Security●Mid
I built an AI-agent skill to audit supply-chain attack exposure
Dependabot already does this without the AI agent overhead.
Ship It
WasimBhai
1017d ago
Back to browse
GitHub Repository
Package Quarantine and Urgent Release Protocol (PQURP)
4 stars
Pqurp – Quarantine Window for Packages to Prevent Supply Chain Attacks
by exec7·May 13, 2026·5 points·0 comments
AI Analysis
●MidBold Bet
Speculative protocol for package quarantine without a reference implementation or registry buy-in.
Strengths
- •Concrete mechanism for delaying release propagation without breaking existing workflows.
- •Urgent signal differentiates critical security fixes from routine updates clearly.
- •Targets the instantaneous distribution assumption exploited by supply chain attacks.
Weaknesses
- •No reference implementation proves feasibility or performance impact on registries.
- •Requires massive coordination across npm, PyPI, and other registries to function.
Category
Target Audience
Package registry maintainers, security engineers
Similar To
Sigstore · SLSA · npm audit
Similar Projects
Security●●●Banger
Pipguard – pre-install malware scanner for Python supply-chain attacks
Behavioral malware scanning before install, unlike pip-audit.
Solve My Problem
secondmod
202mo ago
Security●●Solid
Pytest tests catching Python supply chain attacks (litellm .pth vector)
Catches .pth injection vectors from the litellm attack when Snyk and Dependabot miss them.
Dark HorseSolve My Problem
qualitymax
202mo ago
Security●●Solid
Scanner to check if you are affected by the axios supply chain attack
Forensic triage CLI with verdict system for axios IOC detection.
Solve My ProblemShip It
aeneas_ory
202mo ago
Data●●Solid
Map of 90 companies in the co-packaged optics supply chain
Maps hidden monopolies like Soitec wafers and Ajinomoto dielectric films.
Niche GemRabbit Hole
lboquillon
1026d ago
Security●Mid
Lateos/NPM-scan – open-source NPM supply chain scanner, v0.18.3
NPM supply chain scanner competing against Socket, Snyk, and npm audit.
Ship It
lateos-ai
1010d ago