vulnerabilities
Pack: osv-dev · Endpoint: https://gateway.pipeworx.io/osv-dev/mcp
Query vulnerabilities by package (+ optional version) or git commit.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
package_name | string | no | |
ecosystem | string | no | npm | PyPI | crates.io | Go | Maven | NuGet | RubyGems | Hex | Pub | Packagist | GitHub Actions | Debian:12 | etc. |
version | string | no | |
commit | string | no | Mutually exclusive with package_name. |
Example call
curl -X POST https://gateway.pipeworx.io/osv-dev/mcp \
-H 'Content-Type: application/json' \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"vulnerabilities","arguments":{}}}'Connect
Add this to your MCP client config, or use one-click install buttons:
{
"mcpServers": {
"osv-dev": {
"url": "https://gateway.pipeworx.io/osv-dev/mcp"
}
}
}See Getting Started for client-specific install steps.