428 npm packages already contain AI assistant dotfiles. 33 exposed live keys. PackGuard hooks into prepublishOnly, opens your tarball before it ships, and blocks .claude/, .cursor/, source maps with embedded source, and high-entropy secrets. Refuses to publish until it's clean. Free for solo OSS.