Watches popular packages for suspicious code changes and alerts you before you install.
Polls the npm registry every 5 minutes for new package versions
Diffs the code and runs AST analysis for known attack patterns
Flags suspicious changes and auto-posts to Twitter