
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
appmesh
Advanced tools
App Mesh is a secure platform for executing and managing user-defined process behaviors as managed services, providing control and integration via CLI and RESTful APIs.
App Mesh = systemd + scheduler + remote exec + API
Manages user-defined processes in a way similar to systemd services or Docker-managed processes, while providing more advanced capabilities for control, security, and integration.
# List registered applications
$ appc ls
ID NAME OWNER STATUS HEALTH PID USER MEMORY %CPU RETURN AGE DURATION STARTS COMMAND
1 pyexec mesh disabled - - - - - - 37s - 0 "python3 ../../bin/py_exec.py"
2 ping mesh enabled OK 747 root 5.9 MiB 0 - 37s 37s 1 "ping cloudflare.com"
3 pytask mesh enabled OK 748 root 29.7 MiB 0 - 37s 37s 1 "python3 ../../bin/py_task.py"
# Add app
$ appc add -a myapp -c "ping www.baidu.com"
# View app
$ appc ls -a myapp -o
PING www.baidu.com (183.2.172.17) 56(84) bytes of data.
64 bytes from 183.2.172.17 (183.2.172.17): icmp_seq=1 ttl=52 time=34.9 ms
64 bytes from 183.2.172.17 (183.2.172.17): icmp_seq=2 ttl=52 time=35.1 ms
64 bytes from 183.2.172.17 (183.2.172.17): icmp_seq=3 ttl=52 time=35.3 ms
# appc -h for more usage
Supports not only long-running services, but also scheduled and policy-driven executions, with remote control and execution status tracking.
Interact with a running application by sending tasks or data to it and receiving responses through the SDK.
from appmesh import AppMeshClient
client = AppMeshClient()
client.login("USER-NAME", "USER-PWD")
result_from_server = "0"
for i in range(10):
task_data = f"print({result_from_server} + {i}, end='')"
result_from_server = client.run_task(app_name="pytask", data=task_data)
print(result_from_server)
| Feature | Description |
|---|---|
| App Management | đ§Š App CURD with Full Remote Control â including cgroup, OS user, environment variables, Docker, stdin, and stdout â along with comprehensive monitoring (start counts, exit codes, error messages, health checks). đ§Š Fine-Grained Behavior Control & Scheduling â supports long- and short-running tasks, periodic jobs, cron schedules, custom timings, and robust error handling. đ§Š Multi-Tenancy â built-in user ownership model and access controls. đ§Š Unified Access Interface â interact via CLI, REST, SDK or WebGUI. |
| Computing | đ High-performance in-memory computing âļī¸ Remote execution |
| Security | đ Authentication: OAuth, 2FA, YAML-based storage (local or Consul for clustering) đ Authorization: JWT, RBAC, multi-tenant isolation đ Protection: SSL/TLS for TCP/HTTP/WebSocket, CSRF tokens, HMAC with PSK for non-token verification |
| Cloud Native | đŠī¸ Prometheus Exporter (build-in) đŠī¸ Grafana SimpleJson datasource đŠī¸ Grafana Loki đŠī¸ Dockerfile đ§ą Consul micro-service cluster management |
| Extra Features | Collect host/app resource usage Remote shell command execution File upload/download API Hot-update support systemctl reload appmesh Bash completion Request Forwarding đWeb GUI |
| Echosystem | LLM: Model Context Protocol (MCP) IoT: MQTT |
| Platform support | X86, ARM |
| SDK | C++, Rust, Python, Golang, JavaScript, Java, Swagger OpenAPI Specification |
Refer to the Installation doc, this covers:

| Feature | App Mesh | Supervisor | crontab |
|---|---|---|---|
| Accuracy | Seconds | Seconds | Minutes |
| Language | C++11 | Python | C |
| Web GUI | â | â | |
| Command lines | â | â | â |
| SDK | â | ||
| Cron schedule expression | â | â | |
| Manage docker app | â | ||
| Session login | â | ||
| Manage stdout/stderr | â | â | |
| Health check | â | ||
| Authentication | â | â | |
| Multi-tenant | â | â |

FAQs
Client SDK for App Mesh
We found that appmesh demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.