OpenAI and Vercel AI score clean. Anthropic hides two CRITICAL deps. LangChain has three. The March 2026 LiteLLM supply chain attack followed a pattern that was visible beforehand: a single maintainer, millions of downloads, no organizational backing. The attack came via a backdoored Trivy GitHub Action in LiteLLM's CI pipeline. Behavioral signals were pointing at the risk before the incident happened. I built getcommit.dev to surface exactly these signals. This week I ran it against the dependency trees of every major AI SDK to answer a simple question: which one is safest to depend on? The answer surprised me. The method Running npx proof-of-commitment @anthropic-ai/sdk gives you the surface-level score. That's the direct package. The more interesting test is depth 2: scan what the SDK's own dependencies depend on. That's where hidden risk lives.…