OSV MCP Server
@ptelang
About OSV MCP Server
MCP Server for Vulnerabilities based on OSV API
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"osv-mcp-ptelang": {
"command": "uv",
"args": [
"venv"
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is OSV MCP Server?
OSV MCP Server is a Python-based MCP (Model Context Protocol) server that integrates Open Source Vulnerabilities (OSV) data and tools with AI assistants or large language models (LLMs). It is designed for developers and security researchers who want to query vulnerability information through an LLM interface.
How to use OSV MCP Server?
Clone the repository, create a virtual environment with uv, install dependencies using uv sync, and start the server with uv run vulns.py. For use with Claude Desktop, add the server configuration to claude_desktop_config.json specifying the uv command and path to the project.
Key features of OSV MCP Server
- Exposes OSV vulnerability data via the MCP protocol
- Provides a
query_vulnerabilitiestool for LLM invocation - Simple Python-based setup with
uvpackage manager - Easily connectable to any MCP‑compatible AI assistant
Use cases of OSV MCP Server
- Query open source vulnerabilities using natural language through an LLM
- Integrate vulnerability lookup into AI‑driven security workflows
- Enable developers to check dependency risks via conversational interface
- Automate vulnerability research with LLM tool‑calling capabilities
FAQ from OSV MCP Server
What prerequisites are required to run OSV MCP Server?
Python 3.8+ and the uv package manager must be installed on your system.
How do I connect OSV MCP Server to Claude Desktop?
Add the server configuration to claude_desktop_config.json with the uv command, the absolute path to the project directory, and run vulns.py as arguments.
Where does the vulnerability data come from?
The server retrieves data from the OSV (Open Source Vulnerabilities) database. The README does not specify further details about data storage or caching.
What tool does the server expose to LLMs?
The server exposes a query_vulnerabilities tool that can be invoked by connected AI assistants.
Is OSV MCP Server open source and what is its license?
Yes, the source code is available and licensed under the MIT License (as indicated in the README).
More Other MCP servers
FastMCP v2 🚀
jlowin🚀 The fast, Pythonic way to build MCP servers and clients.
Unity MCP ✨
justinpbarnettUnity MCP acts as a bridge between AI assistants and your Unity Editor. Give your LLM tools to manage assets, control scenes, edit scripts, and automate tasks within Unity.
MCP Registry
modelcontextprotocolA community driven registry service for Model Context Protocol (MCP) servers.
Awesome Mcp Servers
punkpeyeA collection of MCP servers.
MCP Go 🚀
mark3labsA Go implementation of the Model Context Protocol (MCP), enabling seamless integration between LLM applications and external data sources and tools.
Comments