Smelly
Smelly: A nose for vulnerable dependencies
As of June 2026, Smelly has 4 users and a 5.00/5 rating from 1 reviews in the Developer Tools category.
Usersno change0%
4
4
Ratingno change0%
5.00
1 reviews
Reviewsno change0%
1
Version
0.0.2
Manifest V3
History
4 snapshotsTracking since Apr 18, 2026.
View as table
| Date | Users | Rating | Reviews | Version |
|---|---|---|---|---|
| Apr 18, 2026 | 4 | 5.00 | 1 | 0.0.2 |
| May 3, 2026 | 6 | 5.00 | 1 | 0.0.2 |
| May 12, 2026 | 3 | 5.00 | 1 | 0.0.2 |
| May 24, 2026 | 6 | 5.00 | 1 | 0.0.2 |
| Now | 4 | 5.00 | 1 | 0.0.2 |
Permissions & access
- Permissions
- storage
- Host access
- https://pypi.org/*, https://www.nuget.org/*, https://nuget.org/*, https://registry.npmjs.org/*, https://www.npmjs.com/*, https://api.osv.dev/*
Screenshots
About
Smelly is your lightweight browser companion for discovering security vulnerabilities in open source dependencies instantly, as you explore package registries. Smelly simply monitors package URLs you visit (like npm, PyPI, and NuGet), extracts the package name and version directly from the address, and checks them against the trusted OSV.dev vulnerability database. When it finds something smelly — an outdated or insecure version — it shows you the details and a recommended upgrade path, right in your browser. What Smelly Does? - Automatically detects when you visit supported package pages on supported package repositories. - Queries the OSV.dev API for known vulnerabilities in the package version. - Displays issues in a clean popup view with: - CVE / GHSA identifiers - Severity levels and summaries - Affected ranges - Safe upgrade versions - Recommends the minimal secure version to upgrade to — keeping your dependencies clean and current. Upcoming Support More ecosystems are on the way — including Maven, Go, and more. Privacy & Security - No DOM access or page scraping. - No data collection, telemetry, or tracking. - Only outbound calls are made to the OSV.dev API. - All logic runs locally in your browser. Keywords: security, osv, vulnerability, cve, dependency, npm, pypi, nuget, open source, devsecops, supply chain, package security
Technical
- Version
- 0.0.2
- Manifest
- V3
- Size
- 284KiB
- Min Chrome
- 88
- Languages
- 1
- Featured
- No
Metadata
- ID
- kfhemoglflgklekoieninjpjfblddmbm
- Developer ID
- ue3aa1006e0a6d6f7dc181db9d55e0a3d
- Developer Email
- [email protected]
- Created
- Oct 9, 2025
- Last Updated (Store)
- Oct 10, 2025
- Last Scraped
- Jun 6, 2026
- Website
- —
- Support URL
- https://github.com/gurunathg/smelly
- Privacy Policy
- —
Similar extensions
Alternatives to Smelly, ranked by description similarity.
Socket Security
Secure your supply chain and ship with confidence
2.0K
★ 5.0
VulnGuard
Scans GitHub repositories for vulnerable dependencies using OSV.dev
—
SecuriScan - Web Security Analyzer
Lightweight security scanner that analyzes websites for common vulnerabilities and security misconfigurations
327
VaptFinder: Vulnerability & Library Detector
Inspects websites for outdated libraries and checks browser vulnerability.
64
VulnCheck Insights
Lookup CVEs, CPEs, and PURLs with VulnCheck
353
★ 5.0
AppSec Inspector
Professional security inspection tool. Scan headers, detect secrets, audit auth - all locally, no data collection.
6
Vigilante
Advanced website security scanner
4
★ 5.0
CVE Daily Lookup
Auto-detect CVE IDs on any page and link them to NVD. Supports GitHub, Jira, and SPAs.
8
★ 5.0
Data sourced from the Chrome Web Store · last verified Jun 6, 2026.