Dep MCP Server

License check, outdated deps, security for AI agents

5 tools GitHub

No known CVEs

No license

Maintained

Last commit 69d ago

Works with most clients

Transport: stdio, http

5 tools · ~615 tok

Grade B · 0.3% of 200K ctx

Edit this pageView history

Developer Tools Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "dep-tools": {
      "args": [
        "path/to/mcp-dep-tools/dist/index.js"
      ],
      "command": "node"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-rog0x-dep)](https://mcppedia.org/s/io-github-rog0x-dep)

Read me

What Dep MCP Server does

MCP server providing dependency and package management tools for AI agents. Analyze licenses, find outdated packages, visualize dependency trees, estimate bundle sizes, and audit security vulnerabilities — all from your AI assistant.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

62/100across 5 weighted dimensions

How we score →

0255075100

−38

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (5)

Click any tool to inspect its schema.

~615 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Dep MCP Server safe to use?: Dep MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Dep MCP Server?: Dep MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Dep MCP Server do?: Dep MCP Server provides 5 tools: dep_check_licenses, dep_find_outdated, dep_analyze_tree, dep_analyze_size, dep_security_audit. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Dep MCP Server?: Dep MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Dep MCP Server actively maintained?: Dep MCP Server is recently maintained — last commit was 69 days ago.

Similar servers

Others in developer-tools / security

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

io.github.signerlabs/shipswift96

40+ production-ready SwiftUI recipes for building full-stack iOS apps via MCP.

2.0k 3

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Dep MCP Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Tools

dep_check_licenses

Analyze licenses of all dependencies in a project. Lists each dependency's license type, flags copyleft (GPL) and unknown licenses, and checks for compatibility issues.

dep_find_outdated

Check which dependencies are outdated. Compares installed or specified versions against the latest on npm, categorizes updates as major/minor/patch, and shows how many days since the latest version was published.

dep_analyze_tree

Build and display the dependency tree. Shows direct dependencies and their transitive sub-dependencies, calculates maximum depth, detects circular dependencies, and counts total transitive packages.

dep_analyze_size

Estimate total bundle size from package.json without installing node_modules. Queries the Bundlephobia API for each production dependency to get minified and gzipped sizes.

dep_security_audit

Check dependencies for known security vulnerabilities. Runs npm audit when a lockfile is present, otherwise queries the npm registry advisory API directly. Reports severity levels, affected version ranges, and fix recommendations.

Frequently Asked Questions

Is Dep MCP Server safe to use?

Dep MCP Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Dep MCP Server?

Dep MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Dep MCP Server do?

Dep MCP Server provides 5 tools: dep_check_licenses, dep_find_outdated, dep_analyze_tree, dep_analyze_size, dep_security_audit. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Dep MCP Server?

Dep MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Dep MCP Server actively maintained?

Dep MCP Server is recently maintained — last commit was 69 days ago.

mcp-dep-tools

Tools

dep_check_licenses

Analyze licenses of all dependencies in a project. Lists each dependency's license type, flags copyleft (GPL) and unknown licenses, and checks for compatibility issues.

dep_find_outdated

dep_analyze_tree

Build and display the dependency tree. Shows direct dependencies and their transitive sub-dependencies, calculates maximum depth, detects circular dependencies, and counts total transitive packages.

dep_analyze_size

Estimate total bundle size from package.json without installing node_modules. Queries the Bundlephobia API for each production dependency to get minified and gzipped sizes.

dep_security_audit

Setup

npm install
npm run build

Usage with Claude Desktop

Add to your Claude Desktop config:

{
  "mcpServers": {
    "dep-tools": {
      "command": "node",
      "args": ["path/to/mcp-dep-tools/dist/index.js"]
    }
  }
}

All tools accept a single parameter

project_dir (string, required): Absolute path to the project directory containing a package.json.

License

MIT