Infrastructure scanning and dependency security. Built for engineers who run their own servers and ship their own code.
Run once, use forever. Scans your entire server and generates a persistent knowledge base. Claude auto-loads it every session — zero discovery overhead, instant context.
Multi-ecosystem supply chain attack scanner. Detects compromised packages, malware artifacts, and C2 connections across your entire dependency tree.
AI-scored GitHub repository discovery. Finds trending repos, scores them across 5 dimensions with LLM, and tweets the best ones daily.
One command scans every service, port, config, database, domain, SSL cert, and .env file. Single bash call, single permission prompt.
Creates a persistent CLAUDE.md + per-service docs. Auto-loaded every session. Claude knows your server without re-discovering anything.
Without this: 50-100K tokens burned on discovery per session. With this: zero. Claude reads the docs and starts working immediately.
Credentials in gitignored .credentials file. Optimization report flags security risks, performance issues, and expiring SSL certs.
80 lines max. Domain map, service table, architecture link. Everything Claude needs at a glance without wasting context.
One .md per service: nginx.md, postgresql.md, redis.md. TL;DR header, config tables, dependency graph. Read only when needed.
Critical / Important / Nice-to-have. Checks shared_buffers, SSL expiry, security headers, fail2ban, SSH config, disk usage.
# one-liner install (auto-updates every 6h)
curl -fsSL https://raw.githubusercontent.com/oopsalldev/server-scout/main/install.sh | bash
# run in claude code
/server-scout
# output
CLAUDE.md # lean index
.server-docs/services/*.md # per-service details
.server-docs/optimizations.md # recommendations
.server-docs/.credentials # passwords (gitignored)
JSON threat database with compromised versions, C2 IPs, malware hashes, and IOCs.
Checks node_modules, pip, Gemfile.lock, Cargo.lock, go.sum, composer.lock.
Malware files on disk. Active C2 connections. Malicious CDN refs. Bad lockfile shasums.
CLEAN / WARNING / COMPROMISED verdict. Remediation steps per threat.
# 1 — Clone the scanner (once per machine)
Downloads the repo so you can run the CLI locally.
git clone https://github.com/oopsalldev/npm-supply-chain-scanner
# 2 — Run a scan (from inside the clone)
Replace /your/project with the path you want checked (your app root).
cd npm-supply-chain-scanner
./scripts/scan.sh --path /your/project
# 3 — GitHub Actions (paste under your job’s steps: list)
Run after actions/checkout if the action needs your source tree. Prefer pinning @v… or a commit SHA instead of @main in production.
- uses: oopsalldev/npm-supply-chain-scanner@main
# Repo for stars & issues → github.com/oopsalldev/npm-supply-chain-scanner
# 4 — Claude Code (slash command in session)
Runs the scanner skill from your Claude Code workspace.
/scan
Scans GitHub every 30 minutes for trending repos across AI, security, devtools, and infrastructure. Sort by AI score, stars, latest discovery, or last push; filter by category and language.
LLM analyzes each repo across 5 dimensions: usefulness, code quality, documentation, innovation, and community. Weighted overall score 0-100.
Categorizes into ai-coding, ai-agents, llm-tools, security, web, devtools, infra, and more. Shareable URLs for every filter combination.
Top repos (score 70+) are automatically tweeted daily from @esenkalumut with AI-generated descriptions. No manual curation needed.
# browse — latest discoveries first
https://discover.oops.zone/?sort=latest
# category + language + sort (shareable)
https://discover.oops.zone/?category=ai-agents&lang=Python&sort=score
# last activity on GitHub (push date)
https://discover.oops.zone/?sort=updated
# follow for daily top repos
@esenkalumut on XBuilt with Claude Code by oops.zone