# Install carrot-scan Command-line tool for detecting vulnerabilities in files and directories. Version 6.0.1 via npm; verified 2025-07-07. ## Install ```sh sudo av install npm:carrot-scan ``` Additional install commands: ### Portable and language managers - npm (100%): ```sh npm install -g carrot-scan ``` Evidence: local npm package metadata ## Package Facts - **Package key:** npm:carrot-scan - **Package manager:** npm - **Package manager URL:** - **Version:** 6.0.1 - **Source summary:** Command-line tool for detecting vulnerabilities in files and directories. - **Homepage:** - **Repository:** - **Upstream docs:** - **License:** MIT - **Source archive:** - **Issue tracker:** - **Published:** 2025-07-07T09:58:52.520Z - **Last updated:** 2025-07-07T09:58:52.520Z - **Generated:** 2026-06-10T07:18:26+00:00 ## Executables - carrot-scan (cli) - carrot-scan (alias) ## Dependencies - @carrot-scan/core - @fastify/swagger - @fastify/swagger-ui - chalk - commander - fastify - figlet - inquirer - open - open-cli - yaml ## Build Dependencies - @eslint/js - eslint - eslint-config-prettier - eslint-plugin-import - eslint-plugin-prettier - eslint-plugin-security - eslint-plugin-unicorn - execa - globals - jest - jest-cli - js-x-ray - prettier - semgrep ## Install Behavior - Post-install hook: defined - Lifecycle scripts: postinstall - Bottle: not available ## Freshness - Page generated: 2026-06-10 - Package-manager version: 6.0.1 - Package-manager updated: 2025-07-07 - Local data status: ok - Upstream repository: https://github.com/SonoTommy/carrot-scan - notice: The package-manager record has not changed recently. - info: No cached GitHub release or tag data was available. ## Notes de sécurité Aucun manifest local de gestion des secrets correspondant n'a été trouvé pour carrot-scan. Les métadonnées de paquet Nucleus restent publiées ici afin que la couverture future dispose d'une URL stable. ## Source Database Details - **Source Database:** npm registry - **Dist Tags:** Canary: 6.0.4-canary.4, Latest: 6.0.1 - **Version Count:** 27,708 - **Maintainers:** justsouichi - **Author:** SonoTommy [https://github.com/SonoTommy] - **Publisher:** justsouichi - **Funding:** - **Integrity:** sha512-y2sdPDCpOD5YJ87Qm81hrwHn8vTckMQGcvPvdQ+hLuhoB+VAdOVj54KFQQhZmkMUbYaAAeRdnLcSAb4gKGn+Iw== - **Shasum:** 9c8b4efb64534d439c28d7f13a8a8637cd6c4a31 - **Unpacked Size:** 202,448 - **File Count:** 0 - **Created At:** 2025-06-23T20:17:40.124Z - **Latest Published At:** 2025-07-07T09:58:52.520Z - **Modified At:** 2025-07-07T11:22:49.790Z ## Related Links - [Terminal utility packages](https://www.automicvault.com/fr/pkg/terminal-utilities/) - Matched curated package taxonomy and local package facts. - [@fission-ai/openspec](https://www.automicvault.com/fr/pkg/npm/fission-ai-openspec/) - Both packages work with overlapping file formats or content types. Shared terms: chalk, commander, core, fast, inquirer. - [@netlify/config](https://www.automicvault.com/fr/pkg/npm/netlify-config/) - Both packages work with overlapping file formats or content types. Shared terms: api, chalk, fast, module, terminal. - [@usebruno/cli](https://www.automicvault.com/fr/pkg/npm/usebruno-cli/) - Both packages work with overlapping file formats or content types. Shared terms: api, chalk, command-line, js, line. ## Sources - Nucleus package database - package-page enrichment - package version freshness - package relationship graph - cross-ecosystem install command graph