📦 Package Supply Chain Sentinel
$19
Vet dependency changes for supply-chain risk before you install, commit, or release. Scans package and lockfile diffs for install-time lifecycle scripts, non-registry sources, suspicious download commands, typosquatting, and floating versions, across npm, pnpm, yarn, pip, uv, and poetry. Flags what to review with evidence. No install required.
1
securitysupply-chainnpm+3