nrajlekhak

#!/usr/bin/env bash
# ─────────────────────────────────────────────────────────────────────────────
# detect-mini-shai-hulud.sh
#
# Scans every project under the CWD for npm packages compromised in the
# "Mini Shai-Hulud" supply-chain attack (npm ecosystem, 2026).
#
# Compromised package list source: StepSecurity blog
#   https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem
# @tanstack/* patched versions cross-verified against GitHub Security Advisory: