🔒 Zero-Trust Supply Chain
Intercepts npm, yarn, pnpm, bun, pip, and cargo installs before malicious code reaches your machine. Three layers: pre-flight script scanning (entropy + network/eval signals), runtime phantom-file detection, and post-install exec-drop analysis. Catches the typosquatting, obfuscated postinstall, and build.rs attack vectors.