Safe Chain prevents developers from installing malware
12 hours ago
- #npm
- #malware-protection
- #security
- Aikido Safe Chain prevents malware installation via npm, npx, yarn, pnpm, and pnpx.
- It wraps around package managers to scan for malware before installation.
- Supports Node.js v18+ with full coverage for npm ≥10.4.0 and limited support for others.
- Installation involves global npm install, shell setup, and terminal restart.
- Detects malware via Aikido Intel and offers block or prompt actions.
- Supports Bash, Zsh, Fish, PowerShell, and PowerShell Core.
- Uninstallation requires teardown command, npm uninstall, and terminal restart.
- Configurable malware response with --safe-chain-malware-action flag.