sandtrap

command
v0.1.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 6, 2026 License: MIT Imports: 2 Imported by: 0

Documentation

Overview

Sandtrap — behavioral supply chain scanner for npm and PyPI packages.

It inspects package tarballs and registry metadata for the patterns used by real-world supply chain attacks (Shai-Hulud, Mini Shai-Hulud, axios compromise, etc.): install-script hooks, obfuscated payloads, credential harvesting and exfiltration primitives.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL