Home
Docs
GitHub
Blog
DOCS
GITHUB
BLOG
DOCS
GITHUB
BLOG

Easy Security & License Audits For JavaScript And PHP Dependencies

Sandworm statically & dynamically analyses millions of code packages to identify malicious scripts and license issues in your software supply chain.

Get Started Free
Sandworm - Keep your JavaScript code secure and compliant with Sandworm | Product Hunt

Sandworm Audit

Security & License Compliance

Beautiful security & license compliance reports for your app’s dependencies. Scans your project and dependencies for security vulnerabilities, license & metadata issues - here's the list of issue types.

It’s free and open source, and works with npm, Yarn, pnpm, and Composer. Run npx @sandworm/audit@latest in the terminal or in your CI / Git Hook workflows.

Outputs JSON issue and license usage reports, direct and transient dependency data as CSV, as well as easy to read dependency tree and treemap visualizations.

🚨 Latest Security Issues Detected

See all npm vulnerabilities

Sandworm Cloud

Secure & Monitor Your Dependencies

Sandworm Cloud monitors your GitHub activity and generates fresh audit reports for every change you make.

View and share reports with collaborators. Get recommendations and resolve issues. Monorepo & workspace support.

Contact Us For Early Access

Latest from Sandworm

See all articles
Sandworm Dunes
Ready to start?

Scan your app for security vulnerabilities and license issues

Sandworm Open Source
Sandworm
Getting Started Issue Types Resolve Issues License Policies Sandworm Guard
Support
Sponsor Discuss Terms of Use Privacy Policy Security
More from Sandworm
Newsletter 𝕏 / Twitter 𝕏 / Twitter Security Alerts Knowledge Base Blog Contact