package_health
ActiveTool of ai.dynamicfeed/dynamic-feed
Health & security posture of a software package (npm / PyPI / Go / Maven / Cargo / NuGet / RubyGems) from deps.dev (Google Open Source Insights, keyless): latest version, license, count of known security advisories, the OpenSSF Scorecard (0-10 security-posture score for the source repo + its weakest checks) and popularity (stars/forks). The "should I depend on this?" check — pairs with check_vulnerability (is a version vulnerable) and software_version (is the runtime current). Args: package (e.g. "lodash", "requests"), ecosystem (npm|pypi|go|maven|cargo|nuget|rubygems), version (optional — defaults to the latest). Every value is returned in an Ed25519-signed, provenance-stamped envelope (source and observation time) you can verify offline against /.well-known/keys, no account required.
Parameters schema
{
"type": "object",
"title": "package_healthArguments",
"properties": {
"package": {
"type": "string",
"title": "Package",
"default": ""
},
"version": {
"type": "string",
"title": "Version",
"default": ""
},
"ecosystem": {
"type": "string",
"title": "Ecosystem",
"default": "npm"
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
ai.dynamicfeed/dynamic-feed
1/7 registries