Socket Web Extension
Spot malicious packages on the web
Get real-time threats detection on any website or configure for specific sites, i.e. GitHub, npm, PyPI, Maven Central, pkg.go.dev, Stack Overflow
Protecting the best engineering teams in the world
Instant Security Insights for Smarter Dependency Choices
- Security metrics for npm, PyPI, Go, and Maven package pages and search results
- Identify potential threats such as malware, typo-squatting, and vulnerable dependencies
- Customizable Site Access: You can control the sites where the extension is active
- View the total number of threats detected
Socket is one of the most interesting approaches to supply chain security. If you are interested in the risks of malicious deps in your apps, I definitely recommend taking a look at Socket!
Devdatta Akhawe
Security and Production Engineering at Figma
We help security teams work more efficiently
Cut through the noise and focus on real threats.
Get actionable alerts for the supply chain risks that matter. Socket highlights risky dependencies directly within the developer workflow.