security_advisories
ActiveTool of ai.dynamicfeed/dynamic-feed
Recent software security advisories / CVEs — each with the affected package, vulnerable version range, the patched version that fixes it, severity, and CVSS score. Use this to check if a package has a recent advisory, or to get the latest critical CVEs. Pairs with software_version (is my stack current AND safe?). Newest first. Source: GitHub Advisory Database. Note: covers recently-published reviewed advisories, not the full historical CVE corpus. Envelope: this is an EVENT feed, so checked_at = when WE last refreshed the advisory store (freshness reflects how current our mirror is, NOT how long since the last CVE — a quiet stretch is not stale data). The newest advisory's own age is surfaced as latest_advisory_age_s. Args: query: match summary / package / CVE id / GHSA id. package: affected package name (e.g. lodash, requests, log4j). ecosystem: npm | pip | maven | go | rubygems | nuget | composer | rust | ... severity: low | moderate | high | critical. min_cvss: minimum CVSS score (0-10). limit: max results. Every value is returned in an Ed25519-signed, provenance-stamped envelope (source and observation time) you can verify offline against /.well-known/keys, no account required.
Parameters schema
{
"type": "object",
"title": "security_advisoriesArguments",
"properties": {
"limit": {
"type": "integer",
"title": "Limit",
"default": 30
},
"query": {
"type": "string",
"title": "Query",
"default": ""
},
"package": {
"type": "string",
"title": "Package",
"default": ""
},
"min_cvss": {
"anyOf": [
{
"type": "number"
},
{
"type": "null"
}
],
"title": "Min Cvss",
"default": null
},
"severity": {
"type": "string",
"title": "Severity",
"default": ""
},
"ecosystem": {
"type": "string",
"title": "Ecosystem",
"default": ""
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
ai.dynamicfeed/dynamic-feed
1/7 registries