MUADDIB Scanner

Version updated for https://github.com/DNSZLSK/muad-dib to version v2.10.37.

• This action is used across all versions by 1 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

MUAD’DIB is a security-focused GitHub Action and CLI tool designed to detect and analyze threats in npm and PyPI supply chains. It automates the scanning of dependencies for known vulnerabilities, malicious packages, and suspicious behavioral patterns using multiple detection engines, machine learning classifiers, and a Docker sandbox. The tool helps developers proactively mitigate risks by providing risk scoring, threat explanations, and preventive measures like safe package installation and customizable alerts.

What’s Changed

QW-1: dependency_ioc_match split. QW-2: publish_burst LOW. HC+sandbox guard on LLM suppression. Multi-step LLM prompt. Prompt injection defense.

• DNSZLSK
• GitHub Actions