check_vulnerability
ActiveTool of ai.dynamicfeed/dynamic-feed
Is this exact package (and version) vulnerable? FULL historical lookup across the entire OSV.dev corpus (Google) — every matching advisory + the versions that fix it. Use to check a dependency: "does lodash 4.17.10 have any known CVEs?". Args: package: package name (lodash, requests...). For Maven, pass the FULL 'group:artifact' coordinate (e.g. org.apache.logging.log4j:log4j-core) — a bare artifact name matches nothing in OSV, so it returns a hint, never a misleading "not vulnerable". version: exact version (optional but recommended, e.g. 4.17.10). ecosystem: npm | pip | maven | go | rubygems | nuget | cargo | composer (optional). Every value is returned in an Ed25519-signed, provenance-stamped envelope (source and observation time) you can verify offline against /.well-known/keys, no account required.
Parameters schema
{
"type": "object",
"title": "check_vulnerabilityArguments",
"required": [
"package"
],
"properties": {
"package": {
"type": "string",
"title": "Package"
},
"version": {
"type": "string",
"title": "Version",
"default": ""
},
"ecosystem": {
"type": "string",
"title": "Ecosystem",
"default": ""
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
ai.dynamicfeed/dynamic-feed
1/7 registries