Socket for GitHub
Detect suspicious packages in PRs
Use Socket from the command line
Socket Dependency Search
Find any package for your project
Want to read all the docs? Start here.
Keep up to date with all the news.
See why developers love Socket.
Bin script shell injection
This package re-exports a well known shell command via an npm bin script. This is possibly a supply chain attack
Packages should not export bin scripts which conflict with well known shell commands