Security●●Solid
Scanner to check if you are affected by the axios supply chain attack
Forensic triage CLI with verdict system for axios IOC detection.
Solve My ProblemShip It
aeneas_ory
202mo ago
Back to browse
GitHub Repository
Run [ npm i ] safely, audit installs inside a docker container.
1 starsGo
New NPM Supply chain Attack?
by adamgonda·May 20, 2026·2 points·0 comments
AI Analysis
●●SolidSolve My ProblemBig Brain
Docker isolation + tcpdump catches malicious npm installs before they touch your machine.
Strengths
- •Network traffic capture during install reveals hidden callbacks to unexpected domains
- •Docker isolation prevents malicious lifecycle scripts from affecting host system
- •CI support with --auto-approve --strict for automated pipelines
Weaknesses
- •Requires Docker running on every developer machine, adds friction to local workflow
- •Doesn't analyze package code itself—only monitors network behavior during install
Category
Target Audience
Node.js developers, security-conscious teams
Similar To
Socket.dev · npm audit · Snyk
Post Description
Defend agains npm supplychain attacks!
Similar Projects
Security●●Solid
Give This Markdown to Your Coding Agent Before Publishing to NPM
Better than scrolling Sonatype blogs when you need a quick npm security checklist.
Niche GemSolve My Problem
freakynit
3024d ago
Security●Mid
Lateos/NPM-scan – open-source NPM supply chain scanner, v0.18.3
NPM supply chain scanner competing against Socket, Snyk, and npm audit.
Ship It
lateos-ai
1011d ago
Security●●●Banger
Pipguard – pre-install malware scanner for Python supply-chain attacks
Behavioral malware scanning before install, unlike pip-audit.
Solve My Problem
secondmod
202mo ago
Security●Mid
Pqurp – Quarantine Window for Packages to Prevent Supply Chain Attacks
Speculative protocol for package quarantine without a reference implementation or registry buy-in.
Bold Bet
exec7
501mo ago
Security●●Solid
Pytest tests catching Python supply chain attacks (litellm .pth vector)
Catches .pth injection vectors from the litellm attack when Snyk and Dependabot miss them.
Dark HorseSolve My Problem
qualitymax
202mo ago