Skip to content
#

npm-security

Star

Here are 10 public repositories matching this topic...

Language: All
Filter by language
All 10 JavaScript 3 Shell 2 TypeScript 2 PowerShell 1 Rust 1

triconinfotech / shai-hulud-malicious-packages

Star 6

Autonomous “Shai-Hulud” engine that ingests malicious NPM package advisories from OSV, tracks versions and metadata, and maintains a continuously updated threat intelligence database.

nodejs npm security automation infosec osv security-tools devsecops threat-intelligence malware-detection github-actions open-source-security supply-chain-security package-security npm-security shai-hulud shai-hulud-detector shai-hulud2-detector malicious-packages-db
  • Updated Jan 28, 2026
  • JavaScript

dream-horizon-org / sentinel

Star 4

Sentinel Package Manager blocks compromised packages BEFORE installation, preventing malicious code execution. Features: Pre-install blocking, command interception (npm/yarn/pnpm/bun), 795+ blacklist (Shai-Hulud), real-time checks (OSV/GitHub/Snyk), zero dependencies, auto-updates. Counters supply chain attacks.

npm security package-manager blacklist yarn pnpm security-tools bun vulnerability-scanner malware-detection zero-dependencies dependency-security supply-chain-security npm-security shai-hulud supply-chain-attack pre-install-validation package-validation npm-worm compromised-packages
  • Updated Dec 2, 2025
  • JavaScript

agentic-dev3o / sandbox-shell

Star 3

macOS Seatbelt sandbox CLI for developers. Protect credentials (SSH, AWS, GPG) from malicious npm packages, supply chain attacks, and untrusted build scripts. Deny-by-default filesystem isolation. Perfect for Claude Code agentic workflows with --dangerously-skip-permissions.

macos shell rust cli security terminal sandbox developer-tools seatbelt supply-chain-security sandbox-exec credential-protection agentic-ai claude-code npm-security
  • Updated Jan 31, 2026
  • Rust

josedacosta / shai-hulud-detector

Star 2

🛡️ Advanced NPM supply chain attack detection tool - Specialized in detecting Shai-Hulud compromise indicators with beautiful CLI interface and automated security reporting

threat-hunting vulnerability-detection security-analysis malware-detection defensive-security npm-audit malicious-packages compromise-detection crypto-stealer npm-security shai-hulud shai-hulud-detector shai-hulud-attack supply-chain-attack self-replicating-worm github-actions-malware bundle-js-detection trufflehog-abuse cli-security-tool package-scanner
  • Updated Sep 19, 2025
  • TypeScript

Improve this page

Add a description, image, and links to the npm-security topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the npm-security topic, visit your repo's landing page and select "manage topics."

Learn more