@atcrabtree/malware-scanner
v0.1.3
Published
Scan npm packages for malware and security vulnerabilities
Downloads
44
Maintainers
atcrabtreeReadme
@atcrabtree/malware-scanner
Scan npm packages for malware and security vulnerabilities.
Installation
# Install globally via npm
npm install -g @atcrabtree/malware-scanner
# Or run directly with npx
npx @atcrabtree/malware-scanner scan lodashQuick Start
# Authenticate (required for higher rate limits)
malware-scanner login
# Scan a single package
malware-scanner scan lodash
# Scan a specific version
malware-scanner scan [email protected]
# Scan multiple packages
malware-scanner batch lodash express react vueCommands
login
Authenticate with the malware scanner service via Google or GitHub OAuth.
malware-scanner login
malware-scanner login --name "MacBook Pro" # Name this token
malware-scanner login --force # Re-authenticatelogout
Sign out and revoke your CLI token.
malware-scanner logoutwhoami
Display information about your current session.
malware-scanner whoamiscan
Scan a single npm package for malware.
malware-scanner scan <package>
# Options:
# -v, --version <version> Specific version to scan
# -f, --format <format> Output format: console or json (default: console)
# Examples:
malware-scanner scan lodash
malware-scanner scan [email protected]
malware-scanner scan lodash --format jsonbatch
Scan multiple npm packages concurrently.
malware-scanner batch <packages...>
# Options:
# -c, --concurrency <n> Number of concurrent scans (default: 3)
# -f, --format <format> Output format: console or json (default: console)
# --fail-fast Stop on first critical threat
# Examples:
malware-scanner batch lodash express react
malware-scanner batch lodash express -c 5
malware-scanner batch lodash express --format jsonExit Codes
| Code | Meaning | |------|---------| | 0 | All packages clean | | 1 | Warnings detected | | 2 | Critical threats detected |
Rate Limits
| Tier | Scans/Hour | |------|------------| | Anonymous | 10 | | Authenticated | 100 | | Premium | 1000 |
Authenticate with malware-scanner login to increase your rate limit.
Configuration
The CLI stores credentials in ~/.config/malwarescanner/credentials.json.
You can override the API URL with:
export MALWARE_SCANNER_API_URL=https://custom-api.example.comBuilding from Source
# Clone the repository
git clone https://github.com/noderiety/malware-scanner.git
cd malware-scanner/packages/cli-public
# Install dependencies
bun install
# Build TypeScript
bun run build
# Build native binary (current platform)
bun run build:binary
# Build for all platforms
bun run build:allLicense
MIT