diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..7c6c1d6
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,47 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:debug:20170905':
+    - browser-sync > localtunnel > debug:
+        patched: '2018-08-01T03:30:02.301Z'
+  'npm:hoek:20180212':
+    - gulp-sass > node-sass > node-gyp > request > hawk > boom > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-sass > node-sass > node-gyp > request > hawk > sntp > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-sass > node-sass > node-gyp > request > hawk > cryptiles > boom > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+    - node-sass > node-gyp > request > hawk > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+    - node-sass > node-gyp > request > hawk > boom > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+    - node-sass > node-gyp > request > hawk > sntp > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+    - node-sass > node-gyp > request > hawk > cryptiles > boom > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-sass > node-sass > node-gyp > request > hawk > hoek:
+        patched: '2018-08-01T03:30:02.301Z'
+  'npm:lodash:20180130':
+    - browser-sync > easy-extender > lodash:
+        patched: '2018-08-01T03:30:02.301Z'
+    - browser-sync > eazy-logger > opt-merger > lodash:
+        patched: '2018-08-01T03:30:02.301Z'
+    - node-sass-export > lodash:
+        patched: '2018-08-01T03:30:02.301Z'
+    - penthouse > apartment > lodash:
+        patched: '2018-08-01T03:30:02.301Z'
+  'npm:tunnel-agent:20170305':
+    - gulp-imagemin > imagemin-gifsicle > gifsicle > bin-build > download > caw > tunnel-agent:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-imagemin > imagemin-gifsicle > gifsicle > bin-wrapper > download > caw > tunnel-agent:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-imagemin > imagemin-jpegtran > jpegtran-bin > bin-build > download > caw > tunnel-agent:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-imagemin > imagemin-jpegtran > jpegtran-bin > bin-wrapper > download > caw > tunnel-agent:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-imagemin > imagemin-optipng > optipng-bin > bin-build > download > caw > tunnel-agent:
+        patched: '2018-08-01T03:30:02.301Z'
+    - gulp-imagemin > imagemin-optipng > optipng-bin > bin-wrapper > download > caw > tunnel-agent:
+        patched: '2018-08-01T03:30:02.301Z'
diff --git a/package.json b/package.json
index f32bc98..99b9aa6 100644
--- a/package.json
+++ b/package.json
@@ -117,6 +117,12 @@
     "webpack-hot-middleware": "^2.12.2",
     "webpack-module-hot-accept": "^1.0.4",
     "webpack-stream": "^3.2.0",
-    "yargs": "^4.8.1"
-  }
+    "yargs": "^4.8.1",
+    "snyk": "^1.89.1"
+  },
+  "scripts": {
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
+  },
+  "snyk": true
 }