Check packages for CVEs, slopsquatting, and CISA KEV before your AI agent installs them.
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Check packages for CVEs, slopsquatting, and CISA KEV before your AI agent installs them.