This product was not featured by Product Hunt yet. It will not be visible on their landing page and won't be ranked (cannot win product of the day regardless of upvotes).
Product upvotes vs the next 3
Waiting for data. Loading
Product comments vs the next 3
Waiting for data. Loading
Product upvote speed vs the next 3
Waiting for data. Loading
Product upvotes and comments
Waiting for data. Loading
Product vs the next 3
Loading
pkgwatch
Zero-cloud vulnerability scanner for developers.
pkgwatch is a blazingly fast, privacy-first desktop agent that scans your local machine for malicious packages and vulnerabilities in milliseconds. Combining heuristic analysis with a deterministic OSV threat feed, it secures your supply chain with zero cloud leakage.
Hi everyone! 👋
I'm thrilled to introduce pkgwatch. Having spent over quite some time in tech, I grew incredibly frustrated with the state of supply chain security tools. Most enterprise scanners require uploading your code to the cloud, take minutes to run, break your flow, and are heavily bloated.
I wanted something that felt like a native, lightweight developer tool. So, I built pkgwatch - using bumblebee go binary open-sourced by perplexity.
Under the hood:
The Engine: Powered by the open-source Bumblebee Go binary (by Perplexity).
The Client: Wrapped in a hyper-optimized Rust/Tauri desktop app.
The Brain: We built a custom GitHub Actions pipeline that fetches and compiles a fresh catalog.json daily from the Google OSV (Open Source Vulnerabilities) database.Why it's different:100% Local: No telemetry, no code leaves your machine. Ever.
Dual-Engine: It doesn't just match known CVEs; it uses heuristic analysis to flag suspicious zero-day packages based on age and naming patterns (typosquatting).
Instant: Scans complete in milliseconds.
Right now, I am launching the MVP for Windows, with the macOS/Linux versions and a background system tray daemon coming in our free version soon.I'd love for you to download the .exe, run a scan, and let me know what you think of the UI and performance.
I'll be hanging out in the comments all day to answer any architectural questions!
About pkgwatch on Product Hunt
“Zero-cloud vulnerability scanner for developers.”
pkgwatch was submitted on Product Hunt and earned 0 upvotes and 1 comments, placing #30 on the daily leaderboard. pkgwatch is a blazingly fast, privacy-first desktop agent that scans your local machine for malicious packages and vulnerabilities in milliseconds. Combining heuristic analysis with a deterministic OSV threat feed, it secures your supply chain with zero cloud leakage.
On the analytics side, pkgwatch competes within Privacy, Developer Tools, GitHub and Security — topics that collectively have 568.3k followers on Product Hunt. The dashboard above tracks how pkgwatch performed against the three products that launched closest to it on the same day.
Who hunted pkgwatch?
pkgwatch was hunted by Adithya V. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
For a complete overview of pkgwatch including community comment highlights and product details, visit the product overview.
Adithya V