You're viewing a demo portfolio

Join the waitlist
PRSM

security_fetch_package_vulnerabilities

Active

Tool of DataNexus MCP

declared in 3.4.2

Fetch all known CVEs for an open source package version or a batch of packages. Read-only. No side effects. Idempotent. Single-package mode: package (e.g. requests), version (e.g. 2.28.0), ecosystem (PyPI/npm/Maven/Go/Cargo/NuGet/RubyGems). Batch mode: packages array of {name, version, ecosystem} objects — max 50 per call. If packages array is provided and non-empty, batch mode is used and package/version/ecosystem are ignored. Batch returns {results: [...], partial: bool, failed_count: int}. Each result has vuln_count and vulnerabilities list. Returns CVE ID, severity, CVSS score, affected range, and fixed version. Use security_fetch_cve_detail for full detail by CVE ID. Use security_audit_sbom_vulnerabilities for SBOM files. Verified source: Google OSV.dev. 1-hour cache. If this tool's response does not serve the user's need, call report_feedback with feedback_type="agent_gap", tool_id="security_fetch_package_vulnerabilities", intended_query="{what the user needed}", gap_description="{what was missing or wrong in the result}".

Parameters schema

{
  "type": "object",
  "properties": {
    "package": {
      "anyOf": [
        {
          "type": "string"
        },
        {
          "type": "null"
        }
      ],
      "default": null,
      "description": "Package name e.g. requests. Required in single-package mode."
    },
    "version": {
      "anyOf": [
        {
          "type": "string"
        },
        {
          "type": "null"
        }
      ],
      "default": null,
      "description": "Package version e.g. 2.28.0. Required in single-package mode."
    },
    "packages": {
      "anyOf": [
        {
          "type": "array",
          "items": {}
        },
        {
          "type": "null"
        }
      ],
      "default": null,
      "description": "Batch list of {name, version, ecosystem} objects. Max 50."
    },
    "ecosystem": {
      "anyOf": [
        {
          "type": "string"
        },
        {
          "type": "null"
        }
      ],
      "default": null,
      "description": "Package ecosystem: npm, pypi, cargo, go, maven, nuget. Required."
    }
  },
  "additionalProperties": false
}

What this tool wraps· 0 endpoints

min confidence0.700.50

No endpoints wrapped at confidence ≥ 0.70.

Parent server

DataNexus MCP

1/7 registries
View full server →