npm install.Give it a package name, get a SAFE / SUSPICIOUS / DANGEROUS verdict with an explained risk score โ combining published CVE/GHSA advisories with behavioural red flags that plain CVE scanners miss.
| ๐ก๏ธ Known CVEs | cross-checks the exact version against published CVE/GHSA advisories via OSV.dev, with the precise fixed version to upgrade to |
| ๐ฏ Typosquatting | names 1โ2 edits from popular packages (lodahsโlodash, the 2026 easy-day-jsโdayjs campaign) |
| ๐ Install scripts | postinstall hooks piping remote downloads into a shell, spawning processes, eval, base64 droppers |
| ๐ Exfiltration | scripts reading AWS/GITHUB/NPM_TOKEN/PRIVATE_KEY or touching ~/.ssh, ~/.aws, .npmrc, wallet.dat |
| ๐ Low trust | freshly-published, no maintainers, no repo, deprecated, dependency-confusion |
GET /audit?name=express GET /audit?name=expres # โ SUSPICIOUS, typosquat of "express" GET /audit_many?names=react,axios,lodash
Try it: /audit?name=express ยท /audit?name=expres
{
"mcpServers": {
"npm-guardian": { "command": "npx", "args": ["-y", "npm-guardian-mcp"] }
}
}Or connect over HTTP at POST /mcp. Tools: audit_npm_package, audit_many.
The deep /pro/* audit has two payment lanes that coexist โ pick whichever fits you, both unlock the same deep tarball scan.
| ๐ณ Card (Stripe) | For humans/teams. Buy a prepaid API key at /pro/checkout, then send Authorization: Bearer <key> (or set NPM_GUARDIAN_KEY in your MCP config). |
| ๐ช x402 (USDC) | For AI agents with a wallet. Pays $0.02 USDC per call automatically โ no sign-up, no key. Settles on-chain on Base. |
GET /pro/audit?name=<pkg> # 402 (shows BOTH lanes) โ pay โ result GET /pro/audit_many?names=... # up to 50 packages