10 supply chain checks — hardcoded IPs, eval/Function, dangerous scripts, binary files, env leaks
SECURITY
guardian
FREE
Combined supply chain verification + machine backdoor audit. Catches injected IPs, obfuscated code, eval() backdoors, AND system compromise. Cross-platform security in a single command.
CAPABILITIES
Full-Spectrum Security Audit
Guardian combines supply chain verification with machine backdoor auditing in one tool. It runs 10 supply chain checks against your codebase and 45+ machine security checks against your system, producing a severity-weighted verdict.
Runs entirely locally with zero API calls. No data leaves your machine. Supports IPv4 and IPv6 with geo-IP tagging for all external connections.
45+ machine security checks — WMI subscriptions, Defender exclusions, BITS jobs, COM hijacking, named pipes, ADS
Severity-weighted scoring — BLOCKED / INVESTIGATE / REVIEW / CLEAN verdicts
IPv4 and IPv6 support with geo-IP tagging for all external connections
Cross-platform — Windows, macOS, Linux with platform-specific detection
Zero API calls — runs entirely locally, no data leaves your machine
How It Works
1
Supply Chain Scan
Scans your project for hardcoded IPs, eval() calls, obfuscated code, binary files, credential leaks, and dangerous install scripts
2
Machine Audit
Inspects your system for persistence mechanisms, unauthorized services, suspicious connections, and backdoors
3
Geo-IP Resolution
Tags all external IPs with geographic location data (skip with skipGeo: true for offline use)
4
Verdict
Produces a severity-weighted score with a clear BLOCKED, INVESTIGATE, REVIEW, or CLEAN verdict
Profiles
Choose npm or github profiles to tailor supply chain checks to your publishing target.
EXAMPLE
Run a Full Security Audit
MCP Tool Call
// Request
{
"name": "guardian",
"arguments": {
"profile": "npm",
"skipGeo": false,
"save_receipt": true
}
}
// Response
{
"verdict": "REVIEW",
"score": 82,
"supply_chain": {
"checks": 10,
"passed": 9,
"findings": [
{
"check": "no_hardcoded_ips",
"severity": "MEDIUM",
"detail": "1 IPv4 address found in config.js"
}
]
},
"machine_audit": {
"checks": 47,
"findings": 2,
"suspicious_connections": 0
},
"geo_ip": {
"external_ips": 3,
"flagged": 0
}
}
CLI Usage
Terminal
# Run full guardian scan on current directory
npx 50c guardian
# With npm profile and receipt saved
npx 50c guardian --profile npm --save-receipt
# Skip geo-IP lookups for faster offline scan
npx 50c guardian --skip-geo
USE CASES
When to Run Guardian
Pre-Publish Audits
Run before every npm publish or GitHub release. Catches injected IPs, obfuscated code, and credential leaks before they go live.
Post-Incident Triage
After a suspected compromise, run Guardian to check for persistence mechanisms, unauthorized services, and backdoor connections.
CI/CD Pipeline Integration
Add Guardian to your pipeline as a gate. BLOCKED verdict fails the build. REVIEW verdict flags for manual inspection.
Dependency Audits
Scan third-party packages before adding them to your project. Detect supply chain attacks targeting eval(), Function(), and dynamic requires.
Developer Machine Hygiene
Regular security sweeps on developer machines. Checks for WMI subscriptions, BITS jobs, COM hijacking, and other persistence vectors.
Compliance Reporting
Generate detailed receipts documenting every check performed and its result. Useful for security audits and compliance reviews.
Secure Your Code and Your Machine
Guardian is free for all 50c users. Run a full security audit with zero API calls and zero cost.
Get Started Free