Show HN: Computer Police – block malicious NPM/pip installs locally

Category: security

Tags: supply-chain-security, malware-blocking, package-manager

Score: 7.0/10 (Innovation: 6, Technical: 7, Documentation: 8, Utility: 7)

Computer Police is a local registry proxy that blocks confirmed-malicious npm and pip package installs by leveraging OSV malware advisories, running without root privileges. It is interesting because it provides a lightweight, low-noise, and reversible security layer for developers, CI pipelines, and AI coding agents, filling a specific gap in supply-chain security at the install time.

Target audience: backend devs, devops, security engineers

Repository: https://computer.police.dev/ · Swift · MIT · 2 stars

View on Hacker News