StepSecurity Logo
LoginStart free
gensecaihq/Shai-Hulud-2.0-Detector

gensecaihq/Shai-Hulud-2.0-Detector

Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.

GitHubGitHub Repository

0 star

Node.js

Node Action

Score updated 3 days ago

GitHub Actions security score

gensecaihq/Shai-Hulud-2.0-Detector

Score

Start free trial to unlock

No credit card required

License

Maintained

Vulnerabilities

Branch protection

Manual code review

Secure publishing

Signed commits

Automated security tools

Popular

Used by 36 open-source projects

Security Policy

security policy file detected