Add DepScope: package intelligence MCP server

[cuttalo]

DepScope is a free zero-auth MCP server with package health, vulnerability, deprecation, and migration intelligence across 17 ecosystems. The remote endpoint at https://mcp.depscope.dev/mcp exposes 23 tools (check_package, get_vulnerabilities, audit_stack, ai_brief, get_migration_path, find_alternatives, etc.).

Vulnerability data is enriched with CISA KEV (actively exploited) and EPSS scores. Malicious detection cross-references OpenSSF malicious-packages.

Live: https://depscope.dev
MCP: https://mcp.depscope.dev/mcp
CLI: https://www.npmjs.com/package/depscope-cli

One-line entry, factual description, alphabetical placement. No marketing.

[github-actions]

Hey,

To ensure that only working servers are listed, we're updating our listing requirements.

Please complete the following steps:

1. Ensure your server is listed on Glama. If it isn't already, submit it at https://glama.ai/mcp/servers and verify that it passes all checks (note: you must add Dockerfile directly to Glama. For checks to pass, we only need the server to start and respond to introspection requests).

2. Update your PR by adding a Glama score badge after the server description, using this format:

[![OWNER/REPO MCP server](https://glama.ai/mcp/servers/OWNER/REPO/badges/score.svg)](https://glama.ai/mcp/servers/OWNER/REPO)

Replace OWNER/REPO with your server's Glama path.

If you need any assistance, feel free to ask questions here or on Discord.

P.S. If your server already has a hosted endpoint, you can also list it under https://glama.ai/mcp/connectors.

[cuttalo]

Hi! Quick context for the Glama check:

DepScope is a hosted MCP (Streamable HTTP at https://mcp.depscope.dev/mcp),
not a self-hostable server, so we registered it under
https://glama.ai/mcp/connectors instead of /mcp/servers. The connector
ID is atn6fu5a6w.

Glama discovery completed — all 23 tools listed (ai_brief, audit_stack,
get_migration_path, check_package, get_vulnerabilities, find_alternatives,
check_malicious, check_typosquat, get_health_score, get_latest_version,
package_exists, get_package_prompt, compare_packages, scan_project,
get_breaking_changes, get_known_bugs, check_compatibility, resolve_error,
search_errors, get_scorecard, get_maintainer_trust, get_quality,
get_provenance) — connection tests pass at 645–776 ms.

Happy to update the PR with whatever badge or path you prefer for hosted
connectors. Thanks for maintaining the list.

[cuttalo]

Added Glama score badge as requested by @github-actions. Server is now discoverable at https://glama.ai/mcp/servers/cuttalo/depscope — please re-run the glama-check

[github-actions]

Thank you for adding the Glama badge!

Please make sure the server's badge shows an A A A score:

If you need any assistance, feel free to ask questions here or on Discord.

[punkpeye]

Hey, a few things to address before this can be merged:

• Glama server not found: The badge points to cuttalo/depscope but that server doesn't exist on Glama. Please submit your server at https://glama.ai/mcp/servers (click "Add Server"), then make sure the badge URL matches your server's actual Glama path.

If you need help, feel free to ask here or on Discord.

[cuttalo]

Hi @punkpeye, thanks for the review.

DepScope is now live on Glama: https://glama.ai/mcp/servers/cuttalo/depscope
The path matches the badge URL already in the PR — no diff needed.

Let me know if anything else is required before merge.

[punkpeye]

Hey @cuttalo, this PR has merge conflicts that need to be resolved before it can be merged. Please rebase or merge the latest main branch into your branch and push the updated changes.

This is a blocker — the PR cannot be merged until the conflicts are resolved.

[cuttalo]

Conflicts resolved — merged latest upstream/main into add-depscope (commit 4aafdb7). Kept both Security entries (cuttalo/depscope from this PR, UPinar/contrastapi from recent main). Ready for review.

[punkpeye]

Hey, a few things to address before this can be merged:

• Glama scores: Your server needs to be evaluated by Glama (quality and security scores must be set). Check your current scores at https://glama.ai/mcp/servers/cuttalo/depscope/score

If you need help, feel free to ask here or on Discord.

[cuttalo]

Hi Frank,

Glama evaluation completed:

• Security: A (no known vulnerabilities)
• License: A (permissive — MIT)
• Quality: A tier

Listing: https://glama.ai/mcp/servers/cuttalo/depscope

Ready for merge whenever you are. Thanks for the patience.

[github-actions]

Thank you for your contribution! Your server has been merged.

Are you in the MCP Discord? Let me know your Discord username and I will give you a server-author flair.

If you also have a remote server, you can list it under https://glama.ai/mcp/connectors