agentaudit 3.9.33 → 3.9.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/cli.mjs +19 -2
  2. package/package.json +1 -1
package/cli.mjs CHANGED
@@ -1704,6 +1704,17 @@ async function auditRepo(url) {
1704
1704
 
1705
1705
  // Upload to registry
1706
1706
  const creds = loadCredentials();
1707
+ const finalModel = providerMeta.reported_model || actualModel;
1708
+ const finalProvider = resolvedProvider.id;
1709
+ if (!finalModel || finalModel === 'unknown') {
1710
+ console.log(` ${c.yellow}⚠ Model not detected — report will not include model attestation.${c.reset}`);
1711
+ console.log(` ${c.dim} This usually means the LLM API did not return model info.${c.reset}`);
1712
+ console.log(` ${c.dim} Try: agentaudit config set model <model-name>${c.reset}`);
1713
+ if (process.argv.includes('--debug')) {
1714
+ console.log(` ${c.dim} providerMeta: ${JSON.stringify(providerMeta)}${c.reset}`);
1715
+ console.log(` ${c.dim} actualModel: ${actualModel}, resolvedProvider: ${resolvedProvider.id}${c.reset}`);
1716
+ }
1717
+ }
1707
1718
  if (creds) {
1708
1719
  process.stdout.write(` Uploading report to registry...`);
1709
1720
  try {
@@ -1717,8 +1728,8 @@ async function auditRepo(url) {
1717
1728
  ...report,
1718
1729
  commit_sha: report.commit_sha || repoCommitSha || undefined,
1719
1730
  package_version: report.package_version || repoPackageVersion || undefined,
1720
- audit_model: providerMeta.reported_model || actualModel,
1721
- audit_provider: resolvedProvider.id,
1731
+ audit_model: finalModel !== 'unknown' ? finalModel : undefined,
1732
+ audit_provider: finalProvider,
1722
1733
  provider_msg_id: providerMeta.provider_msg_id || undefined,
1723
1734
  provider_fingerprint: providerMeta.provider_fingerprint || undefined,
1724
1735
  input_tokens: providerMeta.input_tokens || undefined,
@@ -1732,6 +1743,12 @@ async function auditRepo(url) {
1732
1743
  const reportSlug = data?.skill_slug || data?.slug || slug;
1733
1744
  console.log(` ${c.green}done${c.reset}`);
1734
1745
  console.log(` ${c.dim}Report: ${REGISTRY_URL}/skills/${reportSlug}${c.reset}`);
1746
+ // Show API warnings
1747
+ if (data?.warnings?.length) {
1748
+ for (const w of data.warnings) {
1749
+ console.log(` ${c.yellow}⚠ ${w}${c.reset}`);
1750
+ }
1751
+ }
1735
1752
  // Refresh stats cache in background
1736
1753
  if (creds.agent_name) refreshStatsCache(creds.agent_name).catch(() => {});
1737
1754
  // Fetch registry consensus after upload
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "agentaudit",
3
- "version": "3.9.33",
3
+ "version": "3.9.34",
4
4
  "description": "Security scanner for AI packages — MCP server + CLI",
5
5
  "type": "module",
6
6
  "bin": {