Mitsuki Audit
Audits front-end project security dependencies leveraging the MCP Server protocol to overcome limitations of `npm audit`.
关于
Mitsuki Audit is a powerful front-end security dependency auditing tool built on the MCP Server protocol, designed to address the core shortcomings of traditional tools like `npm audit`. It supports both local projects and remote repositories, providing critical audit information such as CVSS scores, CWEs, and comprehensive dependency chains. The tool generates standardized markdown reports, with future support for JSON and HTML, making it ideal for local dependency checks, technical selection processes, and various security audit tasks. It has been seamlessly integrated into enterprise LLM toolchains, significantly boosting security audit efficiency by 90%.
主要功能
- Generates dependency lock files without prior installation
- Performs security audits of main projects using the npm security API
- Converts dependency graphs to chains, handling recursive dependencies through DFS
- Renders audit results into standardized markdown files using a template engine
- Consolidates the semantic ranges of vulnerability impacts
- 1 GitHub stars
使用案例
- Conducting local dependency checks and informing technical selection during security audits
- Integrating into development environments such as Cursor, VSCode, or Dify for automated checks
- Performing comprehensive, enterprise-wide security audits across production lines