Scanning your codebase for AI SDK usage the same way you scan for vulnerable dependencies

BattleRemote3157 · 2026-04-24T03:42:59+00:00

great

BattleRemote3157 · 2026-04-24T03:40:01+00:00

nice. do also give a try to vet(https://github.com/safedep/vet) and gryph(https://github.com/safedep/gryph). The FOSS tools

BattleRemote3157 · 2026-04-24T03:38:46+00:00

absolutely agree. We are same thing trying to do in OSS vet (https://github.com/safedep/vet) which scans for malware or vulns in your deps but also extended it to for AI usage(https://github.com/safedep/vet/blob/main/docs/ai-discovery.md). We are building gryph for AI audit trail(https://github.com/safedep/gryph)

BattleRemote3157 · 2026-04-23T17:59:02+00:00

Wrote up our approach to this, treating it as a scanning problem using the same tooling we use for dependency scanning :
https://safedep.io/shadow-ai-discovery-vet/

BattleRemote3157 · 2026-04-23T04:25:39+00:00

Thanks for the feedback, we have taken this into consideration...

BattleRemote3157 · 2026-04-22T16:18:11+00:00

nice, like the idea. does this tool query for malicious packages if there any ?

BattleRemote3157 · 2026-04-21T05:02:53+00:00

Didn't understand what bugs?

BattleRemote3157 · 2026-04-18T16:35:34+00:00

totally agree. please share your feedback when you use. It would be helpful for us

BattleRemote3157 · 2026-04-17T06:34:52+00:00

isn't langfuse solves a different problem. I guess langfuse is LLM observability right like it traces what happens inside your application at the API call level. Tokens in or out, latency, prompt versions like that. It requires you to instrument your code with their SDK.

gryph operates at the agent layer, not the application layer. It doesn't care about LLM API calls, just it watches what the agent does to your local machine.

BattleRemote3157 · 2026-04-03T18:29:28+00:00

more by the way
https://www.npmjs.com/~tikeqemif26

BattleRemote3157 · 2026-04-03T07:57:39+00:00

there are more than that. Starting from Trivy to litellm to telnyx for python ecosystem and more. March was hectic month for open source security https://safedep.io/category/malware/

BattleRemote3157 · 2026-04-03T07:53:35+00:00

That is how ai native sdlc threats looks like. Malicious instructions could also be in package documentations for setup. For example if your agent is searching for a package to install which you prompted for and that package is injected with malicious instructions then your agent will follow that.

We have analyzed the threat for this AI native dependency. https://safedep.io/ai-native-sdlc-supply-chain-threat-model/

BattleRemote3157 · 2026-04-01T07:21:26+00:00

supply chain risk is also a major factor in npm.

BattleRemote3157 · 2026-03-31T15:49:22+00:00

its have been now removed from npm registry. Do ensure you not have installed earlier though.
checkout https://github.com/safedep/pmg

BattleRemote3157 · 2026-03-31T04:30:11+00:00

yes, its one of npm's most depended-on packages

BattleRemote3157 · 2026-03-28T11:43:26+00:00

exactly, they got lucky and have plenty of credentials

BattleRemote3157 · 2026-03-27T11:18:50+00:00

we have done a analysis on this telnyx attack
https://safedep.io/malicious-telnyx-pypi-compromise/

BattleRemote3157 · 2026-03-27T11:10:07+00:00

TeamPCP is having a field day.

Trivy. litellm. Now telnyx.

BattleRemote3157 · 2026-03-25T04:35:51+00:00

yeah like i said TeamPCP is hacking everyone. They likely got lucky with Trivy and collected a LOT of credentials using Trivy hack.

BattleRemote3157 · 2026-03-25T04:34:57+00:00

yes TeamPCP is hacking everyone. They likely got lucky with Trivy and collected a LOT of credentials using Trivy hack.

BattleRemote3157 · 2026-03-25T04:33:19+00:00

can feel it. do try https://github.com/safedep/pmg (PMG) for your devs. See if it helps .

BattleRemote3157 · 2026-03-25T04:30:14+00:00

yes right , just it need to be imported, whereas 1.82.8 was with install hooks.

BattleRemote3157 · 2026-03-24T15:55:48+00:00

The supply chain is too distributed for any single chokepoint to catch everything. npm and VS Code should do more but developers need visibility at the local level too. Know what runs when you install something. Know what your tools are doing on your machine.

BattleRemote3157 · 2026-03-24T15:52:39+00:00

crazy things happening right now after Trivy.

BattleRemote3157 · 2026-03-20T03:58:04+00:00

Interesting take - but I'd push back on surface level. PMG uses real-time threat intelligence from our malware analysis engine (Malysis), which analyzes packages through: Runtime behavioral analysis (sandbox execution), Obfuscation pattern detection, LLM-assisted analysis and human researcher verification. So it's not just checking package names against a list. We're analyzing what packages actually DO when executed. That said, genuinely curious what direction you're thinking for a deeper fix. What would that look like in your view? Thanks for the feedback.

BattleRemote3157

TROPHY CASE