supply-chain-audit

A read-only forensics scanner for npm / PyPI supply-chain compromise. Runs three IOC phases against the local machine and produces a clean PASS/FAIL verdict.

When to invoke

The user asked about supply-chain risk, a recently disclosed npm/PyPI compromise, whether their machine is affected, or wants to share this check with coworkers. Triggers reliably for both technical phrasing ("scan for IOCs", "audit my host") and casual phrasing ("am I cooked?", "is this safe?", "ya me hackearon?").

How it works

The IOC pack lives in iocs.json — a versioned list of campaigns, each with its persistence paths, payload filenames, payload hashes, C2/typosquat strings, optional-dependency markers, compromised package scopes, and attack windows. The scanner script scripts/scan.sh reads that file and runs three phases:

• Phase A — persistence: artifacts that survive reboot (LaunchAgent / systemd / Windows Run key / ~/.local/bin shims, dropper files in ~/.claude/setup.mjs / ~/.vscode/setup.mjs, named lock files).
• Phase B — code & cache: package versions present in any node_modules under the configured project roots, payload filenames anywhere on disk, malicious commit hashes / typosquat domains / payload SHA256s in lockfiles and source, optionalDependencies entries that resolve to a GitHub git ref (the TeamPCP smuggling pattern).
• Phase C — time window: any file written under any node_modules during a campaign's published attack window. A clean Phase C is the strongest single signal a host avoided exposure.

Every check is find / grep / jq / stat / shasum. The scanner never writes to the target machine.

Invocation flow