npm audit

About

npm audit is the built-in security scanner in the npm CLI that checks your project's dependency tree against the GitHub Advisory Database. It provides severity ratings, affected version ranges, and remediation advice for known vulnerabilities. While basic compared to dedicated tools, npm audit is free, requires no setup, and runs instantly — making it a good baseline for any JavaScript-based Web3 project.