OSV MCP Server

Name: OSV MCP Server
Availability: InStock
Author: stackloklabs

by stackloklabs

Query the Open Source Vulnerabilities (OSV) database for package and commit security vulnerabilities.

0 stars

1 views

Works in:claude

Exposes:Tools

View on GitHub Docs

What it does

This server provides a direct bridge between LLMs and the OSV (Open Source Vulnerabilities) database, allowing AI agents to identify known security vulnerabilities in specific package versions or commits across multiple ecosystems.

Tools

query_vulnerability: Checks for vulnerabilities affecting a specific package version, commit, or package URL (purl).
query_vulnerabilities_batch: Performs batch queries for multiple packages or commits in a single request.
get_vulnerability: Retrieves comprehensive details for a specific vulnerability using its OSV ID.

Installation

Add the following to your claude_desktop_config.json (ensure the server is built and running):

{
  "mcpServers": {
    "osv-mcp": {
      "command": "/path/to/build/osv-mcp-server",
      "args": []
    }
  }
}

Supported hosts

claude

Quick install

git clone https://github.com/StacklokLabs/osv-mcp.git && cd osv-mcp && task build

Information

Pricing: free
Published: 5/10/2026
stars