Modern websites rely heavily on JavaScript, and leveraging third-party scripts accelerates web app development without requiring a full rebuild. However, supply chain attacks targeting third-party JavaScript have become a reality, making manual review of each script impractical due to the vast number of scripts and rapid updates. Cloudflare has developed an AI model that detects the exact malicious intent behind each script, providing deeper visibility into client-side threats and empowering organizations to better protect their users from evolving security risks. The new feature is integrated into Page Shield, a cloud-based security solution that scans JavaScript dependencies on web pages and flags suspicious content. The AI model uses syntax trees to classify malicious code, balances precision and recall with speed, and has been trained using a combination of labeled data and unsupervised learning techniques. To address the challenge of unbalanced data, Cloudflare employs strategies such as generating code embeddings and caching inference results to reduce false positives and improve efficiency. The solution is now available to all Page Shield customers with the add-on, providing an additional layer of security against evolving security threats.