Wraps the AgentScore security API into eight MCP tools for scanning npm packages, making trust decisions, and enforcing policy. You can ask Claude to scan a package for install scripts and prompt injection patterns, get a verdict with a risk score, check which monitored MCP servers depend on a compromised package, or inspect your repo for MCP dependencies. It also generates and installs a GitHub Actions workflow that gates PRs based on dependency posture, provisioned via OIDC. No API key required. Reach for this when you need to vet MCP packages before install or turn ad hoc security checks into a CI gate that blocks risky dependencies.
claude mcp add --transport stdio io.github.thezenmonster-agentscore uvx agentscore