Freshdeps Mcp

Name: Freshdeps Mcp
Author: SolvoHQ

SolvoHQ/freshdeps-mcp

Check npm and PyPI packages for staleness and CVE exposure before your agent recommends or installs them.

Overview

freshdeps-mcp is a MCP server for the Ship phase that delivers live npm and PyPI dependency-health verdicts so agents avoid stale or CVE'd packages.

What is this MCP server?

Returns live npm and PyPI dependency-health verdicts for agent-chosen packages
Aims to stop agents from suggesting abandoned or CVE-affected dependencies
Catalog lists Freshdeps website at freshdeps.vercel.app alongside GitHub source
Published catalog version 1.0.0 under SolvoHQ freshdeps-mcp
Covers npm and PyPI per server description

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

Coding agents often recommend outdated or vulnerable packages because they lack real-time registry health and CVE context.

Who is it for?

Indie devs who let agents edit package.json or requirements and want a quick health gate on npm and PyPI picks.

Skip if: Repos on private registries only, or teams that already enforce exhaustive SCA in CI and do not need agent-time checks.

What do I get? / Deliverables

After you add freshdeps-mcp, your agent can query current dependency-health verdicts before adding or upgrading packages in your repo.

Live dependency-health verdicts for npm and PyPI candidates
Agent-grounded package adoption decisions with fewer stale or CVE-prone picks

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Dependency health gates belong in Ship security before you merge lockfile changes to production-bound branches. CVE and stale-package verdicts are proactive appsec checks, not marketing or distribution work.

How it compares

Live registry health MCP, not step-by-step semver migration briefs.

Common Questions / FAQ

Who is io.github.SolvoHQ/freshdeps-mcp for?

It is for builders using AI coding agents who add npm or PyPI dependencies and want live staleness and CVE-oriented verdicts at decision time.

When should I use io.github.SolvoHQ/freshdeps-mcp?

Use it in Ship security and Build backend whenever you or your agent evaluates new packages or reviews lockfile changes before merge.

How do I add io.github.SolvoHQ/freshdeps-mcp to my agent?

Install and register freshdeps-mcp from the SolvoHQ GitHub catalog entry in your MCP client, following the host-specific server config for version 1.0.0.

Freshdeps Mcp

SolvoHQ/freshdeps-mcp

Check npm and PyPI packages for staleness and CVE exposure before your agent recommends or installs them.

Overview

freshdeps-mcp is a MCP server for the Ship phase that delivers live npm and PyPI dependency-health verdicts so agents avoid stale or CVE'd packages.

What is this MCP server?

Returns live npm and PyPI dependency-health verdicts for agent-chosen packages
Aims to stop agents from suggesting abandoned or CVE-affected dependencies
Catalog lists Freshdeps website at freshdeps.vercel.app alongside GitHub source
Published catalog version 1.0.0 under SolvoHQ freshdeps-mcp
Covers npm and PyPI per server description

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

Coding agents often recommend outdated or vulnerable packages because they lack real-time registry health and CVE context.

Who is it for?

Indie devs who let agents edit package.json or requirements and want a quick health gate on npm and PyPI picks.

Skip if: Repos on private registries only, or teams that already enforce exhaustive SCA in CI and do not need agent-time checks.

What do I get? / Deliverables

After you add freshdeps-mcp, your agent can query current dependency-health verdicts before adding or upgrading packages in your repo.

Live dependency-health verdicts for npm and PyPI candidates
Agent-grounded package adoption decisions with fewer stale or CVE-prone picks

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Live registry health MCP, not step-by-step semver migration briefs.

Common Questions / FAQ

Who is io.github.SolvoHQ/freshdeps-mcp for?

It is for builders using AI coding agents who add npm or PyPI dependencies and want live staleness and CVE-oriented verdicts at decision time.

When should I use io.github.SolvoHQ/freshdeps-mcp?

Use it in Ship security and Build backend whenever you or your agent evaluates new packages or reviews lockfile changes before merge.

How do I add io.github.SolvoHQ/freshdeps-mcp to my agent?

Install and register freshdeps-mcp from the SolvoHQ GitHub catalog entry in your MCP client, following the host-specific server config for version 1.0.0.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is io.github.SolvoHQ/freshdeps-mcp for?

When should I use io.github.SolvoHQ/freshdeps-mcp?

How do I add io.github.SolvoHQ/freshdeps-mcp to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is io.github.SolvoHQ/freshdeps-mcp for?

When should I use io.github.SolvoHQ/freshdeps-mcp?

How do I add io.github.SolvoHQ/freshdeps-mcp to my agent?