Security Audit
Createdqianniuspace
Audits npm package dependencies for security vulnerabilities using a remote npm registry.
About
Security Audit is a powerful tool that functions as a Model Context Protocol (MCP) Server, providing real-time security vulnerability scanning for npm package dependencies. By integrating with a remote npm registry, it delivers detailed vulnerability reports, including severity levels, fix recommendations, CVSS scores, and CVE references. It supports multiple severity levels (critical, high, moderate, low) and is compatible with npm, pnpm, and yarn package managers.
Key Features
- Detailed vulnerability reports with severity levels
- 10 GitHub stars
- Real-time security vulnerability scanning
- Automatic fix recommendations
- Remote npm registry integration
- CVSS scoring and CVE references
Use Cases
- Identifying and mitigating security vulnerabilities in npm package dependencies.
- Ensuring software projects are using secure versions of npm packages.
- Integrating security audits into CI/CD pipelines for automated vulnerability checks.