Scans project lockfiles for known vulnerabilities using OSV.dev data, enriched with EPSS exploit probability scores to cut through the noise. Supports nine ecosystems including npm, pip, Go, Rust, and Cargo. Nine tools let you scan entire projects or individual packages, look up CVE details with fix versions, and set up continuous monitoring that diffs against a baseline to surface only new vulnerabilities. Smart filtering suppresses low-EPSS, low-severity CVEs by default. Free tier gives you 10 scans per day with no signup. Paid tier is $14/month for unlimited scans, or pay per scan via x402 micropayments with USDC on Base.
claude mcp add --transport stdio io.github.infai-tech-vulnfeed uvx vulnfeed