Skip to content

sandworm-hq/sandworm-guard-js

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Sandworm

 

Easy auditing & sandboxing for your JavaScript dependencies 🪱


NPM License CircleCI Maintainability Test Coverage

TL;DR

  • Sandworm Guard intercepts all potentially harmful Node & browser APIs, like arbitrary code execution (child_process.exec) or network calls (fetch). It knows what packages are responsible for each call.
  • Simple obfuscation techniques can confuse static analysis tools, but Sandworm's dynamic analysis will always intercept risky calls at run time.
  • You can use Sandworm Guard to:
  • Install it as an npm module in your existing Node or browser app.
  • Works in Node v15+ and modern browsers. Beta support for browsers and sourcemaps.

Getting Started

Add the Sandworm init call as the very first line of your app:

require('@sandworm/guard').init({devMode: true}); // add `permissions: [...]` to enforce

Then launch the inspector tool with npm run sandworm or yarn sandworm to monitor activity and permissions.

Documentation

Read the full docs here.

Get Involved