Hi everyone,

I’ve put together an automated threat-intel repo that aggregates all known malicious NPM packages into a single machine-readable JSON file. Useful for code scanners, CI pipelines, or anyone monitoring supply-chain risk.

Repo: https://github.com/hemachandsai/shai-hulud-malicious-packages

What it does

• Pulls malicious-package advisories from OSV, GitHub Security Advisories, and Amazon Inspector
• Normalizes everything into one consolidated malicious_npm_packages.json
• Automatically updates every 30 minutes
• Designed to be dropped directly into scanners or automation workflows

Current coverage

Tracking 149k+ confirmed malicious packages, including entries from the Shai-Hulud Phase-1 dataset.

If you’re working in supply-chain security or doing npm-related scanning, would love feedback or suggestions.