Tag

#supply-chain

3 entries tagged with #supply-chain.

packj - malicious dependency scanner

Static and dynamic analysis tool that flags malicious or vulnerable open-source packages across npm, PyPI, RubyGems, and more. Aimed at SolarWinds- and PyTorch-style supply-chain attacks.

#supply-chain #devsecops #python #malware-analysis #developer-tools

GitHub Tool

realstars - detect fake GitHub stars

Open-source rebuild of CMU's Star Scout that flags suspicious stargazer patterns on a repo. Useful when vetting trending repos before adding dependencies.

#github #developer-tools #supply-chain

GitHub Tool

AgentShield - security scanner for AI agents

CLI, GitHub Action, and GitHub App that scan agent configs, MCP servers, and tool permissions for vulnerabilities. Detects skill poisoning and prompt-injection vectors.

#security #mcp #claude-code #agent-security #supply-chain

Browse other tags

#developer-tools200 #claude-code177 #cli169 #rust99 #mcp88 #typescript84 #codex76 #go74 #ai-agent68 #python65 #self-hosted58 #devops51