supply chain / huggingface-transformers

Hugging Face Transformers (JS)

registrynpm

package name@huggingface/transformers

maintainerHugging Face

The Hugging Face Transformers JavaScript library enables running transformer models entirely in the browser or Node.js using ONNX Runtime Web. It allows client-side inference without a server, making it common in privacy-focused applications and browser extensions. It downloads model weights from the Hugging Face Hub.

api usage

Checking Hugging Face Transformers (JS)

@huggingface/transformers 3.0.0 is a clean version with no known supply chain compromise. The response returns compromised: false with an empty sources array.

bash

curl "https://api.attestd.io/v1/check?product=%40huggingface%2Ftransformers&version=3.0.0" \
  -H "Authorization: Bearer YOUR_API_KEY"

json

{
  "product": "@huggingface/transformers",
  "version": "3.0.0",
  "supported": true,
  "risk_state": "none",
  "supply_chain": {
    "compromised": false,
    "sources": [],
    "malware_type": null,
    "description": null,
    "advisory_url": null,
    "compromised_at": null,
    "removed_at": null
  },
  "last_updated": "2026-05-01T00:00:00Z"
}

attack surface

Why this package is monitored

Client-side inference libraries that download model weights from external hubs can be redirected to serve malicious model files. A compromised version of the library itself can also intercept inference inputs and outputs before they reach application code.

Attestd monitors @huggingface/transformers using the following detection sources:

registry

Manually curated advisories in the Attestd registry, verified by a human analyst. Confidence 1.0.

osv

OSV.dev malicious-package advisories with IDs prefixed MAL-. Confidence 0.95.

npm_deprecation

npm package versions with deprecation messages containing targeted attack language such as malicious, backdoor, or compromised. Confidence 0.80.

Supply chain overview All npm packages OpenAI SDK (JS)Anthropic SDK (JS)Response fields