Dep Oracle

Name: Dep Oracle
Author: ertugrulakben

ertugrulakben/dep-oracle

Score npm dependencies for trust, zombie risk, and blast radius before you ship or add packages during build.

Overview

Dep Oracle MCP is a MCP server for the Ship phase that delivers predictive npm dependency trust scores, zombie detection, and blast radius analysis inside your agent.

What is this MCP server?

Predictive dependency security engine for npm ecosystems
Trust scores, zombie detection, and blast radius analysis
npm package dep-oracle v1.3.0 with stdio MCP transport
Node runtime hint for local MCP registration
Agent-invokable views for supply-chain decisions in ship phase
npm identifier dep-oracle version 1.3.0
stdio transport with Node runtime hint
Engine themes: trust scores, zombie detection, blast radius analysis per server description

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

One questionable npm package can silently expand your attack surface, but solo builders lack time for deep supply-chain review on every add.

Who is it for?

Indie JS/TS builders who want MCP-driven dependency risk checks during releases and when agents propose new packages.

Skip if: Non-npm stacks, teams that only need passive CI CVE scanning with no interactive agent workflow, or orgs without Node for local MCP.

What do I get? / Deliverables

You get agent-accessible trust, zombie, and blast-radius signals to block or refactor risky dependencies before they reach production.

Trust-oriented readouts on npm dependencies
Zombie or low-viability package signals for triage
Blast-radius context to prioritize remediation before release

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Dependency risk assessment is canonical on ship/security, but the same checks matter when adding packages in build and watching drift in operate. Predictive supply-chain analysis is application security work, not generic testing or launch marketing.

How it compares

Predictive supply-chain MCP engine, not a generic code formatter or cloud deploy integration.

Common Questions / FAQ

Who is Dep Oracle MCP for?

Solo and small-team developers shipping npm-based apps who want security-oriented dependency intelligence inside MCP-enabled agents.

When should I use Dep Oracle MCP?

Before shipping, when evaluating new dependencies during build, or when revisiting critical packages after maintainer or incident news.

How do I add Dep Oracle MCP to my agent?

Install the dep-oracle npm package, configure stdio MCP with Node per server.json v1.3.0, and register it in Claude Code, Cursor, Codex, or a compatible client.

Dep Oracle

ertugrulakben/dep-oracle

Score npm dependencies for trust, zombie risk, and blast radius before you ship or add packages during build.

Overview

Dep Oracle MCP is a MCP server for the Ship phase that delivers predictive npm dependency trust scores, zombie detection, and blast radius analysis inside your agent.

What is this MCP server?

Predictive dependency security engine for npm ecosystems
Trust scores, zombie detection, and blast radius analysis
npm package dep-oracle v1.3.0 with stdio MCP transport
Node runtime hint for local MCP registration
Agent-invokable views for supply-chain decisions in ship phase
npm identifier dep-oracle version 1.3.0
stdio transport with Node runtime hint
Engine themes: trust scores, zombie detection, blast radius analysis per server description

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

What problem does it solve?

One questionable npm package can silently expand your attack surface, but solo builders lack time for deep supply-chain review on every add.

Who is it for?

Indie JS/TS builders who want MCP-driven dependency risk checks during releases and when agents propose new packages.

Skip if: Non-npm stacks, teams that only need passive CI CVE scanning with no interactive agent workflow, or orgs without Node for local MCP.

What do I get? / Deliverables

You get agent-accessible trust, zombie, and blast-radius signals to block or refactor risky dependencies before they reach production.

Trust-oriented readouts on npm dependencies
Zombie or low-viability package signals for triage
Blast-radius context to prioritize remediation before release

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Predictive supply-chain MCP engine, not a generic code formatter or cloud deploy integration.

Common Questions / FAQ

Who is Dep Oracle MCP for?

Solo and small-team developers shipping npm-based apps who want security-oriented dependency intelligence inside MCP-enabled agents.

When should I use Dep Oracle MCP?

Before shipping, when evaluating new dependencies during build, or when revisiting critical packages after maintainer or incident news.

How do I add Dep Oracle MCP to my agent?

Install the dep-oracle npm package, configure stdio MCP with Node per server.json v1.3.0, and register it in Claude Code, Cursor, Codex, or a compatible client.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Dep Oracle MCP for?

When should I use Dep Oracle MCP?

How do I add Dep Oracle MCP to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Dep Oracle MCP for?

When should I use Dep Oracle MCP?

How do I add Dep Oracle MCP to my agent?