dep-oracle

Calculates trust scores for npm and Python dependencies, detecting zombie packages, typosquatting attempts, and supply chain risks.

Predictive dependency security engine that scores every package in a dependency tree from 0-100 based on security history, maintainer health, activity, popularity, funding, and licensing. Detects unmaintained zombie dependencies, catches typosquatting attempts against known packages, measures blast radius of compromised dependencies, and suggests safer alternatives from a curated migration database.