← MCPLookup
Packageactivev0.2.0

GhostFree

io.github.shane-js/ghostfree

MCP server that scans your repo's dependencies for security vulnerabilities based on published CVEs.

No blockers found

assessed on 1 of 4 dimensions

  • ProvenanceOrigin linked to a public source repository.Official MCP Registry · as of Apr 7, 2026
    Pass
  • MaintenanceRepository maintenance signals not yet ingested.
    Pending
  • Manifest integrityLive manifest not yet captured — the rug-pull baseline begins at first probe.
    Pending
  • Supply chainPackage vulnerability scan not yet run.
    Pending
  • Behavioral trustNo live endpoint to observe.
    Not applicable

Connect

npm package
npx -y ghostfree

Requires GHOSTFREE_DIR, GHOSTFREE_MIN_SEVERITY, NVD_API_KEY.

Provenance

  • Official MCP Registry · as of Apr 7, 2026 · registry-tos

Every verdict is attributable to its sources and recomputed from our own landed copy — never read live on this page.