* [gosec v2.25.0](https://github.com/securego/gosec) – Inspects Go source code for security issues by scanning the AST and SSA representations.

* [Step CLI v0.30.0](https://github.com/smallstep/cli) – Easy-to-use CLI for building, operating, and automating PKI systems and common X.509, JWT, and crypto workflows.

* [step-ca v0.30.0](https://github.com/smallstep/certificates) – Private certificate authority for secure, automated certificate management in DevOps environments.

* [Password Pusher v2.0.2](https://github.com/pglombardo/PasswordPusher) – Securely share sensitive information with automatic expiration and deletion after a set number of views or duration.

* [Infisical v0.158.17](https://github.com/Infisical/infisical) – Secret management platform for syncing secrets and configurations across teams and infrastructure while preventing leaks.

* [Crust v4.2.0](https://github.com/BakeLens/crust) – Local transparent gateway that intercepts agent tool calls and blocks dangerous operations before execution.

* [CoWork OS v0.5.1](https://github.com/CoWork-OS/CoWork-OS) – Security-first personal AI assistant runtime providing multi-provider model access and multi-channel messaging integrations with local-first data control.

* [js-x-ray @nodesecure/js-x-ray...](https://github.com/NodeSecure/js-x-ray) – JavaScript AST analysis tool for identifying potentially malicious code patterns.

* [sigstore-js @sigstore/tuf@4.0.2](https://github.com/sigstore/sigstore-js) – JavaScript libraries for interacting with Sigstore signing and verification services.