Scan your dependencies for weaponized vulnerabilities. Powered by ThreatPulse x402.
Project description
ThreatPulse CLI
Scan your dependencies for weaponized vulnerabilities. Powered by threatpulse.waltsoft.net.
Install
pip install threatpulse
Authentication
ThreatPulse offers 10 free lookups/day. For unlimited access, purchase an API key at threatpulse.waltsoft.net.
# Set once (recommended)
export THREATPULSE_KEY=tp_live_your_key_here
# Or pass per-command
threatpulse scan --key tp_live_your_key_here
Lost your key? Recover it at https://threatpulse.waltsoft.net/key/recover with your purchase email.
Check balance:
curl -H "Authorization: Bearer tp_live_..." https://threatpulse.waltsoft.net/key/balance
Usage
# Scan a lockfile
threatpulse scan --file package-lock.json
# Fail CI if urgency >= 80
threatpulse scan --threshold 80
# JSON output for piping
threatpulse scan --format json | jq '.[] | select(.urgency_score > 70)'
# SARIF for GitHub Code Scanning
threatpulse scan --format sarif > results.sarif
What makes this different
Unlike Trivy/Snyk/Inspector, ThreatPulse tells you if a CVE is actively weaponized:
🔴 CVE-2024-45257 HIGH weaponized 95 metasploit:exploit/unix/webapp/byob_unauth_rce
🟡 CVE-2025-1234 MEDIUM poc 45 github.com/user/CVE-2025-1234
🟢 CVE-2025-5678 LOW none 12 no known exploit
Supported lockfiles
package-lock.json(npm)requirements.txt(pip)Cargo.lock(Rust)go.sum(Go)Gemfile.lock(Ruby)
GitHub Action
- uses: awsdataarchitect/threatpulse-action@v1
with:
fail-on-urgency: 80
Links
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file threatpulse-0.2.0.tar.gz.
File metadata
- Download URL: threatpulse-0.2.0.tar.gz
- Upload date:
- Size: 3.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
aed361bc5c9068b45e07ec6804d61685c5628c9b789ac3d6d831421e27e02822
|
|
| MD5 |
eb04aed68d8d08c4f1615a4f414d09a0
|
|
| BLAKE2b-256 |
9915033f23e33fbc7a333bb413cd5a1edd06567a97abf07001e36f31882ca56e
|
File details
Details for the file threatpulse-0.2.0-py3-none-any.whl.
File metadata
- Download URL: threatpulse-0.2.0-py3-none-any.whl
- Upload date:
- Size: 4.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
945931340f3509415619d0526302474c7668af0e2e2a306e700da2b0437f7965
|
|
| MD5 |
4c9ada493ed342a2f010d123facff7c0
|
|
| BLAKE2b-256 |
96de00c962738e3510a3e8f1d76cf38170e4c55b2fab162895b179ed3f606783
|
