AntFleet

Disagreement · 9eed8b81-openai-1

Manifest includes npm package reference that is explicitly not published yet

solo GPT-5
repo 6f7fc663·PR #8·reviewed 1 week ago

GPT-5 finding

Manifest includes npm package reference that is explicitly not published yet

mediumbuild-releasehigh
  • docs/smithery-manifest.json:13-24
  • docs/smithery-submission.md:160-166
The manifest’s packages block points to an unpublished npm identifier, which can cause registry ingestion or consumer tooling to fail when resolving the package. The submission doc acknowledges this but the manifest as committed would still be invalid for npm-based installs.

Recommendation

Either publish the aeon-mcp package and keep the packages block accurate (identifier + version), or have the smithery-manifest generator omit the packages block until the package is published. Consider auto-detecting publish status (npm view) and gating generation.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →
← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗