MCP Dependency Scanner

A lightweight MCP server to scan dependencies for vulnerabilities in JavaScript/TypeScript and Python projects. Built for LLM agents — not a general CLI tool.

Install (Recommended)

npm install -g mcp-scan-dependency

MCP Setup

{
  "mcpServers": {
    "dependency-scanner": {
      "command": "mcp-scan-dependency"
    }
  }
}

Available Tools

`scan_dependencies`

projectPath
minSeverity
suggestAlternatives
format → summary | detailed | json

`check_project_type`

projectPath

Test Prompt

Use this to verify MCP is working:

Scan dependencies in /your/project/path and show only high and critical vulnerabilities.

Notes

Built on official npm audit and pip-audit
Read-only scan (no file changes)
Designed for MCP / LLM usage

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
.github/workflows		.github/workflows
.husky		.husky
src		src
.gitignore		.gitignore
.npmignore		.npmignore
.prettierrc.json		.prettierrc.json
CHANGELOG.md		CHANGELOG.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
README.md		README.md
eslint.config.js		eslint.config.js
eslint.config.mjs		eslint.config.mjs
package-lock.json		package-lock.json
package.json		package.json
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

MCP Dependency Scanner

Install (Recommended)

MCP Setup

Available Tools

`scan_dependencies`

`check_project_type`

Test Prompt

Notes

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Uh oh!

Folders and files

Latest commit

History

Repository files navigation

MCP Dependency Scanner

Install (Recommended)

MCP Setup

Available Tools

scan_dependencies

check_project_type

Test Prompt

Notes

About

Resources

License

Contributing

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

`scan_dependencies`

`check_project_type`

Packages