ompsure
Sentinel
/sentinel:package-riskPRO

Package Risk Analysis

Analyzes an installed package's source code for suspicious behavior patterns — eval calls, network requests, environment access, and obfuscation.

What it does

Inspects actual source code, not just metadata
Detects supply chain attack patterns
Supports JS, Python, Rust, and Go ecosystems

What you get by plan

PRO

Supply chain risk scoring from actual package source, not metadata.

  • Eval, exec, and dynamic-require detection
  • Outbound network and env-var access flags
  • Obfuscation and minified-payload signals
  • File:line context per suspicious pattern
  • JS, Python, Rust, Go ecosystems

Try it in your terminal

Install free. No credit card required.