{createRemoteJWKSet,jwtVerify}from"#compiled/jose/index.js";import{areTokenClaimMatchersSatisfied,createJwtAuthenticatedCallerPrincipal}from"#runtime/govern
  • net package/dist/src/services/dev-client.js :1 import{ASH_DEV_RUNTIME_ARTIFACTS_ROUTE_PATH}from"#protocol/routes.js";import{isLocalDevelopmentServerUrl,resolveDevelopmentClientHeaders,resolveDevelopmentOidcToken}from"#services/dev-client/request-h

secrets 18

  • secrets package/dist/src/compiled/@chat-adapter/slack/index.js :46 \`\`\``:this.defaultNodeToText(e,e=>this.nodeToMrkdwn(e))}};function Wr(e){if(e.contextId||e.privateMetadata)return JSON.stringify({c:e.contextId,m:e.privateMetadata})}function Gr(e){if(!e)return{};tr
  • secrets package/dist/src/compiled/@vercel/oidc/index.js :1 import{createRequire as e}from"node:module";var t=Object.create,n=Object.defineProperty,r=Object.getOwnPropertyDescriptor,i=Object.getOwnPropertyNames,a=Object.getPrototypeOf,o=Object.prototype.hasOwn
  • secrets package/dist/src/compiled/@workflow/core/runtime.js :99 ${e.message}`),t?new f.VercelOidcTokenError(t):e}return n}function m(){let e=(0,d.getContext)().headers?.[`x-vercel-oidc-token`]??process.env.VERCEL_OIDC_TOKEN;if(!e)throw Error(`The 'x-vercel-oidc-to
  • secrets package/dist/src/compiled/_chunks/node/token-ORseRyWn.js :1 import{r as e}from"./dist-BdTs18CF.js";import{n as t,t as n}from"../../@vercel/sandbox/index.js";var r=e(((e,r)=>{var i=Object.defineProperty,a=Object.getOwnPropertyDescriptor,o=Object.getOwnPropertyN
  • secrets package/dist/src/compiled/_chunks/workflow/token-CcaAeZHd.js :1 import{t as e}from"./chunk-DSjMdhoD.js";import{i as t,r as n}from"../../@workflow/core/runtime.js";var r=e(((e,r)=>{var i=Object.defineProperty,a=Object.getOwnPropertyDescriptor,o=Object.getOwnPropert
  • secrets package/dist/src/compiled/_chunks/workflow/token-nK4u-N7w.js :1 import{t as e}from"./chunk-DSjMdhoD.js";import{n as t,t as n}from"../../@workflow/core/runtime.js";var r=e(((e,r)=>{var i=Object.defineProperty,a=Object.getOwnPropertyDescriptor,o=Object.getOwnPropert
  • secrets package/dist/src/evals/cli/eval.js :1 import{VERCEL_PROTECTION_BYPASS_HEADER}from"#services/dev-client/request-headers.js";import{resolveApplicationRoot}from"#internal/application/paths.js";import{Client}from"#client/client.js";import{get
  • secrets package/dist/src/execution/workflow-callback-url.js :1 function resolveVercelProductionCallbackBaseUrl(){return process.env.VERCEL_ENV===`production`&&process.env.VERCEL_PROJECT_PRODUCTION_URL?`https://${process.env.VERCEL_PROJECT_PRODUCTION_URL}`:null}fu
  • secrets package/dist/src/public/channels/discord/api.js :1 import{isObject}from"#shared/guards.js";import{parseJsonObject}from"#shared/json.js";import{resolveDiscordPublicKey}from"#public/channels/discord/verify.js";const DISCORD_NO_MENTIONS={parse:[]},DISCOR
  • secrets package/dist/src/public/channels/discord/verify.js :1 import{createLogger}from"#internal/logging.js";import{createPublicKey,verify}from"node:crypto";const log=createLogger(`discord.verify`),ED25519_SPKI_PREFIX=Buffer.from(`302a300506032b6570032100`,`hex`
  • secrets package/dist/src/public/channels/github/auth.js :1 import{isObject}from"#shared/guards.js";import{createSign}from"node:crypto";const installationTokenCache=new Map;async function resolveGitHubAppId(e){let t=e??process.env.GITHUB_APP_ID;if(t===void 0||
  • secrets package/dist/src/public/channels/slack/api.js :1 import{createLogger,logError}from"#internal/logging.js";import{isCardElement}from"#compiled/chat/index.js";import{encodeSlackApiBody}from"#public/channels/slack/api-encoding.js";import{cardToBlocks,ca
  • secrets package/dist/src/public/channels/slack/slackChannel.js :1 import{markEventHandled}from"./utils.js";import{createLogger,logError}from"#internal/logging.js";import{mergeUploadPolicy}from"#public/channels/upload-policy.js";import{POST,defineChannel}from"#public
  • secrets package/dist/src/public/channels/teams/api.js :1 import{isObject}from"#shared/guards.js";import{parseJsonObject}from"#shared/json.js";const TEAMS_MESSAGE_TEXT_MAX_LENGTH=80*1024,BOT_FRAMEWORK_TENANT=`botframework.com`,accessTokenCache=new Map;functi
  • secrets package/dist/src/public/channels/telegram/api.js :1 import{isObject}from"#shared/guards.js";import{parseJsonObject}from"#shared/json.js";const TELEGRAM_MESSAGE_TEXT_MAX_LENGTH=4096;function telegramContinuationToken(e){let t=e.messageThreadId===void 0?
  • secrets package/dist/src/public/channels/telegram/verify.js :1 import{createLogger}from"#internal/logging.js";import{timingSafeEqual}from"node:crypto";const log=createLogger(`telegram.verify`);async function resolveTelegramWebhookSecretToken(e){let t=e??process.e
  • secrets package/dist/src/public/channels/twilio/verify.js :1 import{createLogger}from"#internal/logging.js";import{createHmac,timingSafeEqual}from"node:crypto";const log=createLogger(`twilio.verify`);async function resolveTwilioAuthToken(e){let t=e??process.env
  • secrets package/dist/src/services/dev-client/request-headers.js :1 import{ASH_ROUTE_PREFIX}from"#protocol/routes.js";import{getVercelOidcToken}from"#compiled/@vercel/oidc/index.js";const ASH_ROUTE_PREFIX_WITH_SEPARATOR=`${ASH_ROUTE_PREFIX}/`,LOCAL_HOSTNAMES=new Set([

declared dependencies 45

  • nitro@3.0.260522-beta
  • @ai-sdk/anthropic@4.0.0-canary.63
  • @ai-sdk/google@4.0.0-canary.79
  • @ai-sdk/mcp@2.0.0-canary.59
  • @ai-sdk/openai@4.0.0-canary.69
  • @ai-sdk/otel@1.0.0-canary.111
  • @ai-sdk/provider@4.0.0-canary.18
  • @chat-adapter/slack@4.29.0
  • @chat-adapter/state-memory@4.29.0
  • @nuxt/kit@^4.0.0
  • @standard-schema/spec@1.1.0
  • @sveltejs/kit@^2.0.0
  • @types/json-schema@7.0.15
  • @types/react@19.2.15
  • @types/react-test-renderer@19.1.0
  • @vercel/oidc@3.5.0
  • @vercel/sandbox@2.1.0
  • @workflow/core@5.0.0-beta.12
  • @workflow/errors@5.0.0-beta.7
  • @workflow/world@5.0.0-beta.7
  • @workflow/world-local@5.0.0-beta.13
  • ai@7.0.0-canary.165
  • autoevals@0.0.132
  • chat@4.29.0
  • chokidar@5.0.0
  • commander@14.0.3
  • experimental-ai-sdk-code-mode@1.0.14
  • gray-matter@4.0.3
  • jose@6.2.3
  • jsonc-parser@3.3.1
  • just-bash@3.0.1
  • next@16.2.6
  • picocolors@1.1.1
  • react@19.2.6
  • react-test-renderer@19.2.6
  • svelte@^5.0.0
  • turndown@7.2.4
  • vite@^8.0.0
  • vue@^3.5.0
  • zod@4.4.3
  • zod-validation-error@5.0.0
  • @vercel/ash-scaffold@0.0.0
  • @opentelemetry/api@^1.0.0
  • braintrust@^3.0.0
  • nuxt@^4.0.0