A simple and practical Python tool to scan Node.js bundles for suspicious activity and potential GitHub token exfiltration.