Shai-Hulud Scanner
GitHub Malware Detection Tool
Protect your repositories from the Shai-Hulud malware attack that affected hundreds of npm packages on November 24, 2025.
Scan your GitHub repositories or check a package.json file directly for infected packages and get actionable remediation steps.
🔍Comprehensive Scan
Scans all your repositories for 793 known malicious package versions
🔒Read-Only Access
Only requests read permissions to safely scan your repositories
⚡Instant Results
Get immediate feedback on infected repositories with remediation guidance
🔗Scan GitHub Repositories
Connect your GitHub account to scan all your repositories for infected packages.
By connecting your GitHub account, you agree to allow read-only access to scan your repositories for malware. No changes will be made to your code.
📄Scan package.json
Upload or paste your package.json file to check for infected packages instantly. No authentication required.