Explore all analyzed open source repositories
Supply Chain Monitor is a powerful tool by Elastic designed to automatically detect supply chain compromises in popular PyPI and npm packages. It polls registries for new releases, diffs them against predecessors, and uses an LLM via Cursor Agent CLI to classify changes as benign or malicious. Malicious findings trigger immediate Slack alerts, enhancing security for your software dependencies.
