Version updated for https://github.com/TazarSec/ManticoreScanner to version v0.1.1. This action is used across all versions by 1 repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The ManticoreScanner GitHub Action automates the process of scanning npm dependencies for malicious code by leveraging the Manticore behavioral analysis backend. It provides a one-shot scan for package.json or package-lock.json files, reports suspicious findings, optionally posts pull request comments, and can fail CI jobs based on a configurable suspicion threshold. This action helps ensure the security of npm dependencies by detecting potential threats in CI/CD pipelines.