macOS
brew install malcontentlocal Homebrew formula metadata
brew
malcontent のインストール経路、実行ファイル、メタデータ、AI エージェント向けセキュリティノートを確認します。
インストール
brew install malcontentlocal Homebrew formula metadata
sudo apk add malcontentAlpine Linux edge package indexes · malcontent · ソース: dl-cdn.alpinelinux.org
sudo apt install malcontentDebian stable package indexes · malcontent · ソース: deb.debian.org
sudo dnf install malcontentFedora Rawhide package metadata · malcontent · ソース: dl.fedoraproject.org
nix profile install nixpkgs#malcontentnixpkgs package indexes · malcontent · ソース: raw.githubusercontent.com
sudo pacman -S malcontentArch Linux sync databases · malcontent · ソース: geo.mirror.pkgbuild.com
sudo zypper install malcontentopenSUSE Tumbleweed package metadata · malcontent · ソース: download.opensuse.org
概要
Supply Chain Attack Detection, via context differential analysis and YARA
履歴
malcontent is Chainguard's open source command-line scanner for discovering supply-chain compromises through context, differential analysis, and YARA rules. Its executable is `mal`, and the README describes analyze, diff, and scan modes for binaries, archives, directories, and OCI images.
The GitHub repository was created in February 2024 and is maintained under the Chainguard organization. The README presents it as a "subtle malware discovery tool" for supply-chain attack detection, using a large embedded YARA rule set and contextual comparisons rather than only standalone signature hits.
malcontent's project shape reflects the post-SolarWinds and post-3CX supply-chain security era: it is built for CI/CD use, supports container images and archives, and treats behavior changes between releases as a key signal. The README uses the 3CX compromise as an example of differential analysis surfacing newly risky behavior.
Public adoption is still young but visible through the GitHub repository's releases, stars, forks, and companion GitHub Action. The README emphasizes Linux programs while noting useful coverage for other Unix platforms such as macOS and, to a lesser extent, Windows.
Chainguard also references malcontent in its supply-chain security writing as a binary analysis tool that can surface newly introduced capabilities without requiring full reverse engineering. That positions it as a practical package-review tool for maintainers evaluating suspicious upstream or dependency changes.
`mal analyze` enumerates capabilities in a target, `mal diff` compares two paths, archives, reports, or images, and `mal scan` reports findings above a risk threshold. It supports output formats including JSON, YAML, Markdown, text, terminal, and TUI-style output, and includes an opt-in `--oci-auth` mode for private image pulls.
malcontent matters to package maintainers because it targets the hard question a package diff raises: did this new release gain suspicious behavior? It is especially relevant to registry ecosystems, binary packages, vendored archives, container images, and CI checks where maintainers need quick triage before publishing or upgrading.
セキュリティ状態
malcontent に一致するローカルシークレット処理マニフェストは見つかりませんでした。将来の対応で安定したパッケージ URL を使えるよう、Nucleus パッケージメタデータはここに公開されています。
エージェントに無人実行させる前に、このツールが平文の認証情報を読むか、リモート状態を書き込むか、成果物を公開するか、プラグインを起動するかを確認してください。
実行可能ファイル
| コマンド | 種類 | 公開範囲 | メモ |
|---|---|---|---|
mal | cli | グローバル実行可能ファイル |
鮮度
これらの信号は、ページ生成時期、パッケージマネージャの活動、上流リリース比較を分けて示します。バージョン遅れは、証拠 URL と比較可能なバージョンがある場合だけ警告されます。
https://github.com/chainguard-dev/malcontent
インストールメタデータ
| パッケージキー | brew:malcontent |
|---|---|
| バージョン | 1.25.1 |
| パッケージマネージャ | Homebrew |
| パッケージマネージャページ | https://formulae.brew.sh/formula/malcontent |
| ホームページ | https://github.com/chainguard-dev/malcontent |
| リポジトリ | https://github.com/chainguard-dev/malcontent |
| 上流ドキュメント | https://github.com/chainguard-dev/malcontent#readme |
| ライセンス | Apache-2.0 |
| ソースアーカイブ | https://github.com/chainguard-dev/malcontent/archive/refs/tags/v1.25.1.tar.gz |
| 最終更新 | 2026-07-06T21:40:36Z |
| Pulse | updated |
| 依存関係 | yara-x |
| ビルド依存関係 | go, pkgconf |
| Bottle | 利用可能 (対象 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | 未定義 |
| サービス | 宣言なし |
レジストリ情報
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | malcontent |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
ソースデータベース一致
一致は外部パッケージマネージャインデックスから取得され、ローカルの Automic Vault パッケージリンクとは分けて表示されます。
gir1.2-malcontent-0 0.13.0-2+deb13u1
GObject introspection bindings for libmalcontent
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install gir1.2-malcontent-0gir1.2-malcontentui-1 0.13.0-2+deb13u1
GObject introspection bindings for libmalcontent-ui
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install gir1.2-malcontentui-1libmalcontent-0-0 0.13.0-2+deb13u1
library for parental control of applications
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-0-0libmalcontent-0-dev 0.13.0-2+deb13u1
development files for libmalcontent
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-0-devlibmalcontent-ui-1-1 0.13.0-2+deb13u1
library for parental control of applications - GTK widgets and dialogs
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-ui-1-1libmalcontent-ui-dev 0.13.0-2+deb13u1
development files for libmalcontent-ui
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-ui-devlibpam-malcontent 0.13.0-2+deb13u1
PAM module to control the time a user is spending on the computer
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libpam-malcontentmalcontent 0.13.0-2+deb13u1
framework for parental control of applications
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install malcontentmalcontent-gui 0.13.0-2+deb13u1
GUI to configure malcontent
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install malcontent-guimalcontent
nix profile install nixpkgs#malcontentgir1.2-malcontent-0 0.11.1-1build4
GObject introspection bindings for libmalcontent
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install gir1.2-malcontent-0gir1.2-malcontentui-1 0.11.1-1build4
GObject introspection bindings for libmalcontent-ui
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install gir1.2-malcontentui-1libmalcontent-0-0 0.11.1-1build4
library for parental control of applications
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-0-0libmalcontent-0-dev 0.11.1-1build4
development files for libmalcontent
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-0-devlibmalcontent-ui-1-1 0.11.1-1build4
library for parental control of applications - GTK+ widgets and dialogs
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-ui-1-1libmalcontent-ui-dev 0.11.1-1build4
development files for libmalcontent-ui
https://gitlab.freedesktop.org/pwithnall/malcontent/
sudo apt install libmalcontent-ui-devソース経路
このページは scripts/generate-pkg-sqlite.py が生成した非公開のパッケージ SQLite アーティファクトから av-web によって提供されます。
View the package source record on GitHub.