Hi, I think that's a reasonable idea for local use yes!
I've played with something similar, but trying to look at all recent AUR pushes. Haiku definitely could catch the npm stuff as malicious (that's how I spotted the few I posted on list), but even then, that would cost quite a bit to scan everything (I see about 1000-2000 pushes in the last 24h? maybe related to the attack, not sure what's the normal rate). I think it might be nice to play with local LLMs: I tried Gemma4 locally but scanning on my laptop (CPU-only) is not really effective. With a solid rig, it might be enough to scan everything (not a 100% guarantee of course), ideally trying to bias towards avoiding false negatives at the expense of false positives. The entirety of the vide-coded horror is here: https://gist.github.com/drinkcat/6a5e632583c67dadf84d68d339cdf799 (I didn't really look at the code, I don't think the pre filters are needed for example) Happy to chat about this if this is useful, Thanks, On Sat, 13 Jun 2026 at 11:34, Andreas Reichel <[email protected]> wrote: > > Greetings. > > The recommendation to read every and any AUR package before installing is > certainly correct. > Although it is also over my head because I would not have known of any of > those malware attempts. > > So out of desperation, I drafted a AUR package scanner wrapping YAY and > scanning every AUR package with a Claude LLM before installing. > Its a first POC and I know nothing, but maybe some find it useful and want to > join. We are all affected so lets work on this together. > > https://github.com/manticore-projects/aurscan > > In my tests, the consumed Token cost around 3 cent per package. Money well > spent. > > Best and cheers > Andreas
