Dev Ops · n8n

Scan New Dependencies for Typosquatting Attacks

A single typosquatted package name in a pull request can inject malware into your build. Scan new dependencies in PRs against known-good names and flag suspicious near-matches.

difficulty Advancedsetup 35 minresult Typosquatted packages get caught in code review before they ever reach your build — a supply-chain attack blocked.
  1. 1

    Watch Dependency Changes

    Add a GitHub Trigger on PRs modifying package manifests.

  2. 2

    Check the New Packages

    Add a step comparing added packages against popular-package names and your known-good list.

  3. 3

    Judge Suspicious Names

    Add an OpenAI node flagging near-misses of popular packages and other red flags.

  4. 4

    Flag for Review

    Add a Slack node surfacing suspicious dependencies to the reviewer.

  5. 5

    Activate and Test

    Activate the workflow with a typosquat test package. Confirm it's flagged.

Frequently asked questions

Why is this a real threat?

Typosquatting is a documented supply-chain attack vector — a name one letter off can be pure malware.

False positives?

Flag for human review rather than blocking — a reviewer confirms legitimate new dependencies quickly.

About this recipe. Recipes on FlowRecipesHub are written for business owners, not developers, and are tested before publishing — how recipes get made. Some ingredient links are affiliate links that cost you nothing — full disclosure.