Is io.github.runyourempire/4da-mcp-server safe to use?

io.github.runyourempire/4da-mcp-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.runyourempire/4da-mcp-server?

io.github.runyourempire/4da-mcp-server can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with io.github.runyourempire/4da-mcp-server?

io.github.runyourempire/4da-mcp-server is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

io.github.runyourempire/4da-mcp-server

Scan deps for CVEs via MCP. Auto-detects stack, queries OSV.dev. Zero config, privacy-first.

0 tools GitHub

No known CVEs

No license

Maintenance unknown

No commit data

Untested

Transport: stdio

0 tools

Grade F

Other

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-runyourempire-4da-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-runyourempire-4da-mcp-server)](https://mcppedia.org/s/io-github-runyourempire-4da-mcp-server)

Read me

What io.github.runyourempire/4da-mcp-server does

Scan deps for CVEs via MCP. Auto-detects stack, queries OSV.dev. Zero config, privacy-first.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

15/100across 5 weighted dimensions

How we score →

0255075100

−85

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.runyourempire/4da-mcp-server safe to use?: io.github.runyourempire/4da-mcp-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.runyourempire/4da-mcp-server?: io.github.runyourempire/4da-mcp-server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.runyourempire/4da-mcp-server?: io.github.runyourempire/4da-mcp-server is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Similar servers

Others in other

View all →

Memory MCP Server98

Persistent memory using a knowledge graph

84.3k 5

Context Mode94

Privacy-first. MCP is the protocol for tool access. We're the virtualization layer for context.

8.8k 6

Fetch MCP Server93

Make HTTP requests and fetch web content

84.3k 1

Filesystem MCP Server93

Read, write, and manage files on the local filesystem

84.3k 7

MCP Security Weekly

Get CVE alerts and security updates for io.github.runyourempire/4da-mcp-server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Other

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-runyourempire-4da-mcp-server": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-runyourempire-4da-mcp-server)](https://mcppedia.org/s/io-github-runyourempire-4da-mcp-server)

Read me

What io.github.runyourempire/4da-mcp-server does

Scan deps for CVEs via MCP. Auto-detects stack, queries OSV.dev. Zero config, privacy-first.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

All signal. No feed.

4DA reads the internet for developers — privately, locally — and gets sharper every day.

It scans your codebase — Cargo.toml, package.json, go.mod, Git history — and scores every article, advisory, and release from 20+ sources against what you actually build. An item needs 2+ independent signals to survive. Everything else is rejected.

Typical rejection rate: 99%+. What's left is yours.

Privacy-first. Local-first. BYOK. Your indexed content stays on your machine — there is no 4DA-operated server for it to go to. It learns from how you engage with what it shows you — yesterday's noise becomes tomorrow's signal. Crash reporting is opt-in, off by default. For the full list of outbound connections with source-code references, see NETWORK.md.

Try it in 30 seconds

Already using Claude Code, Cursor, or Windsurf? One command:

npx @4da/mcp-server --setup

This auto-detects your editor, scans your project, and gives your AI assistant context-aware developer intelligence. No desktop app required — works standalone. Learn more about the MCP server.

How It Scores

5 independent signal axes. An item must pass 2 or more to surface. Single-axis matches are hard-capped at 28% — no matter how strong one signal is, it cannot pass alone.

Axis	What it measures
Context	Semantic similarity to your active codebase
Interest	Alignment with your declared and learned topics
ACE	Real-time signals from your Git commits and file edits
Dependency	Direct matches against your installed packages
Learned	Save/dismiss feedback boosts or suppresses future scores

What passes the gate goes through 12 quality multipliers: content depth, novelty detection, competing tech penalties, title-body coherence, and intent scoring from recent work. Every constant is calibrated across 9 simulated developer personas with 215 labeled test items.

LLM Verification (Optional)

After keyword scoring, an optional LLM layer verifies the top items against your full developer context — stack, dependencies, recent commits, anti-technologies, and engagement history. Strict 1-5 rubric:

5 = MUST-READ: Security alert for YOUR dependency, breaking change YOU must act on
3 = WORTH KNOWING: Useful tool that fits YOUR exact stack
1 = NOISE: Mentions your tech but isn't actionable

This is where gold nuggets surface — articles the keyword pipeline misses because there's no keyword overlap, but the LLM understands the conceptual relevance to your specific project.

You control the compute. Use Ollama for free local inference (fully private), or bring your own Anthropic/OpenAI key. 4DA never pays for your compute, never stores your keys remotely, never makes API calls you didn't configure. No LLM = keyword pipeline only (85-90% accurate).

It Gets Smarter

Every interaction is a training signal:

Save → topics boost, source reputation rises, taste embedding sharpens
Dismiss → topics suppress, anti-patterns form, future noise drops
Autophagy cycles detect systematic over/under-scoring and self-correct
Topic decay calibrates per-topic: "Rust" stays relevant for days, "JS framework of the week" decays in hours

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

15/100across 5 weighted dimensions

How we score →

0255075100

−85

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.runyourempire/4da-mcp-server safe to use?: io.github.runyourempire/4da-mcp-server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.runyourempire/4da-mcp-server?: io.github.runyourempire/4da-mcp-server can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.runyourempire/4da-mcp-server?: io.github.runyourempire/4da-mcp-server is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.