φ phi // secure pkg manager · v0.1.0
v0.1.0 · MIT
v0.1.0 · 11 detectors · OSV · zero postinstall

Inspect every package before a single line touches your disk.

phi is a Node.js package manager that scans every dependency — transitives included — with eleven detectors and the OSV feed before extraction. Lifecycle scripts are off by default. Built in Go, single static binary.

linux/mac curl -sSL https://raw.githubusercontent.com/philtechs-org/phi/main/install.sh | sh
windows iwr -useb https://raw.githubusercontent.com/philtechs-org/phi/main/install.ps1 | iex
Read the docs → View on GitHub ↗ MIT · Go 1.21+
§01
The problem

npm is shipping malware on a schedule now.

recent supply-chain incidents · selected source: GHSA + OpenSSF + reporters
NOV 2018·buried transitive
event-stream via flatmap-stream
A new maintainer added flatmap-stream as a sub-dependency, which targeted users with the Copay Bitcoin wallet in their tree and stole private keys. ~2M weekly downloads.
blast: Copay wallet keys, downstream apps
OCT 2021·maintainer compromise
ua-parser-js@0.7.29 / 0.8.0 / 1.0.0
Maintainer's npm account was compromised; three malicious versions were published containing a Linux/macOS crypto miner and a Windows password stealer. ~7M weekly downloads.
blast: mined CPU, stolen browser creds
JUL 2025·credential exfil
eslint-config-prettier
Compromised maintainer token published a malicious version that exfiltrated developer credentials. The package is in the dep tree of nearly every TypeScript project.
blast: developer tokens, npm publish creds

npm + audit + snyk

  1. 01resolve tree
  2. 02fetch tarballs
  3. 03extract to node_modules
  4. 04postinstall executes ← game over
  5. 05audit known CVEs · too late

phi

  1. 01resolve tree
  2. 02fetch tarballs & verify sha512
  3. 03scan in-memory · 11 detectors + OSV
  4. 04verdict per package · block / review / install
  5. 05extract only what cleared · scripts off
§02
Defense in depth

Eleven detectors. Three layers. One score.

§03
The score

From a tarball to a verdict, in under a second.

Each detector hit adds points. Sum < 20 installs silently. 20–59 prompts. 60+ refuses, writes a report, exits non-zero. Pick a real package — watch the needle move.

§04
Drop-in

Reads package.json. Writes node_modules. That's the contract.

Stop installing strangers' code blind.

Single binary. No daemon. No telemetry. No registry account required. MIT licensed.

Install phi → View source ↗
01 · INSTALL
Get the binary on your platform
02 · DOCS
Commands, flags, lockfiles, workspaces
03 · DETECTORS
What each scoring signal means
04 · FAQ
npm/yarn parity, false positives, etc.