Kotiq reads a package's install scripts before they run โ and tells you if it's safe. It catches the wallet- and key-stealing malware hidden in install hooks, without ever executing a line.