Very excited to share a tool I've been working on and explore it's feasibility with the community.

Customs Inspector hooks into Poetry's package management system to allow for manual auditing of package changes during updates. It opens a browser with a diff view of the changes for you to manually audit.

The idea is to harness the community's collective effort to find malicious packages.

No one likes manual auditing, but perhaps, this makes it less so?

Looking forward to your thoughts