PkgRadar

Coverage

Nine ecosystems, one gate.

Every release we ingest is scanned, persisted, and clustered against the rest of the corpus the same way regardless of registry. The hunter for each ecosystem runs on a 60-second loop; the CLI auto-detects supported lockfiles in your repo and routes specs to the right scanner.

87.2%of malware we caught around or before its public disclosure, we flagged ahead of the advisory
  • median 1.0 days ahead of disclosure
  • over the last 90 days, across npm + PyPI
  • 1,555 of 1,783 malicious releases caught at or before disclosure, flagged first

When PkgRadar catches a malicious package, we measure how long before it appeared in the public OSV advisory database — positive lead means we flagged it first. The rate excludes packages we only first analyzed more than a week after they were already public (historical backfill, not proactive detection).

npmregistry.npmjs.org
Packages scanned
3.5M
High risk
42,522
Review
327.4K
High-severity findings
210.3K
Last scan
9m ago

JavaScript / Node.js. Largest registry by package count and the most common supply-chain attack target; the scanner covers preinstall hooks, install-time remote payloads, lifecycle-diff vs prior release, and known-IOC filename matching.

package-lock.jsonnpm-shrinkwrap.jsonpnpm-lock.yaml+1 moreView detail →
PyPIpypi.org
Packages scanned
430.5K
High risk
6,025
Review
85,627
High-severity findings
15,799
Last scan
9m ago

Python. Source distributions execute setup.py at install time, making it the canonical Python supply-chain surface. Wheels skip setup.py but ship native code; the scanner walks both formats, with a rustpython-parser AST analyzer for source files.

requirements.txtrequirements.lockPipfile.lock+3 moreView detail →
RubyGemsrubygems.org
Packages scanned
17,976
High risk
281
Review
2,279
High-severity findings
657
Last scan
9m ago

Ruby. C-extension gems run extconf.rb at install time; the scanner gates on shell-out paired with eval/network/deserialize combos so legit pkg-config / make calls aren't penalized.

Gemfile.lockgems.lockedView detail →
Cargocrates.io
Packages scanned
308.3K
High risk
1,545
Review
50,513
High-severity findings
2,225
Last scan
10m ago

Rust. build.rs runs on `cargo build`; proc-macro crates' library code runs during the consumer's compilation. Detection focuses on Process::Command + network/base64/env-token combos at build time.

Cargo.lockView detail →
Mavenrepo1.maven.org
Packages scanned
172.3K
High risk
61
Review
6,940
High-severity findings
32
Last scan
1h ago

Java / JVM, including Android. Both `.jar` and Android `.aar` releases are fetched and walked — an `.aar`'s nested `classes.jar` is unpacked and inspected too. Releases get indicator-filename, native-blob, JNDI/Log4Shell-family class-path, and manifest/AndroidManifest signals; when a source jar is present it gets full static analysis (Runtime.exec, reflection-based exec bypass, URLClassLoader.defineClass, untrusted deserialization, static-init side effects).

pom.xmlView detail →
NuGetnuget.org
Packages scanned
524K
High risk
183
Review
30,850
High-severity findings
78
Last scan
9m ago

.NET. The PowerShell hook trio is the canonical NuGet supply-chain attack vector. Scanner covers IEX stagers, hidden powershell.exe spawns, base64 decode combos, Run-key persistence, and CI/CD secret env reads at hook time.

packages.lock.jsonpackages.configproject.assets.jsonView detail →
Composerpackagist.org
Packages scanned
40,619
High risk
1,342
Review
7,071
High-severity findings
4,816
Last scan
9m ago

PHP. composer.json scripts run shell during install; PHP source carries the eval/exec primitives. Detection gates on combos: base64/gz/hex decode + eval/exec, remote include/require, deprecated assert(string) backdoor, and remote-fetch-with-exec chains.

composer.lockView detail →
Go modulesproxy.golang.org
Packages scanned
2.2M
High risk
5,081
Review
396.1K
High-severity findings
5,863
Last scan
9m ago

Go. Modules are immutable in the public proxy, so the supply-chain surface is install-time init() side effects, cgo C code, build-tagged stubs, and `replace` redirects. The module zip is fetched from proxy.golang.org and walked for indicator filenames and cross-language exec/network/exfil string signals.

go.modgo.sumView detail →
Pub (Dart)pub.dev
Packages scanned
27,812
High risk
8
Review
1,504
High-severity findings
8
Last scan
14m ago

Dart / Flutter. Pub packages can ship build_runner code generators that execute at consumer build time, plus dart:ffi native library loads. The package archive is fetched from pub.dev and walked for indicator filenames and cross-language exec/network/exfil string signals.

pubspec.lockView detail →

Same gate, any ecosystem

One command, every supported registry.

The CLI auto-detects lockfiles in your working dir; the spec format is inferred from the version separator (or set explicitly with --ecosystem when npm, Cargo, RubyGems, NuGet, Composer, and Maven all use name@version).

# Lockfile mode — works for any of the CLI's supported formats:
pkgradar gate --lockfile package-lock.json
pkgradar gate --lockfile poetry.lock
pkgradar gate --lockfile Gemfile.lock
pkgradar gate --lockfile Cargo.lock
pkgradar gate --lockfile pom.xml
pkgradar gate --lockfile composer.lock
pkgradar gate --lockfile packages.lock.json

# Ad-hoc specs — PyPI uses ==, the rest use @ (disambiguate with --ecosystem):
pkgradar gate requests==2.31.0
pkgradar gate --ecosystem maven com.fasterxml.jackson.core:[email protected]
pkgradar gate --ecosystem composer symfony/[email protected]

Go and Pub are fully scanned and gate-able over the HTTP API (POST /gate/go, POST /gate/pub); CLI lockfile parsing for go.sum and pubspec.lock is on the roadmap.