AutoGen Core

registryPyPI

package nameautogen-core

maintainerMicrosoft

AutoGen Core provides the runtime, messaging, and agent lifecycle primitives that AutoGen AgentChat and custom agent frameworks build on. It implements the actor model for concurrent agent execution, typed message passing, and the dependency injection container used across the AutoGen ecosystem. Most AutoGen applications depend on this package transitively.

api usage

Checking AutoGen Core

autogen-core 0.4.0 is a clean version with no known supply chain compromise. The response returns compromised: false with an empty sources array.

bash

curl "https://api.attestd.io/v1/check?product=autogen-core&version=0.4.0" \
  -H "Authorization: Bearer YOUR_API_KEY"

json

{
  "product": "autogen-core",
  "version": "0.4.0",
  "supported": true,
  "risk_state": "none",
  "supply_chain": {
    "compromised": false,
    "sources": [],
    "malware_type": null,
    "description": null,
    "advisory_url": null,
    "compromised_at": null,
    "removed_at": null
  },
  "last_updated": "2026-05-01T00:00:00Z"
}

attack surface

Why this package is monitored

Runtime packages are the lowest-level dependency in an agent stack and execute before any application-level security controls run. A backdoored runtime can intercept messages between all agents regardless of which higher-level framework is used.

Attestd monitors autogen-core using the following detection sources:

registry

Manually curated advisories in the Attestd registry, verified by a human analyst. Confidence 1.0.

osv

OSV.dev malicious-package advisories with IDs prefixed MAL-. Confidence 0.95.

pypi_yank

Versions yanked on PyPI with a security-related yanked_reason annotation. Confidence 0.80.

Supply chain overview All PyPI packages AutoGen AgentChat LangChain Core Response fields