Packj flags malicious/risky open-source packages
Packj is a command-line tool that analyzes open-source packages for security risks. It flags packages as malicious or risky based on various heuristics, such as unusual metadata, suspicious code patterns, and known vulnerabilities, helping developers avoid potentially harmful dependencies.