diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..1160861
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,30 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - '@chatie/graphql > graphcool > graphcool-cli-core > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-engine > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > archiver > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > graphcool-inquirer > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-engine > graphcool-inquirer > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > inquirer > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > table > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > archiver > archiver-utils > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > archiver > async > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > portfinder > async > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > archiver > zip-stream > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
+    - '@chatie/graphql > graphcool > graphcool-cli-core > archiver > zip-stream > archiver-utils > lodash':
+        patched: '2020-04-30T21:33:17.504Z'
diff --git a/package.json b/package.json
index 3b1ec6a..79a9117 100644
--- a/package.json
+++ b/package.json
@@ -27,7 +27,9 @@
     "lint:ts": "tslint --project tsconfig.json && tsc --noEmit",
     "lint:ionic": "ionic-app-scripts lint",
     "test": "npm run lint && echo To Be Test",
-    "test:pack": "echo To Be Pack"
+    "test:pack": "echo To Be Pack",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
   "dependencies": {
     "@angular/animations": "6.1.1",
@@ -70,7 +72,8 @@
     "rxjs": "6.2.2",
     "state-switch": "^0.6.2",
     "sw-toolbox": "3.6.0",
-    "zone.js": "0.8.26"
+    "zone.js": "0.8.26",
+    "snyk": "^1.316.1"
   },
   "devDependencies": {
     "@angular/cli": "^6.1.2",
@@ -111,5 +114,6 @@
     "scripts": {
       "pre-push": "./scripts/pre-push.sh"
     }
-  }
+  },
+  "snyk": true
 }