Security
Package supply-chain risk API
Security-category alias for package risk scoring across npm and PyPI using OSV vulnerabilities, typosquat distance, and maintenance signals.
Price$0.01per request
MethodPOST
Route/v1/security/package-risk
StatusLive
MIME typeapplication/json
Rate limit60/minute
Cache3600s public
securitypackage-risksupply-chainosvnpmpypi
API URL
Integration docshttps://x402.hexl.dev/v1/security/package-riskExample request
{
"ecosystem": "npm",
"package": "loadsh"
}Example response
{
"package": "loadsh",
"ecosystem": "npm",
"riskScore": 47,
"riskBand": "high",
"recommendation": "review-carefully"
}Input schema
{
"type": "object",
"required": [
"ecosystem",
"package"
],
"properties": {
"ecosystem": {
"type": "string",
"enum": [
"npm",
"PyPI"
],
"examples": [
"npm"
]
},
"package": {
"type": "string",
"examples": [
"loadsh"
]
},
"version": {
"type": "string",
"examples": [
"1.0.0"
]
}
}
}Output schema
{
"type": "object",
"additionalProperties": true
}