Check if your Node.js projects are using packages with known and public vulnerable dependencies, using NSP DB.
Install it:npm install -g nsp
Usage:
1234567891011121314
nmotw.in> nsp
Usage: [command] --arg=value --arg2
Help:
help Show help menu
[cmd]help Show command help menu
Options:
version shows the current version of nsp
shrinkwrap alias to audit-shrinkwrap
audit-shrinkwrap audits your `npm shrinkwrap` against NSP db
package alias to audit-package
audit-package audits your package.json against NSP db