Enterprise DNA
M MCP Servers Developer low

mopanc/depguard

by Various

Audit npm packages for security, maintenance, licenses and dependencies. Recommends install or write-from-scratch.

M

MCP

mopanc/depguard

Added 1 June 2026

Overview

A TypeScript CLI tool that audits npm packages for security vulnerabilities, maintenance status, license compliance, and dependency quality. It evaluates each package and recommends whether to install it or write the functionality from scratch.

Best for

Best for
Solo developers or small teams needing a quick sanity check on a few npm dependencies

Use cases

  • Auditing a package's security and maintenance health before adding it to a project
  • Checking license compatibility across a project's dependency tree
  • Evaluating whether an external package is worth the risk vs. implementing a custom solution

How to use

Install

npx depguard-cli audit express

Tools exposed

  • depguard_guard
  • depguard_should_use
  • depguard_audit_workspace
  • depguard_audit_project
  • depguard_remediate
  • depguard_audit
  • depguard_audit_bulk
  • depguard_audit_deep
  • depguard_review
  • depguard_sweep
  • depguard_search
  • depguard_score
  • depguard_verify
  • depguard_sbom
  • data-exfiltration
  • code-execution
  • unexpected-behavior
  • supply-chain

Tested with

Claude Desktop, Claude Code, Cursor, Windsurf, Cline, Continue, VS Code

Notes

A TypeScript CLI tool that audits npm packages for security vulnerabilities, maintenance status, license compliance, and dependency quality. It evaluates each package and recommends whether to install it or write the functionality from scratch.

12 stars on GitHub. Last updated 2026-06-01. Licensed Apache-2.0.

Use cases

  • Auditing a package’s security and maintenance health before adding it to a project
  • Checking license compatibility across a project’s dependency tree
  • Evaluating whether an external package is worth the risk vs. implementing a custom solution

Pros

  • Focused security and quality audit for npm packages
  • Clear recommendation to install or build custom
  • Open source with a simple command-line interface

Cons

  • Low star count (12) suggests very limited community adoption and testing
  • May lack updates or ongoing maintenance
  • No integration with popular CI/CD workflows out of the box

Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.

Pros

  • Focused security and quality audit for npm packages
  • Clear recommendation to install or build custom
  • Open source with a simple command-line interface

Cons

  • Low star count (12) suggests very limited community adoption and testing
  • May lack updates or ongoing maintenance
  • No integration with popular CI/CD workflows out of the box
Free 27-page guide

Get the free Developer’s Field Guide

A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.

Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.

No spam. Unsubscribe any time.

Running a business, not writing the code? See the MCP servers picked for operators, and get your first one wired up with us.

Operator picks