query_batch
ActiveTool of Osv
Batch vulnerability query against OSV.dev (up to 1000 entries per call) — for SBOM-style "scan every dependency in this lockfile" workflows. Pass an array of {package:{name,ecosystem}, version?} or {commit} entries. Returns the vuln IDs matched per query (use get_vulnerability for full detail per ID). Keyless.
Parameters schema
{
"type": "object",
"examples": [
{
"queries": [
{
"package": {
"name": "django",
"ecosystem": "PyPI"
},
"version": "3.0.0"
},
{
"package": {
"name": "log4j-core",
"ecosystem": "Maven"
},
"version": "2.14.1"
},
{
"commit": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6"
}
]
}
],
"required": [
"queries"
],
"properties": {
"queries": {
"type": "array",
"items": {
"type": "object"
},
"description": "Up to 1000 query objects. Each: {package:{name,ecosystem}, version?} or {commit}."
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
Osv
https://github.com/pipeworx-io/mcp-osv
1/7 registries