diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..1270e1c
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-HTTPSPROXYAGENT-469131:
+    - commandx > urllib > proxy-agent > https-proxy-agent:
+        patched: '2019-10-04T00:42:17.321Z'
+    - commandx > urllib > proxy-agent > pac-proxy-agent > https-proxy-agent:
+        patched: '2019-10-04T00:42:17.321Z'
diff --git a/package.json b/package.json
index fe79164..eb89ebd 100644
--- a/package.json
+++ b/package.json
@@ -21,7 +21,8 @@
     "mkdirp": "^0.5.1",
     "moment": "^2.22.1",
     "mz": "^2.7.0",
-    "node-homedir": "^1.1.0"
+    "node-homedir": "^1.1.0",
+    "snyk": "^1.230.5"
   },
   "devDependencies": {
     "autod": "^3.0.1",
@@ -46,12 +47,15 @@
     "test-local": "egg-bin test",
     "cov": "egg-bin cov",
     "ci": "npm run lint && npm run cov",
-    "autod": "autod"
+    "autod": "autod",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "files": [
     "config",
     "app",
     "agent.js"
   ],
-  "author": "fengmk2 <fengmk2@gmail.com> (https://fengmk2.com)"
+  "author": "fengmk2 <fengmk2@gmail.com> (https://fengmk2.com)",
+  "snyk": true
 }