Currently we use some custom saved SQL queries for BigQuery to analyze the Package Analysis result data for malicious samples.

This has worked reasonably well so far at finding malicious packages, but it requires regular effort to monitor the output of these queries.

To scale this further it would be good to automate this away - improving efficiency and broading the scope of what we are able to hunt for.