Scans Python dependencies and GitHub repositories for vulnerabilities by querying OSV.dev, NVD, GitHub Advisory, CIRCL, and Safety DB. Exposes nine tools including check_package_vulnerabilities, scan_dependencies, scan_dockerfile, and scan_github_repo for direct repository analysis up to 1GB. Also detects exposed secrets, validates MCP configurations, and provides AI-powered risk assessment when you pass an OpenAI or Anthropic key. Ships as a Docker container with HTTP streaming, no SSE required. Works immediately without API keys for basic scanning, though GitHub tokens and NVD keys improve rate limits. Includes smart caching at the commit level and automatic cleanup to prevent disk exhaustion.
claude mcp add --transport stdio andrasfe-vulnicheck uvx vulnicheck