AgentReadyHomeAgent ListingPricing

← Agent Listing

OSV MCP

MCP Tools and AgentsFreeOpen Source

MCP server for querying the OSV (Open Source Vulnerabilities) database by package version or commit.

🛡️ AgentReady threat assessment

MAESTRO 7-layer threat model + OWASP AIVSS risk score for OSV MCP, derived from its capabilities.

AIVSS 3.7 · Low
View MAESTRO 7-layer threat model →

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.

Overview

Provides tools to look up known vulnerabilities from Google's OSV database, querying by package name and version or by commit, with batch queries across multiple packages and detailed lookup by vulnerability ID. Useful for dependency risk assessment in an agent workflow. Data surface is vulnerability metadata rather than code, lowering exposure risk.

Key features

Use cases