Show HN: Give This Markdown to Your Coding Agent Before Publishing to NPM

Category: security

Tags: npm, supply-chain-security, attack-techniques

Score: 6.7/10 (Innovation: 7, Technical: 6, Documentation: 5, Utility: 7)

This project provides a markdown document listing 12 types of npm supply chain attack techniques with mitigations, intended as a checklist for coding agents to review packages before publishing. It is interesting because it consolidates real-world attack patterns from the past year into a structured, actionable reference for improving package security.

Target audience: backend devs, devops, security engineers

View on Hacker News