Analysis updated 2026-05-18
Automatically scan an AUR package's build script for malicious patterns before installing it.
Block a package build that a static rule or AI review flags as suspicious.
Run entirely offline using static rules only, with no AI service required.
Use a local AI model to keep all package scanning data private on your own machine.
| manticore-projects/aurscan | gizmodata/adbc-driver-quack | gokele/ovh | |
|---|---|---|---|
| Stars | 14 | 14 | 14 |
| Language | Go | Go | Go |
| Setup difficulty | moderate | moderate | moderate |
| Complexity | 3/5 | 3/5 | 3/5 |
| Audience | developer | developer | ops devops |
Figures from each repo's GitHub metadata at analysis time.
Static rules work with no setup, the optional AI review step needs either a Claude subscription, an API key, or a local model.
aurscan is a command-line security tool for Arch Linux users who install software from the AUR, the community-maintained repository where anyone can publish build scripts. Before your system actually builds and installs a package, aurscan reads the build instructions and checks them for signs of malicious behavior. The tool works in two stages. First, it runs a set of offline static rules to catch known attack patterns, this requires no internet connection and no AI service. Then it passes the build script and any helper files to an AI model, which reads the code and judges whether anything looks suspicious. The AI step is optional: if you have no model configured, the static rules alone still run and can block a build. In practice, aurscan plugs into yay, the most common AUR helper, by wrapping the yay command in a thin script called syay. When yay downloads a package's build instructions and normally hands them to your text editor for review, aurscan intercepts that step and runs its scan first. A clean verdict passes control through to your editor as usual, a flagged verdict exits with an error and aborts the build before any build-time code runs. For AI analysis the tool supports several backends: the Claude Code CLI (using your existing Claude subscription with no separate API key), a direct Anthropic API key, any local model running through a compatible interface such as Ollama or llama.cpp, or any custom command that reads a prompt from stdin. Running a local model keeps all package data entirely private on your machine. The README cites real incidents that motivated the project: in July 2025 attackers published AUR packages disguised as browser fixes that ran malware at build time, and in June 2026 a larger campaign compromised over 1,500 orphaned packages to deliver credential stealers and rootkits. aurscan encodes the patterns from those attacks in both its static rules and its AI prompt.
A command-line security scanner that checks Arch Linux AUR build scripts for malicious behavior before they run, using static rules plus an optional AI review.
Mainly Go. The stack also includes Go.
License terms are not stated in the explanation.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.