piiiico

Supply chain risk scoring for npm, PyPI, and GitHub repos

Security scanner for MCP servers. Detects prompt injection, command injection, auth bypass, and excessive permissions across tools, resources, and prompts.

Supply chain risk scoring for npm, PyPI, Cargo, and Go packages. 9 tools for behavioral trust signals — publisher depth, release consistency, maintenance patter