Retrieve the SPDX licence identifier for an open source package by specifying its name, version, and ecosystem. Use this to verify licence compatibility before including the dependency.
MIT
204,693 tools. Last updated 2026-06-15 00:48
"NuGet" matching MCP tools:
- Retrieve the full transitive dependency tree for a given package and version to analyze supply chain exposure.MIT
- Retrieve known CVEs for an open source package version or a batch of up to 50 packages. Includes CVE ID, severity, CVSS score, affected range, and fixed version.MIT
- Identify known vulnerabilities in a package by querying OSV.dev, with support for major ecosystems and optional version filtering.Apache 2.0
- Retrieve public details about a software package, including its description, latest version, license, repository links, homepage, and malicious status. Supported types: PyPI, npm, Maven, Golang, NuGet, Huggingface, RubyGems.Apache 2.0
- Find Docker images and packages hosted on GitHub for specific users or organizations. Use this tool to discover available packages when you know the owner but need to locate their hosted resources.MIT
Matching MCP Servers
- AlicenseAqualityAmaintenanceMCP server for the SEC-registered Savvly Longevity Benefit Fund: product info, Savvly-vs-alternative comparisons, eligibility checks, an audience-tagged Q\&A library, and retirement / lump-sum / monthly projections that render inline MCP Apps chart widgets. Hosted remote plus npm/PyPI/NuGet/OCI/MCPB.Last updated8Apache 2.0
- Alicense-qualityAmaintenanceILSpy for LLM coding agents. Reflection-based MCP server with 31+ tools to explore .NET assemblies, NuGet packages, types, members, attributes, and XML docs.Last updated4MIT
- Retrieve package metadata from deps.dev: all versions, default version, and ecosystem for npm, PyPI, Go, Maven, Cargo, and NuGet packages.MIT
- Check security advisories from OSV for a specific package version across npm, PyPI, Go, Maven, Cargo, and NuGet. Returns advisory IDs with links to OSV.dev.MIT
- Check known vulnerabilities for any package version across 14+ ecosystems. Returns CVE/GHSA IDs and severity scores.MIT
- Query OSV.dev for known vulnerabilities in a package before installing. Provide package name and ecosystem to receive vulnerability count and details.Apache 2.0
- Check the current version of a package from official registries to identify outdated dependencies. Supports npm, PyPI, Packagist, Crates.io, Maven, Go, RubyGems, NuGet, Hex, CRAN, CPAN, pub.dev, Homebrew, Conda, Clojars, Hackage, Julia, Swift PM, and Chocolatey.MIT
- List NuGet package references per project with versions. Use for dependency audits and version checks.MIT
- Check package name availability across npm, PyPI, crates.io, RubyGems, NuGet, Homebrew, Docker Hub, and ProductHunt to verify brand name availability.
- Search the web with automatic fallback across multiple backends. Filter results by domain and recency, and get enriched registry data (npm, PyPI, etc.) for technical queries.AGPL 3.0
- Build MSBuild projects or solutions with customizable configurations, platforms, and verbosity. Supports NuGet restore and parallel builds.MIT
- Check the latest stable versions of packages from NPM, PyPI, NuGet, Maven, Go, PHP, Ruby, Rust, Swift, Dart, Docker, Helm, and Terraform. Returns version info and errors for each package request.Apache 2.0
- Retrieve package information for an organization from GitHub, specifying package type and name to access details for npm, Maven, RubyGems, Docker, NuGet, or container packages.MIT
- Generate correct install commands for any package across 17 package managers with proper flags. Returns primary and variant commands to prevent AI agents from using hallucinated or malicious installs.
- "Tell me about X" / "research Acme" / "brief me on Tesla" / "what does Apple do" / "company profile for Microsoft" / "give me the rundown on NVDA" / "everything you know about $TICKER" — full cross-source profile of a US public company in ONE parallel call. ALWAYS PREFER over chaining single-pack SEC/XBRL/news lookups when the user asks for a holistic view. Fans out across SEC EDGAR, XBRL, USPTO, news, GLEIF and returns: cik + company_name; recent_filings (up to 5 with pipeworx://edgar/company/{cik}/filings/{accession} URIs); fundamentals (LATEST 10-K Revenues + NetIncomeLoss + Cash, sorted period_end DESC); patents (USPTO PatentsView API sunset May 2025 — soft-fails until reactivated); recent news mentions via GDELT→GNews fallback; LEI via GLEIF. Pass ticker "AAPL" or zero-padded CIK "0000320193" — names not supported (use resolve_entity first if you only have a name).Connector
- Semantic search INSIDE a fetched record. Pass the text you already pulled (e.g. a SEC 10-K body, an article, a long tool result) plus a natural-language query; get back the top-N passages with character offsets and similarity scores. Use when the record is too big to cram into the prompt — search_within saves context, returns only the passages that matter, and every passage carries an offset so the agent can verify a verbatim quote. Pairs with ask_pipeworx_grounded: fetch with the gateway, ground over the relevant passages instead of the whole document. BGE-base-en embeddings + cosine over 500-char overlapping windows; cap is 200K chars (longer inputs are truncated and flagged).Connector