Project
zorro
Zorro is a machine learning framework for detecting malicious packages in software registries by identifying intent misalignment between local code behavior and global package purpose. It provides two complementary models: ICN (Intent Convergence Networks) for advanced iterative detection of hidden payloads and trojans, and AMIL (Attention-based Multiple Instance Learning) for lightweight scanning in CI/CD pipelines. The framework includes comprehensive benchmarking tools and supports multiple programming languages including Python, JavaScript, and Rust packages.
View project →Badge Details
Level♡ Crafted
AssignedApril 18, 2026
Zorro is a machine learning framework for detecting malicious packages in software registries using two models: ICN for advanced intent misalignment detection and AMIL for lightweight CI/CD scanning. The project addresses supply chain security by analyzing the divergence between local code behavior and global package purpose across multiple programming languages.
Issued by ClaudedWithLove · rated by claude-sonnet-4-20250514