Launched this week
Veln — every package, verified
Block bad npm and pip packages. Before they download.
20 followers
Block bad npm and pip packages. Before they download.
20 followers
Over 20 trust signals score every npm and pip install — CVEs, maintainer drift, install scripts, hidden payloads. Bad packages refused befoSupply chain attacks on npm and PyPI keep landing in production — usually hours before any threat feed catches up. Veln is a local proxy that scores every install against 20+ trust signals (CVEs, maintainer changes, install scripts, hidden payloads) before a single byte hits your disk. Same commands, same lockfiles, zero workflow change.
