MUADDIB Scanner

Version updated for https://github.com/DNSZLSK/muad-dib to version v2.10.10.

• This action is used across all versions by 1 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

MUAD’DIB is a security scanning tool designed to detect and analyze known threats and suspicious behavior in npm and PyPI packages, leveraging advanced techniques like deobfuscation, inter-module dataflow analysis, and machine learning classification. It automates the identification of supply chain vulnerabilities, providing risk scoring, detailed threat explanations, and pre-installation scans to mitigate risks before dependency installation. This action serves as a proactive first line of defense against supply chain attacks, offering features like sandboxing, alert integrations, and strict detection modes.

Release notes

R2: relaxed isSDKPattern credential suffix heuristic (6 tests). R4: cap suspicious_dataflow(MEDIUM) at 3pts (2 tests). 2679 total, 0 fail.

• DNSZLSK
• GitHub Actions