mopanc/depguard
by Various
Audit npm packages for security, maintenance, licenses and dependencies. Recommends install or write-from-scratch.
MCP
mopanc/depguard
Added 1 June 2026
Overview
A TypeScript CLI tool that audits npm packages for security vulnerabilities, maintenance status, license compliance, and dependency quality. It evaluates each package and recommends whether to install it or write the functionality from scratch.
Best for
Best for
Solo developers or small teams needing a quick sanity check on a few npm dependencies
Use cases
- Auditing a package's security and maintenance health before adding it to a project
- Checking license compatibility across a project's dependency tree
- Evaluating whether an external package is worth the risk vs. implementing a custom solution
How to use
Install
npx depguard-cli audit express Tools exposed
depguard_guarddepguard_should_usedepguard_audit_workspacedepguard_audit_projectdepguard_remediatedepguard_auditdepguard_audit_bulkdepguard_audit_deepdepguard_reviewdepguard_sweepdepguard_searchdepguard_scoredepguard_verifydepguard_sbomdata-exfiltrationcode-executionunexpected-behaviorsupply-chain
Tested with
Claude Desktop, Claude Code, Cursor, Windsurf, Cline, Continue, VS Code
Notes
A TypeScript CLI tool that audits npm packages for security vulnerabilities, maintenance status, license compliance, and dependency quality. It evaluates each package and recommends whether to install it or write the functionality from scratch.
12 stars on GitHub. Last updated 2026-06-01. Licensed Apache-2.0.
Use cases
- Auditing a package’s security and maintenance health before adding it to a project
- Checking license compatibility across a project’s dependency tree
- Evaluating whether an external package is worth the risk vs. implementing a custom solution
Pros
- Focused security and quality audit for npm packages
- Clear recommendation to install or build custom
- Open source with a simple command-line interface
Cons
- Low star count (12) suggests very limited community adoption and testing
- May lack updates or ongoing maintenance
- No integration with popular CI/CD workflows out of the box
Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.
Pros
- Focused security and quality audit for npm packages
- Clear recommendation to install or build custom
- Open source with a simple command-line interface
Cons
- Low star count (12) suggests very limited community adoption and testing
- May lack updates or ongoing maintenance
- No integration with popular CI/CD workflows out of the box
Pairs with
Other entries in the index that connect to this one. Click through to see the chain.
Get the free Developer’s Field Guide
A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.
Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.