Scan package.json & requirements.txt for security risks

DepShield checks live OSV vulnerability data, suspicious typo packages, and risky licenses in one report.

Free beta scan • detailed remediation reports launching at $1.99

🔴

Live CVE checks

Queries OSV.dev in real time for known vulnerable package versions.

🕵️

Typosquatting detection

Flags suspicious names that look like common packages used in supply-chain attacks.

⚖️

License conflict audit

Spots restrictive GPL/AGPL-style licenses before they become legal debt.

Frequently Asked Questions

How is this different from ChatGPT?

DepShield pulls live registry and vulnerability data. A prompt-only tool cannot verify real package versions against current CVE databases.

Do I need to upload my full repo?

No. Paste only your dependency manifest (package.json or requirements.txt).

Is this free?

Beta scans are free. Premium remediation reports will be $1.99.