I'm Arjun, an 18-year-old intern at Socket. I've been working on a project that I'm really excited to share with you all - a browser extension that makes it easier to check the security of NPM packages before you use them.

You can try the extension on any Chromium-based browser or on Firefox.

Chrome extension: https://chrome.google.com/webstore/detail/socket-security/jb...

Firefox add-on: https://addons.mozilla.org/en-US/firefox/addon/socket-securi...

Socket scans NPM packages for malware, vulnerabilities, code smell, and unwanted behavior using AI and some very powerful in-house static analysis we've been perfecting over the last 2 years. As the primary developer of Parcel.js' web extension transformer (https://parceljs.org/recipes/web-extension/), I thought it would be cool to use my own work on Parcel to create a useful extension during my internship at Socket.

The extension displays scores alongside each package indicating quality, security, maintenance, and other useful metrics. It also tells you if a package accesses the network when it shouldn't need to, or if it runs malware in an install script. You can learn more about its features in my blog post: https://socket.dev/blog/socket-web-extension

Feel free to ask any questions you have about Socket, the extension or even my work on Parcel. Excited to hear your feedback!

- Arjun