You're viewing a demo portfolio

Join the waitlist
PRSM

ossf_scorecard_trend_analyzer

Active

Tool of gapup-mcp

declared in 0.2.0

As a CTO, analyze OSSF Scorecard trends for your top 10-50 dependencies to identify security regressions or deteriorating project health. Input GitHub repository names (owner/repo), get structured trend data including score deltas, check failures, and risk flags. Uses OSSF Scorecard API and GitHub Archive for historical context. Ideal for proactive dependency management and risk assessment.

Parameters schema

{
  "type": "object",
  "required": [
    "repositories"
  ],
  "properties": {
    "async": {
      "type": "boolean",
      "description": "If true, returns a job_id immediately (<200ms) instead of waiting for the result. Poll the result with job_result(job_id). Use for slow tools to avoid client timeouts."
    },
    "lookbackDays": {
      "type": "number",
      "default": 30,
      "maximum": 90,
      "minimum": 7,
      "description": "Number of days to analyze trends for"
    },
    "repositories": {
      "type": "array",
      "items": {
        "type": "string",
        "pattern": "^[a-zA-Z0-9-]+/[a-zA-Z0-9-_.]+$"
      },
      "maxItems": 50,
      "minItems": 1,
      "description": "List of GitHub repositories in owner/repo format"
    },
    "minScoreThreshold": {
      "type": "number",
      "default": 5,
      "maximum": 10,
      "minimum": 0,
      "description": "Minimum acceptable score to flag as risky"
    }
  }
}

What this tool wraps· 0 endpoints

min confidence0.700.50

No endpoints wrapped at confidence ≥ 0.50.

Parent server

gapup-mcp

https://github.com/getgapup/gapup-mcp-public

2/7 registries
View full server →