Local supply-chain CVE scanner via OSV/NVD. Scans deps and IDE extensions. No upload.
[](docs/AGENTINTEGRATIONS.md) Local-first vulnerability scanner for project dependencies, developer tools, and IDE extensions. Uses multi-source intelligence (OSV, NVD, GHSA, Sonatype) with KEV/EPSS prioritization. No API key required for default usage. Agents & MCP (Claude, Cursor, VS Code): What you can do: docs/CAPABILITIES.md Full guide: docs/INSTALLANDUSE.md Cross-platform (macOS / Linux /…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
[](docs/AGENTINTEGRATIONS.md) Local-first vulnerability scanner for project dependencies, developer tools, and IDE extensions. Uses multi-source intelligence (OSV, NVD, GHSA, Sonatype) with KEV/EPSS prioritization. No API key required for default usage. Agents & MCP (Claude, Cursor, VS Code): What you can do: docs/CAPABILITIES.md Full guide: docs/INSTALLANDUSE.md Cross-platform (macOS / Linux / Windows): docs/CROSSPLATFORM.md (PyPI: tridentchain-security · npm: @tridentchain/security-cli)…