← MCPLookup
Packageactivev0.2.0
GhostFree
io.github.shane-js/ghostfree
MCP server that scans your repo's dependencies for security vulnerabilities based on published CVEs.
No blockers found
assessed on 1 of 4 dimensions
- ProvenanceOrigin linked to a public source repository.Official MCP Registry · as of Apr 7, 2026Pass
- MaintenanceRepository maintenance signals not yet ingested.Pending
- Manifest integrityLive manifest not yet captured — the rug-pull baseline begins at first probe.Pending
- Supply chainPackage vulnerability scan not yet run.Pending
- Behavioral trustNo live endpoint to observe.Not applicable
Connect
npm package
npx -y ghostfreeRequires GHOSTFREE_DIR, GHOSTFREE_MIN_SEVERITY, NVD_API_KEY.
Provenance
- Official MCP Registry · as of Apr 7, 2026 · registry-tos
Every verdict is attributable to its sources and recomputed from our own landed copy — never read live on this page.