MUADDIB Scanner

Version updated for https://github.com/DNSZLSK/muad-dib to version v2.10.31.

• This action is used across all versions by 1 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

MUAD’DIB is a security-focused GitHub Action and CLI tool designed to detect and assess threats in npm and PyPI packages. It leverages multiple scanning techniques, deobfuscation, dataflow analysis, machine learning classifiers, and a Docker sandbox to identify known threats and suspicious behaviors, providing a risk score and actionable insights for remediation. This tool automates the detection of supply-chain attacks, such as malicious dependencies, and prevents the installation of compromised packages, enhancing software supply chain security.

Release notes

2 adversarial bypasses fixed (Proxy globalThis, Reflect MemberExpression). SBOM CycloneDX. Full documentation update. 195 rules, 2868 tests.

• DNSZLSK
• GitHub Actions