plugin-hunter
v1.1.1npm· JavaScriptph — Scan Claude Code / Codex CLI / Gemini CLI plugins for malicious hooks, poisoned SKILL.md, and MCP tool-poisoning *before* you install. Uses your local LLM CLI as the judge — no API key required.
The verdict
Maintained. Maintained, actively maintained.
Live from the npm registry · derived rules, not AI
How it scores
MaintenanceHealthy
PopularityUnknown
SecurityClean
LicensePermissive
DepsLean
Maintenance
Last published this month.
Popularity
Download count unavailable.
Security
No known advisories for this version (OSV).
License
MIT
Dependencies
3 direct dependencies
Recent releases
- 1.1.1this month
- 1.1.0this month
- 1.0.0this month
- 0.1.01 month ago