qianniuspace/mcp-security-audit
by Various
A powerful MCP (Model Context Protocol) Server that audits npm package dependencies for security vulnerabilities. Built with remote npm registry integration for real-time security
MCP
qianniuspace/mcp-security-audit
Added 1 June 2026
Overview
A Model Context Protocol server that checks npm package dependencies for known security vulnerabilities. It integrates with the remote npm registry to provide real-time audit results for developers using AI-assisted workflows.
Best for
Best for
Developers using MCP-compatible AI tools to audit npm package security
Use cases
- Scanning npm dependencies before deployment
- Integrating security checks into AI coding assistants
- Automating vulnerability detection in CI pipelines
How to use
Install
npx -y @smithery/cli install @qianniuspace/mcp-security-audit --client claude Tested with
Claude Desktop, Cursor, Cline
Example client config
{\n "mcpServers": {\n "mcp-security-audit": {\n "command": "npx",\n "args": ["-y", "mcp-security-audit"]\n }\n }\n} Notes
A Model Context Protocol server that checks npm package dependencies for known security vulnerabilities. It integrates with the remote npm registry to provide real-time audit results for developers using AI-assisted workflows.
53 stars on GitHub. Last updated 2025-07-18. Licensed MIT.
Use cases
- Scanning npm dependencies before deployment
- Integrating security checks into AI coding assistants
- Automating vulnerability detection in CI pipelines
Pros
- Real-time vulnerability checks via npm registry
- Lightweight MCP server that works with AI tools
- Open source with TypeScript
Cons
- Limited to npm packages only
- Requires network access to npm registry
- Relatively low community adoption (53 stars)
Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.
Pros
- Real-time vulnerability checks via npm registry
- Lightweight MCP server that works with AI tools
- Open source with TypeScript
Cons
- Limited to npm packages only
- Requires network access to npm registry
- Relatively low community adoption (53 stars)
Pairs with
Other entries in the index that connect to this one. Click through to see the chain.
Cline
Cline
Open-source autonomous coding agent that lives inside VS Code. BYO model key, watch it work.
Continue
Continue.dev
Open-source AI code assistant for VS Code and JetBrains. Customisable, BYO model, built for enterprise.
Aider
Paul Gauthier
Terminal-first AI pair programmer. Edits files in your repo, commits with sensible messages, runs your tests.
Get the free Developer’s Field Guide
A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.
Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.