Hi everyone,
I wanted to share a local-first developer tool I’ve been building called TraceTree.
Most of us download third-party packages from npm or PyPI daily without thinking twice. However, dependency confusion, typosquatting, and malicious install hooks are becoming more common. TraceTree was built to give developers a simple, offline way to test packages in a safe environment before installing them on their main machines.
What is TraceTree?
At its core, TraceTree is a command-line utility that:
1. Sandboxes the package: It boots up a temporary, isolated Docker container with the network interface completely disabled, preventing any outbound connections.
2. Traces behavior: It runs the installation/execution hooks under `strace` to capture low-level system interactions (file writes, process spawning, connection attempts).
4. Graphs the execution: It parses the system call logs and maps them into a directed execution graph using NetworkX.
5. Predicts anomalies: It uses a local machine learning classifier to analyze the graph features and predict if the package is exhibiting suspicious behavior.
Recent Update: Retraining with the CIC-MalMem Dataset
Our biggest challenge was training the local detector. We initially relied on a very small set of hand-crafted baseline packages, which made it hard to generalize.
To fix this, we recently built an integration pipeline to import and map data from the CIC-MalMem-2022 dataset. We took their memory-dump analysis features and mapped them into TraceTree’s native 10-feature graph space, adding some Gaussian noise to prevent overfitting.
We now have 5,030 normalized samples (2,500 benign and 2,500 malicious, plus our original baselines) in our local dataset. We retrained our Random Forest model on this data, achieving excellent offline detection accuracy.
Local-First and Lightweight
We wanted to keep the tool extremely fast and lightweight:
* No Cloud Dependency: The machine learning engine runs completely offline using a 3.2MB serialized model (`model.skops`).
* Safe Model Loading: We use `skops` instead of Pythons' standard `pickle` loader, which strictly prevents arbitrary code execution when loading the model.
* Excluded Data: The raw 18MB training CSV is kept in the repository for developer reproducibility, but the packaged distribution excludes it so the CLI utility remains small.
Try It Out
The project is entirely open source, and we would love to get your feedback or have you collaborate with us!