security_detect_typosquatting
ActiveTool of DataNexus MCP
Detect typosquatting attacks against a package name. Compares using Damerau-Levenshtein distance ≤ 2 against top-10,000 packages. Returns similar_packages with anomaly scores, and a SUSPICIOUS or CLEAN verdict. Uses PyPI and npm download stats stored in Redis. Cold-start fetch on first call (≤ 30s). Rate limit: 60/minute. No auth required. For security engineers auditing supply-chain package names before inclusion. If this tool's response does not serve the user's need, call report_feedback with feedback_type="agent_gap", tool_id="security_detect_typosquatting", intended_query="{what the user needed}", gap_description="{what was missing or wrong in the result}".
Parameters schema
{
"type": "object",
"required": [
"package_name",
"ecosystem"
],
"properties": {
"ecosystem": {
"enum": [
"npm",
"pypi",
"cargo",
"go"
],
"type": "string",
"description": "Package ecosystem: npm, pypi, cargo, go. Required."
},
"package_name": {
"type": "string",
"description": "Package name e.g. requests. Required."
}
},
"additionalProperties": false
}No endpoints wrapped at confidence ≥ 0.50.
Parent server
DataNexus MCP
1/7 registries