MCP server that scans your repo's dependencies for security vulnerabilities based on published CVEs.
Every software team could use some help ridding their code base of the ghosts haunting their dependencies. GhostFree is a local MCP server that scans your repository's dependencies for known vulnerabilities based on issued CVEs using OSV.dev, helps you triage and fix findings with NVD and CISA KEV enrichment, and lets you manage accepted risks — all directly from your AI coding assistant. No…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Every software team could use some help ridding their code base of the ghosts haunting their dependencies. GhostFree is a local MCP server that scans your repository's dependencies for known vulnerabilities based on issued CVEs using OSV.dev, helps you triage and fix findings with NVD and CISA KEV enrichment, and lets you manage accepted risks — all directly from your AI coding assistant. No installation, signup, or payment required. Add GhostFree to your MCP settings for whatever code tool you…