Skip to content
@safedep

SafeDep

Security for the AI-native SDLC
README.md
SafeDep Banner

shield Protect Your Code. Stop Malicious Packages.

We scan the code you didn’t write — before it reaches your codebase.

Website


SafeDep protects you from malicious code hidden in the open source packages you install every day. Secure your supply chain with PMG & VET.

💡 Why SafeDep?

bolt Real-time Detection cogs CI/CD Native
Detect malicious packages instantly before they enter your dependency tree. Protect your builds and pipelines automatically with our open-source tooling.
fire-extinguisher Risk Reduction users Community Trusted
Drastically reduce risks from compromised dependencies and typosquatting. Open source tooling, trusted by developers and security engineers worldwide.

🤝 Join the Mission

We are securing the ecosystem one package at a time.

star Star our Reposbug Report Issuescomments Discussions

Pinned Loading

  1. vet vet Public

    Protect against malicious open source packages 🤖

    Go 1k 92

  2. pmg pmg Public

    PMG protects developers, AI agents from malicious open source packages using proxy, sandbox and SafeDep's threat intelligence feed.

    Go 162 14

  3. xbom xbom Public

    Generate xBOMs enriched with AI, SaaS, Crypto and more using Static Code Analysis

    Go 28 3

  4. gryph gryph Public

    Security layer for AI coding agents. Works with Claude Code, Cursor, Windsurf, Gemini CLI, OpenCode, Pi Agent and more.

    Go 96 8

Repositories

Showing 10 of 35 repositories
  • pmg Public

    PMG protects developers, AI agents from malicious open source packages using proxy, sandbox and SafeDep's threat intelligence feed.

    safedep/pmg’s past year of commit activity
    Go 162 Apache-2.0 14 11 (3 issues need help) 1 Updated Apr 6, 2026
  • homebrew-tap Public
    safedep/homebrew-tap’s past year of commit activity
    Ruby 1 0 0 0 Updated Apr 1, 2026
  • gryph Public

    Security layer for AI coding agents. Works with Claude Code, Cursor, Windsurf, Gemini CLI, OpenCode, Pi Agent and more.

    safedep/gryph’s past year of commit activity
    Go 96 Apache-2.0 8 5 1 Updated Apr 1, 2026
  • vet Public

    Protect against malicious open source packages 🤖

    safedep/vet’s past year of commit activity
    Go 1,001 Apache-2.0 92 80 (1 issue needs help) 15 Updated Apr 1, 2026
  • dry Public

    Do not repeat yourself. Re-usable utils for Go apps

    safedep/dry’s past year of commit activity
    Go 4 Apache-2.0 0 4 1 Updated Mar 31, 2026
  • vet-gitlab-ci-component Public

    GitLab CI/CD Component for https://github.com/safedep/vet

    safedep/vet-gitlab-ci-component’s past year of commit activity
    2 Apache-2.0 0 5 0 Updated Mar 31, 2026
  • docs Public
    safedep/docs’s past year of commit activity
    MDX 0 0 2 0 Updated Mar 20, 2026
  • code Public

    SafeDep Code Analysis Framework

    safedep/code’s past year of commit activity
    Go 3 Apache-2.0 1 6 0 Updated Feb 24, 2026
  • vet-action Public

    GitHub Action for policy driven vetting of open source dependencies

    safedep/vet-action’s past year of commit activity
    TypeScript 14 Apache-2.0 2 8 6 Updated Feb 23, 2026
  • .github Public
    safedep/.github’s past year of commit activity
    0 1 0 1 Updated Feb 12, 2026
View all repositories

Top languages

Loading…

Most used topics

Loading…
Developer Program Member