Doesn't work at https://pypi.org/, so it's useless to me considering I don't use specifically NPM.

Disclosure: I work at Socket ;)

At Socket, we've been working hard to make it easier than ever to focus on your code without worrying about the security of your open-source dependencies. Today, we're excited to announce the public beta of the Socket browser extension which helps you pick better packages by adding Socket package metrics to the NPM package and search pages. The extension is available for Chrome, Firefox, and any Chromium-based browser such as Edge and Brave.

Socket analyzes potential vulnerabilities and unwanted behavior throughout your entire dependency tree. With the Socket extension, you can verify that the NPM package you're about to install is secure and trustworthy.