Coverage
Nine ecosystems, one gate.
Every release we ingest is scanned, persisted, and clustered against the rest of the corpus the same way regardless of registry. The hunter for each ecosystem runs on a 60-second loop; the CLI auto-detects supported lockfiles in your repo and routes specs to the right scanner.
- median 1.0 days ahead of disclosure
- over the last 90 days, across npm + PyPI
- 1,555 of 1,783 malicious releases caught at or before disclosure, flagged first
When PkgRadar catches a malicious package, we measure how long before it appeared in the public OSV advisory database — positive lead means we flagged it first. The rate excludes packages we only first analyzed more than a week after they were already public (historical backfill, not proactive detection).
registry.npmjs.org- Packages scanned
- 3.5M
- High risk
- 42,522
- Review
- 327.4K
- High-severity findings
- 210.3K
- Last scan
- 9m ago
JavaScript / Node.js. Largest registry by package count and the most common supply-chain attack target; the scanner covers preinstall hooks, install-time remote payloads, lifecycle-diff vs prior release, and known-IOC filename matching.
pypi.org- Packages scanned
- 430.5K
- High risk
- 6,025
- Review
- 85,627
- High-severity findings
- 15,799
- Last scan
- 9m ago
Python. Source distributions execute setup.py at install time, making it the canonical Python supply-chain surface. Wheels skip setup.py but ship native code; the scanner walks both formats, with a rustpython-parser AST analyzer for source files.
rubygems.org- Packages scanned
- 17,976
- High risk
- 281
- Review
- 2,279
- High-severity findings
- 657
- Last scan
- 9m ago
Ruby. C-extension gems run extconf.rb at install time; the scanner gates on shell-out paired with eval/network/deserialize combos so legit pkg-config / make calls aren't penalized.
crates.io- Packages scanned
- 308.3K
- High risk
- 1,545
- Review
- 50,513
- High-severity findings
- 2,225
- Last scan
- 10m ago
Rust. build.rs runs on `cargo build`; proc-macro crates' library code runs during the consumer's compilation. Detection focuses on Process::Command + network/base64/env-token combos at build time.
repo1.maven.org- Packages scanned
- 172.3K
- High risk
- 61
- Review
- 6,940
- High-severity findings
- 32
- Last scan
- 1h ago
Java / JVM, including Android. Both `.jar` and Android `.aar` releases are fetched and walked — an `.aar`'s nested `classes.jar` is unpacked and inspected too. Releases get indicator-filename, native-blob, JNDI/Log4Shell-family class-path, and manifest/AndroidManifest signals; when a source jar is present it gets full static analysis (Runtime.exec, reflection-based exec bypass, URLClassLoader.defineClass, untrusted deserialization, static-init side effects).
nuget.org- Packages scanned
- 524K
- High risk
- 183
- Review
- 30,850
- High-severity findings
- 78
- Last scan
- 9m ago
.NET. The PowerShell hook trio is the canonical NuGet supply-chain attack vector. Scanner covers IEX stagers, hidden powershell.exe spawns, base64 decode combos, Run-key persistence, and CI/CD secret env reads at hook time.
packagist.org- Packages scanned
- 40,619
- High risk
- 1,342
- Review
- 7,071
- High-severity findings
- 4,816
- Last scan
- 9m ago
PHP. composer.json scripts run shell during install; PHP source carries the eval/exec primitives. Detection gates on combos: base64/gz/hex decode + eval/exec, remote include/require, deprecated assert(string) backdoor, and remote-fetch-with-exec chains.
proxy.golang.org- Packages scanned
- 2.2M
- High risk
- 5,081
- Review
- 396.1K
- High-severity findings
- 5,863
- Last scan
- 9m ago
Go. Modules are immutable in the public proxy, so the supply-chain surface is install-time init() side effects, cgo C code, build-tagged stubs, and `replace` redirects. The module zip is fetched from proxy.golang.org and walked for indicator filenames and cross-language exec/network/exfil string signals.
pub.dev- Packages scanned
- 27,812
- High risk
- 8
- Review
- 1,504
- High-severity findings
- 8
- Last scan
- 14m ago
Dart / Flutter. Pub packages can ship build_runner code generators that execute at consumer build time, plus dart:ffi native library loads. The package archive is fetched from pub.dev and walked for indicator filenames and cross-language exec/network/exfil string signals.
Same gate, any ecosystem
One command, every supported registry.
The CLI auto-detects lockfiles in your working dir; the spec format is inferred from the version separator (or set explicitly with --ecosystem when npm, Cargo, RubyGems, NuGet, Composer, and Maven all use name@version).
# Lockfile mode — works for any of the CLI's supported formats:
pkgradar gate --lockfile package-lock.json
pkgradar gate --lockfile poetry.lock
pkgradar gate --lockfile Gemfile.lock
pkgradar gate --lockfile Cargo.lock
pkgradar gate --lockfile pom.xml
pkgradar gate --lockfile composer.lock
pkgradar gate --lockfile packages.lock.json
# Ad-hoc specs — PyPI uses ==, the rest use @ (disambiguate with --ecosystem):
pkgradar gate requests==2.31.0
pkgradar gate --ecosystem maven com.fasterxml.jackson.core:[email protected]
pkgradar gate --ecosystem composer symfony/[email protected]
Go and Pub are fully scanned and gate-able over the HTTP API (POST /gate/go, POST /gate/pub); CLI lockfile parsing for go.sum and pubspec.lock is on the roadmap.