DataNexus MCP
OfficialProvides vulnerability intelligence, dependency graph analysis, and license information for npm packages using OSV.dev, NVD, and deps.dev APIs.
Fetches known CVEs, transitive dependencies, and SPDX license identifiers for NuGet packages.
Offers package vulnerability details, dependency trees, and licensing checks for PHP packages from Packagist.
Supplies CVE data, dependency graphs, and license identifiers for Python packages from PyPI.
Delivers vulnerability intelligence, dependency depth analysis, and license verification for Ruby gems.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@DataNexus MCPCheck vulnerabilities for express 4.18.2"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
DataNexus MCP
AI-Ready access to US/UK nonprofit data and OSS vulnerability intelligence via the Model Context Protocol.
10 tools. No API key required. Token-efficient AI-Ready Markdown.
Connect (remote — no install)
Add to Claude Desktop or any MCP-compatible client:
{
"mcpServers": {
"datanexus": {
"type": "http",
"url": "https://datanexusmcp.com/mcp"
}
}
}Or via npx (bridges HTTP → stdio for clients that need it):
npx -y @datanexusmcp/mcp-serverTools (10 total)
T04 — US/UK Nonprofit Data
Tool | Description | Source |
| IRS 990 data for any US nonprofit by EIN — name, address, NTEE code, revenue, assets | IRS EO BMF + IRS TEOS |
| Search US nonprofits by name with optional state filter — returns up to 25 results | IRS EO BMF |
| UK registered charity details — registration status, income, expenditure, activities | UK Charity Commission (OGL v3) |
T10 — OSS Vulnerability Intelligence
Tool | Description | Source |
| All known CVEs for a package version with CVSS scores and fixed versions | Google OSV.dev + NIST NVD |
| Full transitive dependency tree — hard 8 s timeout, never hangs silently | deps.dev (Google) |
| Full CVE detail by ID — description, CVSS base score, affected products, patch URLs | NIST NVD |
| Audit a CycloneDX or SPDX SBOM — per-component vulnerability count and severity | OSV.dev batch API |
| SPDX licence identifier for any package version — use before adding a commercial dep | deps.dev (Google) |
Shared Infrastructure
Tool | Description |
| Report an incorrect, incomplete, or stale tool result — always returns |
| Check subscription status and retrieve upgrade URL if required |
Ecosystems supported (T10)
PyPI · npm · Maven · Go · Cargo · NuGet · RubyGems · Packagist
Response format
Every tool response includes:
Field | Description |
| AI-Ready Markdown — paste directly into a response |
| 16-char hex — use as |
| ISO 8601 UTC timestamp of the data |
|
|
|
|
| SHA-256 of the raw upstream payload |
Environment variables
Only needed for self-hosted deployments. The hosted server at
https://datanexusmcp.com/mcp requires no configuration.
Variable | Default | Description |
|
| Redis for caching and feedback |
No API keys are required for T04 or T10 — all upstream sources are public.
License
MIT
This server cannot be installed
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/datanexusmcp/mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server