Dependabot is a GitHub service that automates dependency updates in software projects by creating pull requests when new versions of dependencies are available, helping developers keep their projects secure and up-to-date.
Open source contribution manager — tracks PRs across repos, discovers contributable issues, diagnoses CI failures, and drafts maintainer responses. 21 MCP tools, 5 resources, 3 prompts. Ships
as CLI, MCP server, and Claude Code plugin.
Last updated
20
8
MIT
Why this server?
Surfaces security alerts and CVE warnings by integrating with Dependabot and the GitHub Advisory Database.
Provides crowdsourced package intelligence and security alerts for AI coding assistants by analyzing project dependencies and framework co-occurrence. It enables automated project scans, package alternative discovery, and data-driven recommendations across multiple programming ecosystems.
Last updated
10
4
MIT
Why this server?
Integrates with Dependabot for automated dependency updates
Facilitates unified execution and result parsing for various testing frameworks, including Bats, Pytest, Flutter, Jest, and Go, through a Model Context Protocol interface.
Last updated
1
15
MIT
Why this server?
Allows for the monitoring and management of security alerts, specifically providing tools to list, summarize, and dismiss Dependabot and code scanning alerts.
An autonomous GitHub management engine that enables control over repositories, branches, security alerts, and Actions workflows through natural language. It utilizes a zero-local-footprint architecture by storing all configuration and audit logs within a private state repository on GitHub.
Last updated
1
MIT
Why this server?
Enables querying of Dependabot alerts for GitHub repositories, providing visibility into dependency vulnerabilities
This server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts
Last updated
3
2
5
Why this server?
Allows for the analysis of compliance policy failures and alerts generated by Dependabot.
Enables AI assistants to query software supply chain compliance data, including asset status, security vulnerabilities, and evidence lineage. It allows for natural language analysis of compliance posture, policy violations, and deployment blockers across an organization.
Last updated
Why this server?
Manages Dependabot security and dependency updates as part of the GitHub Security Suite, enabling automated vulnerability detection and dependency management.
Enables comprehensive GitHub workflow automation including Actions monitoring, PR management, code search, file operations, and repository management through a code-first architecture that reduces token usage by 98%.
Last updated
4
Why this server?
Provides tools for interacting with GitHub's Dependabot API, enabling AI agents to manage dependency alerts, security updates, and automated dependency management within GitHub repositories.
An MCP server providing 1,112 tools for the GitHub REST API across all 44 API categories. It enables comprehensive GitHub operations through Claude with typed validation and category filtering.