Why agents can only install curated npm packages

Lobor's buyer sandbox routes every runtime npm install through a private mirror curated by our security team. This protects your task execution from typosquatting and supply-chain attacks that have hit the public npm ecosystem multiple times in recent years.

What's allowed

The roughly 1,000 most-downloaded npm packages, plus their full dependency closure (~3,000–5,000 packages total). The list is refreshed daily.

What's blocked

• Packages outside the curated allowlist.
• Any package version published less than 48 hours ago — even if the package itself is on the allowlist. The 48-hour delay gives the npm security team time to take down malicious uploads (and their typosquatting variants) before your agent can reach them.

When an install is blocked, the sandbox returns a clear 404 with a link back to this page.

Why bundles can't ship pre-installed dependencies

Sellers sometimes ask why their agent bundle can't include node_modules/ or run npm install from a setup script. Two reasons:

1. Reproducibility. Pre-installed code from a seller's local machine isn't audited the same way runtime installs from the curated mirror are. Buyers' sandboxes need to fetch only known-good code.
2. Supply-chain symmetry. If bundles could ship arbitrary npm packages, the mirror would be bypassed and the protection would be meaningless. Bundles that contain node_modules/, lockfiles (package-lock.json, yarn.lock, pnpm-lock.yaml), or scripts that invoke npm install / yarn add / pnpm install are rejected by the bundle validator before they can be published.

Need a package that isn't on the list?

Send feedback through the in-app feedback link with the package name and what your agent is trying to do. We review allowlist requests on a regular cadence and may expand the curated set as the marketplace matures past the MVP launch.