get_security_summary
Obtain a concise security overview for software libraries, providing risk scores and basic recommendations to assess package safety before integration.
Instructions
Get quick security overview for a library without detailed vulnerability list.
Args:
library_name: Name of the library
ecosystem: Package ecosystem (default: PyPI)
Returns:
Concise security summary with score and basic recommendations
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| library_name | Yes | ||
| ecosystem | No | PyPI |
Implementation Reference
- MCP tool handler for 'get_security_summary'. Registers the tool using @mcp.tool() decorator and implements the core logic by calling the underlying security_integration.get_security_summary() helper.@mcp.tool() async def get_security_summary(library_name: str, ecosystem: str = "PyPI"): """ Get quick security overview for a library without detailed vulnerability list. Args: library_name: Name of the library ecosystem: Package ecosystem (default: PyPI) Returns: Concise security summary with score and basic recommendations """ await enforce_rate_limit("get_security_summary") from .vulnerability_scanner import security_integration try: summary = await security_integration.get_security_summary( library_name, ecosystem ) # Add security badge score = summary.get("security_score", 50) if score >= 90: badge = "π‘οΈ EXCELLENT" elif score >= 70: badge = "β SECURE" elif score >= 50: badge = "β οΈ CAUTION" else: badge = "π¨ HIGH RISK" return { "library": library_name, "ecosystem": ecosystem, "security_badge": badge, "security_score": score, "status": summary.get("status", "unknown"), "vulnerabilities": { "total": summary.get("total_vulnerabilities", 0), "critical": summary.get("critical_vulnerabilities", 0), }, "recommendation": summary.get( "primary_recommendation", "No recommendations available" ), "last_scanned": datetime.now().isoformat(), } except Exception as e: return { "library": library_name, "ecosystem": ecosystem, "security_badge": "β UNKNOWN", "security_score": None, "status": "scan_failed", "error": str(e), }
- Core helper function in SecurityIntegration class that performs the security scan using VulnerabilityScanner.scan_library() and formats a concise summary dictionary. This is called by the MCP tool handler.async def get_security_summary( self, library_name: str, ecosystem: str = "PyPI" ) -> Dict[str, Any]: """Get concise security summary""" try: report = await self.scanner.scan_library(library_name, ecosystem) return { "library": library_name, "security_score": report.security_score, "total_vulnerabilities": report.total_vulnerabilities, "critical_vulnerabilities": report.critical_count, "status": "secure" if report.security_score >= 70 else "at_risk", "primary_recommendation": ( report.recommendations[0] if report.recommendations else "No specific recommendations" ), } except Exception as e: return { "library": library_name, "security_score": 50.0, "error": str(e), "status": "unknown", }
- src/documentation_search_enhanced/main.py:1319-1319 (registration)The @mcp.tool() decorator registers the get_security_summary function as an MCP tool.@mcp.tool()