BETAmodules.com is in beta — open to partnerships & joint ventures.Build with us

cross-ecosystem search · live

Results for suspicious-package

Found in 2 of 7 ecosystemsnpm 1–24 of 1,072,642 · 3 matches across other registries

How we search: free-text on npm, crates.io, RubyGems, NuGet and Maven. PyPI and Go do exact-name lookup only. Tip: click an ecosystem chip below to filter; click Show all ecosystems to come back.

Sort

Auto-load on scroll

npm matches

Showing 24 of 1,072,642 · JavaScript

See all npm →

suspicious-packagev0.1.0

npm

Intentionally suspicious npm package for evaluating supply-chain security scanners.

Maintained. Maintained, actively maintained.

packsentryv2.1.1

npm

npm dependency security scanner and package threat analysis tool

Maintained. Maintained, actively maintained.

@nodesecure/js-x-rayv15.1.0

npm

JavaScript AST XRay analysis

Maintained. Maintained, actively maintained.

link-shieldv1.0.0

npm

Link Shield is a lightweight cybersecurity-focused npm package that detects suspicious and malicious URLs using heuristics, fuzzy matching, and threat intelligence patterns.

Aging — last published 8 months ago — check before adopting.

jalhydv4.19.1

npm

JaLHyd, a Javascript Library for Hydraulics

Aging — last published over a year ago — check before adopting.

sesv2.1.0

npm

Hardened JavaScript for Fearless Cooperation

Maintained. Maintained, actively maintained.

@promptshield/corev1.0.0

npm

The heart of the PromptShield ecosystem. A zero-dependency, isomorphic TypeScript engine for detecting invisible characters, BIDI overrides, and homoglyph attacks in AI prompts.

Maintained. Maintained, actively maintained.

slop-scanv0.3.0

npm

Deterministic CLI for finding AI-associated slop patterns in JavaScript and TypeScript repositories.

Maintained. Maintained, actively maintained.

lavamoat-browserifyv20.0.5

npm

browserify plugin for sandboxing dependencies with LavaMoat

Maintained. Maintained, actively maintained.

sha1-hulud-scannerv1.0.1

npm

Sha1-Hulud 2.0 npm supply chain attack scanner - Real-time detection using Koi.ai data

Aging — last published 6 months ago — check before adopting.

supplychain-firewall-benchmark-hellov1.10.2

npm

Benchmark package for testing SCA and repository firewall behavior. v1.0.0 is safe and prints "Hello World".

Aging — last published 8 months ago — check before adopting.

muaddib-scannerv2.11.60

npm

Supply-chain threat detection & response for npm & PyPI/Python

Maintained. Maintained, actively maintained.

@trailofbits/vsix-auditv0.3.0

npm

Security scanner for VS Code extensions

Maintained. Maintained, actively maintained.

mcp-path-guard-libv0.1.4

npm

OpenCode plugin and ESM library for guarding suspicious MCP path arguments.

Maintained. Maintained, actively maintained.

amifckedv0.1.5

npm

Find installed binaries and packages tied to supply-chain attacks or AI security incidents.

Maintained. Maintained, actively maintained.

@sumsub/fishermanv2.1.0

npm

The Sumsub Fisherman is a powerful tool that helps developers integrate fraud detection capabilities into their applications. With Fisherman, you can easily identify and prevent fraudulent activities within your system, providing a safer and more secure e

Maintained. Maintained, actively maintained.

supplychain-sentryv1.0.1

npm

Scan npm dependencies for supply chain security risks - detect malicious packages before they compromise your project