You're viewing a demo portfolio

Join the waitlist
PRSM
This tool is no longer present in the server's latest manifest. Showing the last observed version (server version 0.1.0).

vulnerabilities

Inactive

Tool of Osv Dev

declared in 0.1.0

Find vulnerabilities affecting a package — optionally narrowed to a specific version, or alternatively by git commit hash. Pass package_name + ecosystem (npm / PyPI / Maven / NuGet / RubyGems / crates.io / Packagist / Hex / Pub / Go / Debian / Alpine / Ubuntu / Linux). Returns shaped vuln list with severity_level, affected_summary (introduced→fixed ranges), aliases, references, advisory_url. Use for "is lodash 4.17.4 safe", "what hits requests<2.20", "every CVE for log4j".

Parameters schema

{
  "type": "object",
  "examples": [
    {
      "version": "4.17.20",
      "ecosystem": "npm",
      "package_name": "lodash"
    },
    {
      "commit": "6879efc2c1596d11a6e2048270e8dfc2c871a7fb"
    }
  ],
  "properties": {
    "commit": {
      "type": "string",
      "description": "Mutually exclusive with package_name — for source-only / pre-publication code (typical for Go modules, custom forks, vendored deps)."
    },
    "version": {
      "type": "string",
      "description": "Optional specific version to narrow to ones affecting that exact version. Omit to return ALL vulns ever reported."
    },
    "ecosystem": {
      "type": "string",
      "description": "npm | PyPI | crates.io | Go | Maven | NuGet | RubyGems | Hex | Pub | Packagist | GitHub Actions | Debian:12 | Ubuntu | Alpine | Linux"
    },
    "package_name": {
      "type": "string",
      "description": "Package name. For Maven use \"groupId:artifactId\"."
    }
  }
}

What this tool wraps· 0 endpoints

min confidence0.700.50

No endpoints wrapped at confidence ≥ 0.70.

Parent server

Osv Dev

https://github.com/pipeworx-io/mcp-osv-dev

1/7 registries
View full server →