Scan Your Dependencies.
Know Your Risk.
Paste or upload a package.json to instantly surface supply chain threats — malware, typosquatting, install script hijacking, and more.
No key? Just hit scan — we'll use a demo key so you can try it instantly. Have one? It stays in your browser and is sent only to Socket. Get a free API key →