pkgradar

v0.1.4npm· JavaScript

Content-based supply-chain scanner for npm/pnpm/yarn/bun: inspects the bytes you actually installed (lifecycle hooks, obfuscated payloads, worm IOCs) instead of just matching package names against an advisory list.

The verdict

Maintained. Niche but maintained, actively maintained.

Live from the npm registry · derived rules, not AI

How it scores

MaintenanceHealthy

PopularityNiche

SecurityClean

LicensePermissive

DepsZero deps

Maintenance

Last published this month.

Popularity

17 downloads / week

Security

No known advisories for this version (OSV).

License

MIT

Dependencies

No runtime dependencies

Recent releases

0.1.4this month
0.1.3this month
0.1.2this month
0.1.1this month
0.1.0this month