1.3.1
2 months ago
16 days ago
Known vulnerabilities in the agent-coderag package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
agent-coderag is a Lightweight semantic code search and distillation utility for AI coding agents. It solves the API knowledge gap via real-time local signature extraction and intent analysis without PyTorch. Optimized for token efficiency, it compresses codebase context into compact semantic summaries stored in a local DuckDB vector similarity index. Affected versions of this package are vulnerable to Command Injection in the How to fix Command Injection? Upgrade | [,1.3.1) |