SelfLabbs

Audit Your Whole Dependency Tree with an AI Agent

Updated July 2026

Checking dependencies for vulnerabilities one at a time is slow and easy to skip. With the audit_dependencies tool, an AI agent can scan an entire manifest in a single call and tell you exactly which packages are vulnerable.

How it works

Paste the contents of a package.json (npm), requirements.txt (PyPI), or go.mod (Go). The tool auto-detects the format, batch-queries the OSV.dev vulnerability database for every dependency at once, and returns a consolidated report: which packages are affected, how many vulnerabilities each has, and the advisory IDs.

Setup

claude mcp add --transport http security-intel https://security-intel-mcp.greenfield1775.workers.dev/mcp

No API key needed. Then ask your agent:

"Audit the dependencies in this package.json for known vulnerabilities."

Make it a habit

Add one line to your project CLAUDE.md so every review runs an audit:

Before merging, run audit_dependencies on the project manifest.

Free tier shows the top findings; a Pro key returns the full tree. Open source (MIT) — see GitHub or the pricing.