OpenSSF Security Evaluator
byjone0709
0Provides comprehensive, AI-powered security analysis for software packages across diverse ecosystems.
About
The OpenSSF Security Evaluator is a FastMCP server designed to deliver in-depth security analysis for software packages across multiple ecosystems, including npm, PyPI, and Cargo. Integrating seamlessly with Claude Desktop, it provides AI-powered evaluation, real-time vulnerability detection, supply chain protection against malicious packages, and a robust risk scoring system. The tool also offers GitHub repository security analysis and helps users discover secure, compatible alternative packages, making it an essential solution for maintaining software supply chain integrity.
Key Features
- 0 GitHub stars
- AI-powered discovery of alternative packages with license compatibility
- Real-time vulnerability detection via OSV.dev
- Supply chain protection against typosquatting and malicious packages
- Comprehensive 0-100 security risk scoring
- GitHub repository health and maintenance metrics
Use Cases
- Evaluating software package security before integration or deployment
- Identifying and mitigating supply chain risks in open-source dependencies
- Discovering secure and compatible alternatives for existing packages
Advertisement