MUADDIB Scanner

Version updated for https://github.com/DNSZLSK/muad-dib to version v2.4.7.

• This action is used across all versions by 1 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

MUAD’DIB is a security-focused GitHub Action designed to detect and analyze threats in npm and PyPI dependencies, combining static and dynamic analysis, deobfuscation, anomaly detection, and dataflow analysis. It automates the scanning of packages and projects, blocks malicious packages before installation, and provides detailed risk scoring and actionable insights to help developers respond to supply chain attacks effectively. This free tool complements enterprise solutions by offering a quick and accessible first line of defense for dependency security.

Release notes

5 new adversarial samples (SANDWORM_MODE, NeoShadow, StegaBin, buildrunner-dev). 3 new rules (AST-033/034/035). resolveStringConcat for dynamic path detection. ADR 98.8% (82/83), FPR 7.4% stable, 1471 tests, 107 rules.

• DNSZLSK
• GitHub Actions