Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

TridentChain Security

БесплатноНе проверен

Local supply-chain CVE scanner via OSV/NVD. Scans deps and IDE extensions. No upload.

GitHubEmbed

Описание

Local supply-chain CVE scanner via OSV/NVD. Scans deps and IDE extensions. No upload.

README

PyPI — tridentchain-security PyPI — tridentchain-mcp PyPI Downloads MCP Registry Python License: MIT Works with Claude · Cursor · VS Code · Windsurf · Zed

Local-first vulnerability scanner for project dependencies, developer tools, and IDE extensions.
Uses multi-source intelligence (OSV, NVD, GHSA, Sonatype) with KEV/EPSS prioritization.

No API key required for default usage.

Public repo: https://github.com/DevInder1/supply-chain-scanner-public


Install (plug and play)

pip3 install tridentchain-security
npm install -g @tridentchain/security-cli
tridentchain-security --help

Agents & MCP (Claude, Cursor, VS Code):

pip3 install "tridentchain-security>=0.1.1" tridentchain-mcp

What you can do: docs/CAPABILITIES.md
Full guide: docs/INSTALL_AND_USE.md
Cross-platform (macOS / Linux / Windows): docs/CROSS_PLATFORM.md
(PyPI: tridentchain-security · npm: @tridentchain/security-cli)

tridentchain-security --scan all --project-path . --output-dir scanner-output

Use in your own Python app

from scanner import run_scan

summary = run_scan(
    project_path=".",
    scan="all",
    run_profile="full",  # no API key required
    output_dir="scanner-output",
)
print(summary["summary"])

Scan profiles

Profile Description
full (default) Project + system + extensions. OSV + NVD without keys.
quick Faster project-focused scan.
offline Local advisory DB only, no network.
Power-user Add GITHUB_TOKEN, NVD_API_KEY, optional SONATYPE_TOKEN for best coverage.

Desktop app (individual application)

No repo clone required if the pip package is installed:

pip3 install tridentchain-security
cd apps/desktop && npm install && npm run start

See apps/desktop/README.md and docs/DISTRIBUTION_VERIFICATION.md.

AI / automation (Claude, OpenAI, Cursor, VS Code, Windsurf, …)

One install, every agent: pip install "tridentchain-security>=0.1.2" tridentchain-mcp

Guide Description
Agent integrations Claude · OpenAI · Cursor · VS Code · Windsurf · Zed · MCP · CLI
Capabilities Everything you can do today
Architecture MCP + unified tools design
./scripts/setup-agent-mcp.sh cursor   # prints setup for your agent

Phase 2 — Claude MCP: pip install tridentchain-mcp · Setup guide · Plugin

Phase 3 — OpenAI + Cursor: examples/openai/ · Cursor setup · .cursor/mcp.json.example

Phase 4 — VS Code (Anthropic MCP): Open repo → MCP ready · VS Code setup · ./scripts/vscode-mcp-install-link.sh · extension

Phase 5 — Validate: tridentchain-security --validate · MCP validate_after_patch · CAPABILITIES.md

Unified tool layer: from scanner.integrations import execute_tool, get_tool_definitions, to_openai_tools


Development

git clone https://github.com/DevInder1/supply-chain-scanner-public.git
cd supply-chain-scanner-public
python3 -m pip install -e .
tridentchain-security --help
python3 -m unittest scanner.tests.test_matcher_ranges -v

Install & use: docs/INSTALL_AND_USE.md
Cross-platform: docs/CROSS_PLATFORM.md
CLI contract: docs/cli-contract.md
Publishing: docs/PUBLISHING.md


Optional API keys (power users)

Variable Purpose
NVD_API_KEY Higher NVD rate limits
GITHUB_TOKEN GHSA advisories
SONATYPE_TOKEN Sonatype Guide advisories

Set in .env or environment variables.


License

MIT — see LICENSE

from github.com/DevInder1/supply-chain-scanner-public

Установить TridentChain Security в Claude Desktop, Claude Code, Cursor

Рекомендуется · одна команда, все IDE
unyly install tridentchain-security

Ставит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.

Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh

Или настроить вручную

Выполни в терминале:

claude mcp add tridentchain-security -- uvx tridentchain-mcp

FAQ

TridentChain Security MCP бесплатный?

Да, TridentChain Security MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для TridentChain Security?

Нет, TridentChain Security работает без API-ключей и переменных окружения.

TridentChain Security — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить TridentChain Security в Claude Desktop, Claude Code или Cursor?

Открой TridentChain Security на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare TridentChain Security with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории development