Shai-Hulud-2.0-Detector

Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.

npm

View on GitHub Website

124 Stars

34 Forks

124 Watchers

TypeScript Language

mit License

100 SrcLog Score

Cost to Build

$175.5K

Market Value

$631.0K

How is this calculated?

Growth over time

1 data points · 2026-04-09 → 2026-04-09

Stars Forks Watchers

💬

How do you feel about this project?

Ask AI about Shai-Hulud-2.0-Detector

Question copied to clipboard

What is the gensecaihq/Shai-Hulud-2.0-Detector GitHub project? Description: "Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.". Written in TypeScript. Explain what it does, its main use cases, key features, and who would benefit from using it.

Question is copied to clipboard — paste it after the AI opens.

How to clone Shai-Hulud-2.0-Detector

Clone via HTTPS

git clone https://github.com/gensecaihq/Shai-Hulud-2.0-Detector.git

Clone via SSH

[email protected]:gensecaihq/Shai-Hulud-2.0-Detector.git

Download ZIP

Download master.zip

Found an issue?

Report bugs or request features on the Shai-Hulud-2.0-Detector issue tracker:

Open GitHub Issues

Similar to Shai-Hulud-2.0-Detector

meteor yarn nodebestpractices lerna semantic-release pnpm verdaccio np awesome-npm jsdelivr release cnpmjs.org npm-run-all reactopt thanks windows-build-tools npx ifvisible.js eslint-plugin-vue npm-windows-upgrade ndm ungrid greenkeeper notes nrm awesome-awesome-nodejs bolt how-to-npm release-it nps