Skip to content
@safedep

SafeDep

Security for the AI-native SDLC
README.md
SafeDep Banner

shield Protect Your Code. Stop Malicious Packages.

We scan the code you didn’t write — before it reaches your codebase.

Website


SafeDep protects you from malicious code hidden in the open source packages you install every day. Secure your supply chain with PMG & VET.

💡 Why SafeDep?

bolt Real-time Detection cogs CI/CD Native
Detect malicious packages instantly before they enter your dependency tree. Protect your builds and pipelines automatically with our open-source tooling.
fire-extinguisher Risk Reduction users Community Trusted
Drastically reduce risks from compromised dependencies and typosquatting. Open source tooling, trusted by developers and security engineers worldwide.

🤝 Join the Mission

We are securing the ecosystem one package at a time.

star Star our Reposbug Report Issuescomments Discussions

Pinned Loading

  1. vet vet Public

    Protect against malicious open source packages 🤖

    Go 1k 92

  2. pmg pmg Public

    PMG protects developers, AI agents from malicious open source packages using proxy, sandbox and SafeDep's threat intelligence feed.

    Go 162 14

  3. xbom xbom Public

    Generate xBOMs enriched with AI, SaaS, Crypto and more using Static Code Analysis

    Go 28 3

  4. gryph gryph Public

    Security layer for AI coding agents. Works with Claude Code, Cursor, Windsurf, Gemini CLI, OpenCode, Pi Agent and more.

    Go 94 8

Repositories

Showing 10 of 35 repositories
View all repositories

Top languages

Loading…

Most used topics

Loading…
Developer Program Member