A Model Context Protocol (MCP) server for Socket integration — lets AI assistants query dependency vulnerability scores and security metadata.
Socket MCP exposes Socket.dev's package-scoring API through the Model Context Protocol, so any MCP-aware AI assistant (Claude, VS Code Copilot, Cursor, Windsurf) can score a package, audit a package.json, or flag risky dependencies as part of a conversation. It ships as both a hosted public server (https://mcp.socket.dev/, no setup) and a self-hostable npm package, so you can choose between zero-friction and full data isolation.
- 🔍 Dependency Security Scanning - Get comprehensive security scores for npm, PyPI, cargo, Maven, NuGet, RubyGems, Go Modules, and more (supported ecosystems)
- 🌐 Public Hosted Service - Use our public server at
https://mcp.socket.dev/with no setup required - 🚀 Multiple Deployment Options - Run locally via stdio, HTTP, or use our service
- 🤖 AI Assistant Integration - Works seamlessly with Claude, VS Code Copilot, Cursor, and other MCP clients
- 📊 Batch Processing - Check multiple dependencies in a single request
- 🔒 No Authentication Required - Public server requires no API keys or registration
🛠️ This project is in early development and rapidly evolving.
The easiest way to get started. No API key or authentication required! Click a button below to install in your favorite AI assistant.
Manual install — Claude Desktop / Claude Code
[!NOTE] Custom integrations are not available to all paid versions of Claude. Check here for more information.
- In Claude Desktop, go to Settings > Developer > Edit Config.
- Add the Socket MCP server configuration:
{
"mcpServers": {
"socket-mcp": {
"type": "http",
"url": "https://mcp.socket.dev/"
}
}
}- Save the configuration and restart Claude Desktop.
- Now you can ask Claude "Check the security score for express version 4.18.2".
For Claude Code:
claude mcp add --transport http socket-mcp https://mcp.socket.dev/Manual install — VS Code
# For VS Code with GitHub Copilot
code --add-mcp '{"name":"socket-mcp","type":"http","url":"https://mcp.socket.dev/"}'Or add to .vscode/mcp.json:
{
"servers": {
"socket-mcp": {
"type": "http",
"url": "https://mcp.socket.dev/"
}
}
}Manual install — Cursor
Cursor Settings → MCP → Add new MCP Server. Name socket-mcp, http type, URL https://mcp.socket.dev/.
{
"mcpServers": {
"socket-mcp": {
"type": "http",
"url": "https://mcp.socket.dev/"
}
}
}Manual install — Windsurf
[!WARNING] Windsurf does not support
httptype MCP servers yet. Use the stdio configuration in Option 2 below.
{
"mcpServers": {
"socket-mcp": {
"serverUrl": "https://mcp.socket.dev/mcp"
}
}
}Manual install — Factory
Factory is an AI-powered software engineering platform. Install the Socket MCP server with the Factory CLI:
droid mcp add socket https://mcp.socket.dev/ --type httpTo self-host with an API key instead, see Option 2 below and register the stdio command with droid mcp add.
Alternatively, type /mcp within the Factory droid to manage MCP servers from an interactive UI. Learn more in the Factory MCP documentation.
To run your own instance, create an API key first (only the packages:list permission scope is needed; see creating-and-managing-api-tokens).
Option 2a — Stdio mode (default)
Claude Code:
claude mcp add socket-mcp -e SOCKET_API_TOKEN="your-api-token-here" -- npx -y @socketsecurity/mcp@latest # socket-hook: allow npxMost other MCP clients:
{
"mcpServers": {
"socket-mcp": {
"command": "npx", // socket-hook: allow npx
"args": ["@socketsecurity/mcp@latest"],
"env": {
"SOCKET_API_TOKEN": "your-api-token-here"
}
}
}
}Option 2b — HTTP mode
Run the server in HTTP mode using npx:
MCP_HTTP_MODE=true SOCKET_API_TOKEN=your-api-token npx @socketsecurity/mcp@latest --http # socket-hook: allow npxEnvironment variables for HTTP mode:
| Variable | Required | Default | Description |
|---|---|---|---|
SOCKET_API_TOKEN |
Required unless OAuth is enabled | None | Socket API token used for outbound API calls. Legacy aliases (SOCKET_API_KEY, SOCKET_CLI_API_TOKEN, SOCKET_CLI_API_KEY, SOCKET_SECURITY_API_TOKEN, SOCKET_SECURITY_API_KEY) are accepted via the fleet's getSocketApiToken() helper. If unset in OAuth-enabled HTTP mode, the validated incoming bearer token is forwarded upstream instead. |
SOCKET_OAUTH_ISSUER |
Set together with the two introspection vars to enable OAuth | None | OAuth issuer URL used for metadata discovery and incoming bearer-token validation. |
SOCKET_OAUTH_INTROSPECTION_CLIENT_ID |
With OAuth | None | Client ID used for token introspection. |
SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET |
With OAuth | None | Client secret used for token introspection. |
SOCKET_OAUTH_REQUIRED_SCOPES |
No | packages:list |
Space-delimited scopes required on incoming access tokens. |
SOCKET_API_URL |
No | Production Socket API URL, or localhost when SOCKET_DEBUG=true |
Override the upstream Socket API endpoint. Useful for local development and testing. |
SOCKET_DEBUG |
No | false |
Switches the default upstream Socket API endpoint to localhost when SOCKET_API_URL is unset. |
TRUST_PROXY |
No | false |
When true, trust X-Forwarded-Host and X-Forwarded-Proto when building OAuth metadata URLs. Enable only behind a trusted reverse proxy that rewrites these headers. |
MCP_PORT |
HTTP mode only | 3000 |
Port to bind the HTTP server to. |
SOCKET_API_URL and SOCKET_DEBUG also apply in stdio mode.
To enable OAuth-backed auth for incoming MCP requests:
MCP_HTTP_MODE=true \
SOCKET_OAUTH_ISSUER=https://issuer.example.com \
SOCKET_OAUTH_INTROSPECTION_CLIENT_ID=your-client-id \
SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET=your-client-secret \
npx @socketsecurity/mcp@latest --http # socket-hook: allow npxAdd TRUST_PROXY=true only when the server is deployed behind a trusted reverse proxy or load balancer that normalizes the forwarded host and protocol headers.
Configure your MCP client to connect to the HTTP server:
{
"mcpServers": {
"socket-mcp": {
"type": "http",
"url": "http://localhost:3000"
}
}
}Once installed, ask your AI assistant questions like:
- "Check the security score for express version 4.18.2"
- "Analyze the security of my package.json dependencies"
- "What are the vulnerability scores for react, lodash, and axios?"
Query the Socket API for dependency scoring information. Returns supply chain, quality, maintenance, vulnerability, and license scores per package.
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
packages |
Array | ✅ Yes | - | Array of package objects to analyze |
packages[].ecosystem |
String | No | "npm" |
Package ecosystem. See Supported ecosystems below. |
packages[].depname |
String | ✅ Yes | - | Name of the dependency/package |
packages[].version |
String | No | "unknown" |
Version of the dependency |
Supported ecosystems
Based on Socket's language support. The ecosystem parameter maps to PURL types:
| Ecosystem | PURL type | Package managers | Maturity |
|---|---|---|---|
| JavaScript & TypeScript | npm |
npm, yarn, pnpm, Bun, VLT | GA |
| Python | pypi |
uv, pip, Poetry, Anaconda | GA |
| Go | golang |
Go Modules | GA |
| Java / Scala / Kotlin | maven |
Maven, Gradle, sbt | GA |
| Ruby | gem |
Bundler | GA |
| .NET (C#, F#, VB) | nuget |
NuGet | GA |
| Rust | cargo |
cargo | GA |
| PHP | composer |
Composer | Experimental |
| GitHub Actions | actions |
GitHub Actions workflows | Experimental (workflow scanning, not package-level) |
Example request:
{
"packages": [
{ "ecosystem": "npm", "depname": "express", "version": "4.18.2" },
{ "ecosystem": "pypi", "depname": "fastapi", "version": "0.100.0" }
]
}Sample response:
pkg:npm/express@4.18.2: supply_chain: 1.0, quality: 0.9, maintenance: 1.0, vulnerability: 1.0, license: 1.0
Report: https://socket.dev/npm/package/express
pkg:pypi/fastapi@0.100.0: supply_chain: 1.0, quality: 0.95, maintenance: 0.98, vulnerability: 1.0, license: 1.0
Report: https://socket.dev/pypi/package/fastapi
You can customize how the MCP server interacts with your AI assistant by editing your client's rules file:
| MCP Client | Rules File Location |
|---|---|
| Claude Desktop/Code | CLAUDE.md |
| VSCode Copilot | .github/copilot-instructions.md |
| Cursor | .cursor/rules |
Example rule:
Always check dependency scores with the depscore tool when you add a new dependency. If the score is low, consider using an alternative library or writing the code yourself.The repo ships an optional Claude Code hook that blocks high-risk packages before installation. When Claude Code runs an install command, the hook queries the public Socket MCP server at https://mcp.socket.dev/ and denies the install when the package's supply chain score is below 20 (known malware, typosquats, high-risk supply chain signals). No API key, no CLI, no registration — copy the file and wire it up.
Supported ecosystems and package managers:
| Ecosystem | Commands |
|---|---|
| npm | npm install, npm i, npm add, yarn add, pnpm add, bun add |
| PyPI | pip install, pip3 install, uv add, uv pip install, poetry add, pipenv install |
| Cargo | cargo add, cargo install |
| RubyGems | gem install, bundle add |
| Go | go get, go install |
| NuGet | dotnet add package, nuget install |
Prerequisites: Node.js 22+.
- Copy the whole
socket-gatedirectory into your hooks folder. The bundledsocket-gate.cjsis self-contained, so it runs without any dependencies beside it. From a checkout, runpnpm run buildfirst to produce it; from a published install, copy fromnode_modules/@socketsecurity/mcp/:
mkdir -p ~/.claude/hooks
cp -R hooks/socket-gate ~/.claude/hooks/- Add to
~/.claude/settings.json:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash",
"hooks": [
{
"type": "command",
"command": "node ~/.claude/hooks/socket-gate/socket-gate.cjs"
}
]
}
]
}
}See hooks/socket-gate/README.md for the full
reference.
The hook denies installation when supplyChain < 20, allows it otherwise — e.g. express/lodash/react (75–97) allow, browserlist (typosquat of browserslist, 15) and confirmed malware (0) block. Network, timeout, or parse errors all fail open, so a Socket outage will not block legitimate work.
A best-effort guardrail, not a complete defense. Known gaps:
- Manifest edits + lockfile installs. If Claude edits a manifest directly (
package.json,requirements.txt,Cargo.toml,Gemfile,go.mod,*.csproj) then runs a bare install (npm install,pip install -r requirements.txt,cargo build,bundle install,go mod tidy,dotnet restore), there is no package name on the command line to check. - Package-manager invocations only. Direct downloads (
curl | sh,wget), post-install scripts of already-accepted packages, and transitive dependencies are not re-checked. - Indirect Claude paths. Sub-agents, MCP tools that shell out, and non-
Bashtool calls are not covered unless thematcheris broadened.
Inspired by Jimmy Vo's dependency hook.
Contributor commands
git clone https://github.com/SocketDev/socket-mcp.git
cd socket-mcp
npm install
npm run buildRun from source (stdio mode):
export SOCKET_API_TOKEN=your_api_token_here
node --experimental-strip-types index.tsOr in HTTP mode:
MCP_HTTP_MODE=true SOCKET_API_TOKEN=your_api_token_here node --experimental-strip-types index.ts --httpWhen running in HTTP mode, GET /health returns:
{
"status": "healthy",
"service": "socket-mcp",
"version": "0.0.3",
"timestamp": "2025-06-17T20:45:22.059Z"
}Suitable for Kubernetes liveness/readiness probes, Docker health checks, load balancers.
Q: The public server isn't responding — Check the URL https://mcp.socket.dev/, verify your MCP client configuration, restart your MCP client.
Q: Local server fails to start — Ensure Node.js v16+ is installed, check SOCKET_API_TOKEN is set, verify the API token has packages:list permission.
Q: Getting authentication errors with local server — Double-check your API key is valid, ensure packages:list scope, regenerate if needed.
Q: AI assistant can't find the depscore tool — Restart your MCP client after configuration changes, verify config is saved, check the server is running.
MIT
