npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

packsentry

v2.1.1

Published

npm dependency security scanner and package threat analysis tool

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

manakraj57_2006manakraj57_2006

Keywords

npmsecurityscannerdependencyauditsupply-chainclimalwaretyposquattingpackages

Readme

PackSentry

PackSentry is a security-focused dependency analysis tool for the npm ecosystem.

It helps developers identify suspicious, risky, low-trust, and potentially malicious npm packages before installation.

PackSentry performs lightweight supply-chain analysis directly from the command line with zero configuration.

Features

  • Package risk analysis
  • Typosquatting detection
  • Known malicious package detection
  • Dangerous install script analysis
  • Suspicious shell command detection
  • Dependency trust evaluation
  • Package popularity analysis
  • Package age analysis
  • Security scoring engine
  • Local project dependency scanning
  • Fast CLI workflow

Installation

Global Installation

npm install -g packsentry

Using NPX

npx packsentry express

Usage

Analyze a Package

packsentry express

Detect Suspicious Packages

packsentry axois

Scan Local Project Dependencies

packsentry scan .

Example Output

Trusted Package

PACKSENTRY REPORT
----------------------------

Package: express
Description: Fast, unopinionated, minimalist web framework
Latest Version: 5.2.1
Weekly Downloads: 104948193
Last Modified: 2026-05-11T18:50:00.386Z

Risk Level: LOW
Security Score: 95/100

Suspicious Package Detection

PACKSENTRY REPORT
----------------------------

Package: axois
Description: security holding package
Latest Version: 0.0.1-security
Weekly Downloads: 1534
Last Modified: 2022-04-11T16:25:50.920Z

Risk Level: HIGH
Security Score: 28/100

POSSIBLE TYPOSQUATTING DETECTED
Did you mean: axios

Security Checks

PackSentry currently analyzes:

  • typosquatting similarity
  • dangerous install scripts
  • suspicious shell commands
  • package popularity
  • package metadata
  • package age
  • ecosystem trust signals
  • malicious package indicators
  • dependency trust signals

Risk Levels

| Risk Level | Description | | ---------- | ------------------------------------------- | | LOW | Trusted and widely used package | | MEDIUM | Caution recommended | | HIGH | Potentially suspicious or malicious package |

Local Project Scanning

PackSentry can analyze dependencies from a local Node.js project.

packsentry scan .

This helps developers audit dependencies before installation or deployment.

Architecture

src/
|-- analyzers/
|-- cli/
|-- data/
|-- scanners/
`-- index.js

Tech Stack

  • Node.js
  • ES Modules
  • Axios
  • Chalk
  • Ora
  • Jaro-Winkler
  • CLI Table

Planned Features

  • dependency tree analysis
  • lockfile analysis
  • GitHub repository reputation analysis
  • maintainer trust scoring
  • JSON output mode
  • CI/CD integration
  • advanced malware heuristics
  • VS Code extension

Development

git clone https://github.com/ManakRaj-7/packsentry.git

cd packsentry

npm install

License

MIT

Author

Manak Raj

GitHub: https://github.com/ManakRaj-7

npm: https://www.npmjs.com/package/packsentry

Purpose

PackSentry was created to improve transparency and security within the npm ecosystem by helping developers make safer dependency decisions.