This product was not featured by Product Hunt yet. It will not be visible on their landing page and won't be ranked (cannot win product of the day regardless of upvotes).
pkgwatch is a blazingly fast, privacy-first desktop agent that scans your local machine for malicious packages and vulnerabilities in milliseconds. Combining heuristic analysis with a deterministic OSV threat feed, it secures your supply chain with zero cloud leakage.
Hi everyone! 👋
I'm thrilled to introduce pkgwatch. Having spent over quite some time in tech, I grew incredibly frustrated with the state of supply chain security tools. Most enterprise scanners require uploading your code to the cloud, take minutes to run, break your flow, and are heavily bloated.
I wanted something that felt like a native, lightweight developer tool. So, I built pkgwatch - using bumblebee go binary open-sourced by perplexity.
Under the hood:
The Engine: Powered by the open-source Bumblebee Go binary (by Perplexity).
The Client: Wrapped in a hyper-optimized Rust/Tauri desktop app.
The Brain: We built a custom GitHub Actions pipeline that fetches and compiles a fresh catalog.json daily from the Google OSV (Open Source Vulnerabilities) database.Why it's different:100% Local: No telemetry, no code leaves your machine. Ever.
Dual-Engine: It doesn't just match known CVEs; it uses heuristic analysis to flag suspicious zero-day packages based on age and naming patterns (typosquatting).
Instant: Scans complete in milliseconds.
Right now, I am launching the MVP for Windows, with the macOS/Linux versions and a background system tray daemon coming in our free version soon.I'd love for you to download the .exe, run a scan, and let me know what you think of the UI and performance.
I'll be hanging out in the comments all day to answer any architectural questions!
No comment highlights available yet. Please check back later!
About pkgwatch on Product Hunt
“Zero-cloud vulnerability scanner for developers.”
pkgwatch was submitted on Product Hunt and earned 0 upvotes and 1 comments, placing #30 on the daily leaderboard. pkgwatch is a blazingly fast, privacy-first desktop agent that scans your local machine for malicious packages and vulnerabilities in milliseconds. Combining heuristic analysis with a deterministic OSV threat feed, it secures your supply chain with zero cloud leakage.
pkgwatch was featured in Privacy (11.1k followers), Developer Tools (513.3k followers), GitHub (41.2k followers) and Security (2.6k followers) on Product Hunt. Together, these topics include over 103.8k products, making this a competitive space to launch in.
Who hunted pkgwatch?
pkgwatch was hunted by Adithya V. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
Want to see how pkgwatch stacked up against nearby launches in real time? Check out the live launch dashboard for upvote speed charts, proximity comparisons, and more analytics.
Adithya V