Two systems that meet in the middle.
We scan the world’s open-source supply chain on one side, and give you a clean inventory of your own on the other. The value is where they join.
- 01
We watch the registries, not your endpoints
A separate Levering service continuously pulls new and updated releases from the open-source marketplaces attackers actually use — npm, PyPI, Hugging Face, the Chrome Web Store, the VS Code Marketplace, PowerShell Gallery. Publish something malicious to any of them and it enters our queue within minutes.
- 02
Every artifact is read and detonated
Each release goes through two independent passes: an AI static-analysis read of the actual code, and a dynamic run inside an isolated sandbox. We record what it really does — files touched, processes spawned, hosts contacted, credentials read.
- 03
Behavior is judged against stated intent
The tell for supply-chain malware is the gap between what a package claims to do and what it does. A “terminal color helper” that reads ~/.aws/credentials and beacons out isn’t a color helper. We score that gap and assign a verdict: malicious, suspicious, or clean.
- 04
You inventory your own fleet, agentlessly
One auditable shell script reads the specific locations where packages, models, and extensions live — no disk crawl, no kernel agent. It reports names and versions (never file contents or secrets) to your private inventory, keyed by a token you mint.
- 05
Your inventory is married to our intelligence
Server-side, every artifact you have is joined against our threat intel. Anything malicious is pulled to the top of your inventory, per device and per user — so you know not just that a threat exists, but exactly where it is.
Stop the install before it lands.
Inventory tells you what’s already there. Next, Levering inspects install-time network traffic and blocks a known-malicious package from ever reaching the device — turning visibility into prevention.
Ready to see your own fleet?
Scan my fleet →