rustio rustio.net

Decision Workspace

npm_sentinel vs sigil-cli vs npmls

Side-by-side comparison of Rust crates

42
npm_sentinel
experimentalv0.2.0

A CLI tool to detect supply chain attacks in npm packages by analyzing lifecycle scripts and registry metadata.

44
sigil-cli
experimentalv1.0.5

Automated security auditing for AI agent code - quarantine-first scanning for pip, npm, git repos, and MCP servers

41
npmls
experimentalv0.4.0

Fast cross-platform scanner for npm modules and malicious packages

Core Metrics

npm_sentinelsigil-clinpmls
Health Score424441
Total Downloads72291.2K
30d Downloads775
Dependents000
Releases224
Last Updated121d ago34d ago197d ago
Age4m1m6m

Health Breakdown

npm_sentinel
Maintenance
11
Quality
13
Community
6
Popularity
2
Documentation
10
sigil-cli
Maintenance
12
Quality
14
Community
6
Popularity
2
Documentation
10
npmls
Maintenance
16
Quality
5
Community
6
Popularity
4
Documentation
10

Technical Details

npm_sentinelsigil-clinpmls
Version0.2.01.0.50.4.0
Stable (≥1.0)✗ No✓ Yes✗ No
LicenseMITApache-2.0MIT
Dependencies71624
Crate Size16KB47KB52KB
Features000
Yanked %0.0%0.0%75.0%
Edition202120212021
MSRV
Owners111

Links

npm_sentinel detail →GitHub ↗crates.io ↗
sigil-cli detail →GitHub ↗crates.io ↗
npmls detail →GitHub ↗crates.io ↗

Quick Verdict

  • sigil-cli leads with a health score of 44/100, but none of the options score above 80.
  • npmls has the most downloads (1.2K), suggesting wider adoption.
  • npm_sentinel, npmls are pre-1.0 — API may change.