Are your private npm or PyPi  packages staying private? How would you know if someone shared an  internal package out there in the wild? GitGuardian Honeytoken is a quick and easy way to add leakage and intrusion  detection to your projects. Honeytokens are decoy credentials that don't  grant users access to anything but instead trigger alarms that give you the IP of the user,  their user agent, and what action they attempted. If someone does try to use them,  then you need to know ASAP. Honeytokens are also triggered when exposed  publicly and will sound the alarm if the credential is scanned, giving you a heads-up  that your private package is no longer private. Knowing early is the secret to  effective incident response. When building your packages, just create a  new honeytoken from the GitGuardian dashboard and insert it into the project where you  prefer, in a .yml, .json, .py, or .js file. Then build and share that package  with the team with confidence. GitGuardian Honeytokens are here  to help keep your projects safe.