ChainWatch — Supply Chain Security Scanner

📦

Drop package.json, requirements.txt, or pyproject.toml here

or click to select file

Or paste your dependencies:

ℹ️ About ChainWatch

🎯 What is ChainWatch?

ChainWatch is an open-source supply chain security tool that detects typosquatting attacks, malicious packages, and suspicious dependencies in your projects.

🔍 How it Works

Typosquatting Detection — Compares package names against popular packages using Levenshtein distance
Malicious Package Database — Checks against known malicious packages
Maintainer Analysis — Identifies packages from new/suspicious accounts
Lockfile Analysis — Detects missing integrity hashes

🚀 Quick Start

# Install globally
npm install -g chainwatch

# Scan your project
chainwatch scan

# Check a single package
chainwatch check lodash

🔗 Links

GitHub Repository
Report Issues
MIT License

🔍 ChainWatch

🚨 Supply Chain Threat Alerts

ℹ️ About ChainWatch

🎯 What is ChainWatch?

🔍 How it Works

🚀 Quick Start

🔗 Links