supply-chain-protection
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
sfw(Socket Firewall) utility from the official npm registry. This tool is provided by a well-known security service for protecting against malicious dependencies.- [COMMAND_EXECUTION]: Executes package manager commands to install security tooling and performs a verification dry-run using theis-oddpackage. It correctly handles various package managers including npm, pnpm, Yarn, and Bun, and checks for tool existence before installation.
Audit Metadata