octoscope v0.20.0 — Integrity: scan your repos for the supply-chain worm 🔍

The Shai-Hulud / Miasma worm has been quietly pushing itself into people's GitHub repos — including real, well-known OSS projects — where it auto-runs the moment you open the repo in an AI editor (Claude / Cursor / Gemini / VS Code) or install it, then harvests your tokens. It lives in the GitHub source, not the npm registry, so a lockfile audit never sees it. octoscope already points at the repos you own, so this release teaches it to look. @icflorescu

What it catches

On a Repos row, open the action menu (space) and hit Security scan (s). It matches the invariant of the attack instead of a single payload filename — because the worm renames its dropper the week after you blocklist it, so a renamed variant still trips it.

How it scores

Three filename-agnostic signals, combined: what auto-executes when you open the repo (agent/editor hooks, devcontainer & package lifecycle, CI), whether any of those files looks like a payload (oversized, high-entropy, obfuscated), and whether the commit tips were forged under a bot identity or left unsigned against an otherwise-signed history. Scoring is weighted and explainable — every finding tells you why it fired, and no single signal alone reaches the scary tiers — so a healthy repo reads clean and a real implant reads likely compromised. The report also lists every auto-executing file in the repo plus per-branch commit-tip provenance, so you know your attack surface even when nothing's wrong.

Read-only, by design

octoscope never touches your repo. When something looks wrong it hands you a copy-paste remediation script (press y) — clone-without-checkout, reset-not-revert, and the right pages to revoke the OAuth grant, not just the token. You run it; octoscope just shows you the door.

Upgrade

brew upgrade gfazioli/tap/octoscope

https://github.com/gfazioli/octoscope/releases/tag/v0.20.0

As always: read-only, free, MIT, on Linux / macOS / Windows.

Source: https://github.com/gfazioli/octoscope

If you maintain a few repos: would you want this as an on-demand check, or always-on at startup? (I tried an always-on banner and pulled it — it couldn't tell a worm from a Dependabot batch. Curious what people think.)