DEV Community: clopez programmer The latest articles on DEV Community by clopez programmer (@clopez_programmer_3fcbf30). https://dev.to/clopez_programmer_3fcbf30 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3866487%2F4c974d92-2855-47b0-b368-38c7110103ca.png DEV Community: clopez programmer https://dev.to/clopez_programmer_3fcbf30 en I built Warden - a free security CLI to catch malicious npm packages clopez programmer Tue, 07 Apr 2026 19:54:39 +0000 https://dev.to/clopez_programmer_3fcbf30/i-built-warden-a-free-security-cli-to-catch-malicious-npm-packages-3h8p https://dev.to/clopez_programmer_3fcbf30/i-built-warden-a-free-security-cli-to-catch-malicious-npm-packages-3h8p <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0ech5hegqkz9zxf8in6v.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0ech5hegqkz9zxf8in6v.png" alt=" " width="411" height="112"></a></p> <p>Hey! I just released Warden v2.0, a CLI tool that scans your Node.js dependencies for malicious packages,<br><br> typosquatting, and supply chain attacks. </p> <p>I got tired of not knowing if my dependencies were safe. npm audit shows CVEs, but what about packages hiding malware<br> with obfuscated code or stealing your AWS credentials? So I built this.</p> <p>What it does:</p> <ul> <li>Scans node_modules for dangerous patterns (obfuscation, credential theft, system execution, etc.)</li> <li>Runs npm/pnpm/yarn audits with readable output </li> <li>Monitors your network in real-time to see what your node processes are doing</li> <li>Checks for license compliance </li> <li>Enforces security policies across your team </li> </ul> <p>All 100% local - no data leaves your machine.</p> <p>Try it:<br><br> npm install -g warden-cli<br> warden scan .<br> warden monitor<br> warden doctor</p> <p>Feedback and contributions welcome!</p> <p><a href="https://github.com/camilolb/warden/" rel="noopener noreferrer">https://github.com/camilolb/warden/</a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fysr1yrfjmriiuiyrmkk4.gif" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fysr1yrfjmriiuiyrmkk4.gif" alt=" " width="814" height="554"></a></p> cli node security showdev