Built by Socket Security, this server helps you check dependency vulnerabilities during your chat sessions with Claude or other AI assistants. It connects to Socket's API to pull security scores for packages across npm, PyPI, and other ecosystems. You can use their public hosted endpoint at mcp.socket.dev with zero setup, or run your own instance locally if you have a Socket API key. The main use case is asking your AI assistant to vet packages before you add them to a project, checking for supply chain risks, malware, or suspicious behavior. Works over HTTP or stdio, supports batch queries for multiple packages at once.
claude mcp add --transport stdio socketdev-socket-mcp uvx socket-mcp