I built Warden - a free security CLI to catch malicious npm packages

Hey! I just released Warden v2.0, a CLI tool that scans your Node.js dependencies for malicious packages, typosquatting, and supply chain attacks. I got tired of not knowing if my dependencies were safe. npm audit shows CVEs, but what about packages hiding malware with obfuscated code or stealing your AWS credentials? So I built this. What it does: Scans node_modules for dangerous patterns (obfuscation, credential theft, system execution, etc.) Runs npm/pnpm/yarn audits with readable output Monitors your network in real-time to see what your node processes are doing Checks for license compliance Enforces security policies across your team All 100% local - no data leaves your machine. Try it: npm install -g warden-cli warden scan . warden monitor warden doctor Feedback and contributions welcome! https://github.com/camilolb/warden/