[FEATURE] Registry of trusted software
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
If Mythos is so good at finding vulnerabilities, couldn’t it be used to audit supply-chains of popular packages and provide a stamp-of-approval at a given version/git commit? You could even pass the cost onto authors or anyone with a Claude account. Then I could do something like
claude pip install foo
that would first check that the version of foo to be installed has been vetted by mythos (including all transitive deps), and if it hasn’t, submit a request to verify using my token budget, then install
This could also be extended to claude git clone and other tools.
Proposed Solution
I’d like to be able to run claude pip install foo to ensure the transitive dependencies of foo have been vetted by mythos before installing
Alternative Solutions
_No response_
Priority
Medium - Would be very helpful
Feature Category
Other
Use Case Example
_No response_
Additional Context
_No response_
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗