License Compliance

Name: License Compliance
Author: bighippoman

bighippoman/license-compliance-mcp

Scan an npm dependency tree for license risks—especially copyleft/GPL leakage—before you ship a commercial SaaS or client deliverable.

Overview

License Compliance is an MCP server for the Ship phase that scans npm dependencies for license compliance issues including GPL contamination.

What is this MCP server?

Scans npm dependencies for license compliance issues called out in the server description
Focused on catching GPL-style contamination before it reaches production bundles
stdio npm package license-compliance-mcp v1.0.2 for agent-driven audits in the repo
Fits a ship checklist alongside secret scanning and dependency updates
Server version 1.0.2 on npm identifier license-compliance-mcp
stdio transport via npm registry package

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

You cannot confidently ship or sell an npm app when hidden copyleft licenses in node_modules could force source disclosure or block deals.

Who is it for?

Solo builders shipping npm-based SaaS, CLIs, or Electron-style apps who need a quick compliance scan without standing up a separate legal toolchain.

Skip if: Python, Go, or mobile-native stacks unless you also manage licenses there with other tools—this server targets npm as described.

What do I get? / Deliverables

After registration, your agent can surface dependency license problems during ship prep so you remediate or replace packages before release.

License compliance findings for npm dependency trees
Actionable flags for packages that may violate your shipping policy

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Ship is where dependency licenses become a business risk: releases, audits, and enterprise deals surface legal questions you should answer pre-launch. Security covers supply-chain and compliance checks; license contamination is a classic pre-ship gate for npm-based products.

How it compares

Agent-callable npm license scanner MCP, not a human legal opinion or full SBOM platform.

Common Questions / FAQ

Who is License Compliance for?

Indie developers and small teams shipping JavaScript/npm products who want agents to flag risky licenses before launch or client handoff.

When should I use License Compliance?

Run it before major releases, after large dependency upgrades, or when an enterprise customer asks about copyleft and open-source obligations.

How do I add License Compliance to my agent?

Add the license-compliance-mcp npm package (v1.0.2) to your MCP client over stdio, point it at your project root, and invoke scans from your agent during ship checks.

License Compliance

bighippoman/license-compliance-mcp

Scan an npm dependency tree for license risks—especially copyleft/GPL leakage—before you ship a commercial SaaS or client deliverable.

Overview

License Compliance is an MCP server for the Ship phase that scans npm dependencies for license compliance issues including GPL contamination.

What is this MCP server?

Scans npm dependencies for license compliance issues called out in the server description
Focused on catching GPL-style contamination before it reaches production bundles
stdio npm package license-compliance-mcp v1.0.2 for agent-driven audits in the repo
Fits a ship checklist alongside secret scanning and dependency updates
Server version 1.0.2 on npm identifier license-compliance-mcp
stdio transport via npm registry package

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

You cannot confidently ship or sell an npm app when hidden copyleft licenses in node_modules could force source disclosure or block deals.

Who is it for?

Solo builders shipping npm-based SaaS, CLIs, or Electron-style apps who need a quick compliance scan without standing up a separate legal toolchain.

Skip if: Python, Go, or mobile-native stacks unless you also manage licenses there with other tools—this server targets npm as described.

What do I get? / Deliverables

After registration, your agent can surface dependency license problems during ship prep so you remediate or replace packages before release.

License compliance findings for npm dependency trees
Actionable flags for packages that may violate your shipping policy

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Agent-callable npm license scanner MCP, not a human legal opinion or full SBOM platform.

Common Questions / FAQ

Who is License Compliance for?

Indie developers and small teams shipping JavaScript/npm products who want agents to flag risky licenses before launch or client handoff.

When should I use License Compliance?

Run it before major releases, after large dependency upgrades, or when an enterprise customer asks about copyleft and open-source obligations.

How do I add License Compliance to my agent?

Add the license-compliance-mcp npm package (v1.0.2) to your MCP client over stdio, point it at your project root, and invoke scans from your agent during ship checks.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is License Compliance for?

When should I use License Compliance?

How do I add License Compliance to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is License Compliance for?

When should I use License Compliance?

How do I add License Compliance to my agent?