Socket MCP Server

Socket MCP Server

A Model Context Protocol (MCP) server for Socket integration — lets AI assistants query dependency vulnerability scores and security metadata.

Why this repo exists

Socket MCP exposes Socket.dev's package-scoring API through the Model Context Protocol, so any MCP-aware AI assistant (Claude, VS Code Copilot, Cursor, Windsurf) can score a package, audit a package.json, or flag risky dependencies as part of a conversation. It ships as both a hosted public server (https://mcp.socket.dev/, no setup) and a self-hostable npm package, so you can choose between zero-friction and full data isolation.

✨ Features

• 🔍 Dependency Security Scanning - Get comprehensive security scores for npm, PyPI, cargo, Maven, NuGet, RubyGems, Go Modules, and more (supported ecosystems)
• 🌐 Public Hosted Service - Use our public server at https://mcp.socket.dev/ with no setup required
• 🚀 Multiple Deployment Options - Run locally via stdio, HTTP, or use our service
• 🤖 AI Assistant Integration - Works seamlessly with Claude, VS Code Copilot, Cursor, and other MCP clients
• 📊 Batch Processing - Check multiple dependencies in a single request
• 🔒 No Authentication Required - Public server requires no API keys or registration

🛠️ This project is in early development and rapidly evolving.

Install

Option 1: Use the public Socket MCP server (recommended)

The easiest way to get started. No API key or authentication required! Click a button below to install in your favorite AI assistant.

{
  "mcpServers": {
    "socket-mcp": {
      "type": "http",
      "url": "https://mcp.socket.dev/"
    }
  }
}

claude mcp add --transport http socket-mcp https://mcp.socket.dev/

# For VS Code with GitHub Copilot
code --add-mcp '{"name":"socket-mcp","type":"http","url":"https://mcp.socket.dev/"}'

{
  "servers": {
    "socket-mcp": {
      "type": "http",
      "url": "https://mcp.socket.dev/"
    }
  }
}

{
  "mcpServers": {
    "socket-mcp": {
      "type": "http",
      "url": "https://mcp.socket.dev/"
    }
  }
}

{
  "mcpServers": {
    "socket-mcp": {
      "serverUrl": "https://mcp.socket.dev/mcp"
    }
  }
}

droid mcp add socket https://mcp.socket.dev/ --type http

Option 2: Self-host the Socket MCP server

To run your own instance, create an API key first (only the packages:list permission scope is needed; see creating-and-managing-api-tokens).

claude mcp add socket-mcp -e SOCKET_API_TOKEN="your-api-token-here" -- npx -y @socketsecurity/mcp@latest # socket-hook: allow npx

{
  "mcpServers": {
    "socket-mcp": {
      "command": "npx", // socket-hook: allow npx
      "args": ["@socketsecurity/mcp@latest"],
      "env": {
        "SOCKET_API_TOKEN": "your-api-token-here"
      }
    }
  }
}

MCP_HTTP_MODE=true SOCKET_API_TOKEN=your-api-token npx @socketsecurity/mcp@latest --http # socket-hook: allow npx

MCP_HTTP_MODE=true \
SOCKET_OAUTH_ISSUER=https://issuer.example.com \
SOCKET_OAUTH_INTROSPECTION_CLIENT_ID=your-client-id \
SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET=your-client-secret \
npx @socketsecurity/mcp@latest --http # socket-hook: allow npx

{
  "mcpServers": {
    "socket-mcp": {
      "type": "http",
      "url": "http://localhost:3000"
    }
  }
}

Usage

Once installed, ask your AI assistant questions like:

• "Check the security score for express version 4.18.2"
• "Analyze the security of my package.json dependencies"
• "What are the vulnerability scores for react, lodash, and axios?"

Tools exposed

depscore

Query the Socket API for dependency scoring information. Returns supply chain, quality, maintenance, vulnerability, and license scores per package.

Supported ecosystems

Based on Socket's language support. The ecosystem parameter maps to PURL types:

Example request:

{
  "packages": [
    { "ecosystem": "npm", "depname": "express", "version": "4.18.2" },
    { "ecosystem": "pypi", "depname": "fastapi", "version": "0.100.0" }
  ]
}

Sample response:

pkg:npm/[email protected]: supply_chain: 1.0, quality: 0.9, maintenance: 1.0, vulnerability: 1.0, license: 1.0
  Report: https://socket.dev/npm/package/express
pkg:pypi/[email protected]: supply_chain: 1.0, quality: 0.95, maintenance: 0.98, vulnerability: 1.0, license: 1.0
  Report: https://socket.dev/pypi/package/fastapi

Adjusting tool usage via client rules

You can customize how the MCP server interacts with your AI assistant by editing your client's rules file:

Example rule:

Always check dependency scores with the depscore tool when you add a new dependency. If the score is low, consider using an alternative library or writing the code yourself.

Claude Code Hook (Optional)

The repo ships an optional Claude Code hook that blocks high-risk packages before installation. When Claude Code runs an install command, the hook queries the public Socket MCP server at https://mcp.socket.dev/ and denies the install when the package's supply chain score is below 20 (known malware, typosquats, high-risk supply chain signals). No API key, no CLI, no registration — copy the file and wire it up.

Supported ecosystems and package managers:

Setup

Prerequisites: Node.js 22+.

1. Copy the whole socket-gate directory into your hooks folder. The bundled socket-gate.cjs is self-contained, so it runs without any dependencies beside it. From a checkout, run pnpm run build first to produce it; from a published install, copy from node_modules/@socketsecurity/mcp/:

mkdir -p ~/.claude/hooks
cp -R hooks/socket-gate ~/.claude/hooks/

2. Add to ~/.claude/settings.json:

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "node ~/.claude/hooks/socket-gate/socket-gate.cjs"
          }
        ]
      }
    ]
  }
}

See hooks/socket-gate/README.md for the full reference.

How it works

The hook denies installation when supplyChain < 20, allows it otherwise — e.g. express/lodash/react (75–97) allow, browserlist (typosquat of browserslist, 15) and confirmed malware (0) block. Network, timeout, or parse errors all fail open, so a Socket outage will not block legitimate work.

Limitations

A best-effort guardrail, not a complete defense. Known gaps:

• Manifest edits + lockfile installs. If Claude edits a manifest directly (package.json, requirements.txt, Cargo.toml, Gemfile, go.mod, *.csproj) then runs a bare install (npm install, pip install -r requirements.txt, cargo build, bundle install, go mod tidy, dotnet restore), there is no package name on the command line to check.
• Package-manager invocations only. Direct downloads (curl | sh, wget), post-install scripts of already-accepted packages, and transitive dependencies are not re-checked.
• Indirect Claude paths. Sub-agents, MCP tools that shell out, and non-Bash tool calls are not covered unless the matcher is broadened.

Inspired by Jimmy Vo's dependency hook.

Development

git clone https://github.com/SocketDev/socket-mcp.git
cd socket-mcp
npm install
npm run build

export SOCKET_API_TOKEN=your_api_token_here
node --experimental-strip-types index.ts

MCP_HTTP_MODE=true SOCKET_API_TOKEN=your_api_token_here node --experimental-strip-types index.ts --http

{
  "status": "healthy",
  "service": "socket-mcp",
  "version": "0.0.3",
  "timestamp": "2025-06-17T20:45:22.059Z"
}

License

MIT