Skip to main content
Glama
robcqm-bot

depscan-api

by robcqm-bot
OverviewSchemaRelated ServersScoreDiscussions
Remote

DepScan API

Dependency health checker for AI agent skills. Validates external endpoints, SSL certificates, domain reputation and blacklists before your agent trusts a skill's infrastructure.

Live endpoint: https://depscan.net Health check: https://depscan.net/v1/health

Why this exists

A skill can have clean code and still connect to malicious or unreliable infrastructure. DepScan checks the external dependencies a skill reaches out to — the attack surface that code scanners miss.

What it checks

  • HTTP/HTTPS uptime and response latency

  • SSL certificate validity and days until expiration

  • Domain age and ownership history (WHOIS)

  • IP abuse reputation score (AbuseIPDB)

  • Blacklist status (Spamhaus DBL)

Quick start

1. Get an API key

Create a Stripe checkout session — the key is pre-generated and activates after payment:

curl -X POST https://depscan.net/v1/billing/checkout \
  -H "Content-Type: application/json" \
  -d '{"tier": "single_starter"}'

Response:

{
  "checkout_url": "https://checkout.stripe.com/...",
  "api_key": "dsk_live_...",
  "note": "Save your API key now — it will not be shown again."
}

Store api_key. Complete payment at checkout_url. Key activates automatically within seconds.

2. Run a scan

curl -X POST https://depscan.net/v1/scan-deps \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer dsk_live_your_key" \
  -d '{
    "skill_url": "https://github.com/owner/skill-repo",
    "scan_type": "deep"
  }'

3. Response

{
  "scan_id": "dep_x9y8z7w6v5u4t3s2",
  "overall_score": 61,
  "status": "CAUTION",
  "recommendation": "REVIEW_BEFORE_INSTALL",
  "endpoints": [
    {
      "url": "https://api.example.com",
      "status": "UP",
      "latency_ms": 210,
      "ssl_valid": true,
      "ssl_expires_days": 14,
      "domain_age_days": 23,
      "abuse_score": 0,
      "in_blacklist": false,
      "flags": ["SSL_EXPIRING", "NEW_DOMAIN"]
    }
  ],
  "timestamp": "2026-03-01T12:00:00Z"
}

Flags: SSL_EXPIRING · SSL_EXPIRED · NEW_DOMAIN · OWNER_CHANGED · ABUSE_REPORTED · IN_BLACKLIST · HIGH_LATENCY · NO_HTTPS · REDIRECT_CHAIN

Scan types

Type

Description

Credits

single

Uptime + SSL + Spamhaus blacklist

1 credit

deep

Single + WHOIS + domain age + AbuseIPDB

1 credit

Results cached 24 hours — rescanning the same domain costs zero credits.

Pricing (MXN)

Tier

Credits

Price

Type

single_starter

25

$25

One-time

single_pro

100

$80

One-time

single_business

500

$299

One-time

deep_starter

10

$30

One-time

deep_pro

50

$120

One-time

deep_business

200

$499

One-time

monitor

500/month

$199/month

Subscription

unlimited

Unlimited

$999/month

Subscription

Endpoints

Method

Path

Auth

Description

POST

/v1/billing/checkout

None

Create checkout session + pre-generate API key

POST

/v1/scan-deps

Bearer

Submit skill or endpoint list for scanning

GET

/v1/scan/{scan_id}

Bearer

Retrieve scan result

POST

/v1/monitor/subscribe

Bearer

Subscribe skill to Monitor tier

GET

/v1/monitor/{skill_id}/history

Bearer

Monitor scan history (last 30 days)

GET

/v1/health

None

Service status

Input options

{ "skill_url": "https://github.com/owner/skill-repo", "scan_type": "single" }
{ "endpoints": ["https://api.one.com", "https://api.two.com"], "scan_type": "deep" }

Score interpretation

Score

Status

Recommendation

80–100

SAFE

SAFE_TO_INSTALL

60–79

CAUTION

REVIEW_BEFORE_INSTALL

40–59

RISK

REVIEW_BEFORE_INSTALL

0–39

CRITICAL

DO_NOT_INSTALL

Latency & availability

  • Average scan time: < 5 seconds (parallel async checks)

  • Uptime: 99.9% (Contabo dedicated VPS)

  • Response format: JSON

Companion service

SecurityScan API analyzes skill source code for security vulnerabilities (prompt injection, malware, OWASP LLM Top 10): https://apisecurityscan.net

License

MIT — this repository contains documentation and skill package only. Service source code is proprietary.

This server cannot be installed

-
security - not tested
F
license - not found
-
quality - not tested

How are these scores calculated?

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/robcqm-bot/depscan-api'

If you have feedback or need assistance with the MCP directory API, please join our Discord server