Socket MCP Server

{ "manifest_version": "0.1", "name": "Socket", "version": "0.0.12", "description": "Socket MCP server for scanning dependencies", "long_description": "__Secure your code by default.__\nThe Socket MCP server brings powerful, real-time dependency scanning directly into Claude. Instantly audit packages from npm, PyPI, Cargo, and more—right inside your chats—with zero setup. Built on the Model Context Protocol (MCP), this extension automatically evaluates packages for:\n - Vulnerabilities and malware\n - Supply chain risks\n - Code quality and maintenance\n - License compliance\n\n With a single command, Claude will return detailed security scores (0–100) across five critical dimensions—helping you make informed decisions and avoid risky dependencies before they hit production.", "author": { "name": "Socket", "email": "eng@socket.dev", "url": "https://socket.dev/" }, "homepage": "https://github.com/SocketDev/socket-mcp", "documentation": "https://github.com/SocketDev/socket-mcp?tab=readme-ov-file#socket-mcp-server", "icon": "icon.png", "server": { "type": "node", "entry_point": "./index.js", "mcp_config": { "command": "node", "args": [ "${__dirname}/./index.js" ], "env": { "SOCKET_API_KEY": "${user_config.SOCKET_API_KEY}" } } }, "tools": [ { "name": "depscore", "description": "The depscore tool allows AI assistants to query the Socket API for dependency scoring information. It provides comprehensive security and quality metrics for packages across different ecosystems." } ], "user_config": { "SOCKET_API_KEY": { "type": "string", "title": "Socket API key", "description": "API key for interacting with the Socket API", "required": true, "sensitive": true } }, "keywords": [ "socket", "security", "dependencies", "vibecoding" ], "license": "MIT", "repository": { "type": "git", "url": "https://github.com/SocketDev/socket-mcp" } }