supplycheck: a 5-second supply chain risk read for any package

The problem we kept hitting

Vetting a single suspicious-looking package, end-to-end, takes an annoying number of tabs. Registry page for maintainer and publish history. OSV.dev for advisories. GitHub advisories database for the longer write-ups. deps.dev for usage and provenance. Maybe a quick npm viewon the side. Multiply by every PR that touches a dependency, every Slack message that starts with “is this package legit?”, every late-night npm installof something you’ve never heard of.

There are real SCA platforms that do this and a lot more. We build one. But spinning up a full scanner is the wrong tool when the actual question is “wait, is this a typosquat?” — and the right tool, until today, was five browser tabs.

So we built supplycheck (opens in a new tab). It’s free, it runs entirely in your browser, and it answers that one narrow question fast.

What it does

Paste a package name (or a lockfile, or a multi-package list) and pick the ecosystem. supplycheck queries the public registry APIs and OSV.dev (opens in a new tab) directly from your browser, runs a set of heuristics, and gives you:

• A letter grade (A–F) for the currently published version
• A breakdown of every signal that contributed to the grade, with severity
• A separate section for historical advisories affecting older versions (these are listed but do not pull the current grade down — more on that in a second)
• Confirmed-malicious flags when an advisory says so explicitly (MAL-* IDs from OpenSSF Malicious Packages, database_specific.malware markers from GHSA, malware keywords in advisory bodies)

Supported ecosystems: npm, PyPI, Maven, Go modules, NuGet.

Universal signals (every ecosystem): typosquat distance against popular-package baselines, package age, single-maintainer / bus-factor risk, missing repository link, Unicode homoglyphs in the name, stale releases. Plus ecosystem-specific checks: install scripts, sigstore provenance, and bin collisions for npm; sdist-only releases, PEP 740 attestations, and yanks for PyPI; reverse-DNS namespace conventions for Maven; import path host checks for Go; unlisted/deprecated state for NuGet.

No backend. No account. No telemetry. Nothing leaves your browser except the registry and OSV requests you’d be making anyway.

Three examples that show the shape of the output

lodash (npm) — Grade A. Two low-severity findings on the current version: single maintainer, no sigstore provenance attestation. The historical advisories panel lists ten older issues — prototype pollution, ReDoS, command injection — all fixed in versions you should not be running. This is the right answer. The version you’d install today is fine; pretending it isn’t because of advisories against versions from 2018 would be noise.

loadsh (npm) — Grade C. A real package on the registry right now. Two edits from lodash (high), deprecated (medium), 7.7 years stale (low), single maintainer, no provenance. This is the canonical typosquat, and it has caught real victims. The grade exists to make you stop for five seconds before you autocomplete-install the wrong thing.

event-stream (npm) — Grade A on the current 4.0.1. The current version is clean. The historical advisory panel surfaces GHSA-mh6f-8j2x-4483 — the 2018 flatmap-stream backdoor that targeted bitcoin wallets. The split matters: the package is safe to install today, and the history is preserved so you understand why your search engine results look the way they do.

What it explicitly doesn’t do

We’d rather you trust this tool than oversell it.

• It does not inspect package source contents
• It does not execute install scripts in a sandbox
• It does not walk transitive dependencies past the top-level lockfile parse
• There is no runtime telemetry or behavioral analysis
• A high-severity finding is not proof of malice. A clean grade is not proof of safety.

supplycheck is a heuristic-driven smell test. It is designed as a starting point for human review, not an automated gatekeeper. For deep, content-aware analysis — source inspection, transitive graph walking, malicious-behavior modeling — you want a real scanner, and that’s the work we do in Intercept.

Why we built it (and put it out for free)

Our team uses this internally every day. Releasing it for free was the obvious move: the alternative is everyone else opening five tabs, and a lot of supply chain compromise starts with one person installing one wrong package.

It also makes our thinking on supply chain risk legible — the signals we picked, how we calibrate severity, what we deliberately leave out. That same posture (transparent signals, conservative grading, honest limits) is what goes into Intercept. supplycheck is the smallest, most public version of it.