Home / AI/LLM / depfence

depfence

ericrihm/depfence
★ 0 stars Python 🤖 AI/LLM Updated today
AI-aware dependency security scanner — slopsquatting detection, MCP server auditing, behavioral analysis, and supply chain threat intelligence
View on GitHub →

Quick Install

Copy the config for your editor. Some servers may need additional setup — check the README.

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "depfence": {
      "command": "uvx",
      "args": [
        "depfence"
      ]
    }
  }
}

Or install with pip: pip install depfence

README Excerpt

**AI-aware dependency security scanner** ```bash pip install depfence depfence scan . ``` --- Traditional scanners match package versions against known advisories and stop there. That model misses three entire categories of attack that matter specifically to AI/ML developers. **AI/ML supply chain.** LLMs hallucinate package names. Attackers register those names with malicious payloads — a pattern called slopsquatting. Packages targeting `torch`, `langchain`, and `transformers` typos appear in th

Tools (20)

DEPFENCE_CACHE_DIRDEPFENCE_PLUGIN_PATHDEPFENCE_TIMEOUTast_analyzerbehavioralci_secretsdep_confusiondockerfilefreshnessgha_scannergha_workflowinstall_scriptlicense_compatlicense_scannermcp_fingerprintmcp_scannermodel_scannermy_scannernetworknpm_advisory

Related AI/LLM Servers

gemini-cli ★ 97.7K
An open-source AI agent that brings the power of Gemini directly into your terminal.
🤖 AI/LLM TypeScript
context7 ★ 49.0K
Context7 Platform -- Up-to-date code documentation for LLMs and AI code editors
🤖 AI/LLM TypeScript
litellm ★ 43.7K
Python SDK, Proxy Server (AI Gateway) to call 100+ LLM APIs in OpenAI (or native) format, with cost tracking,...
🤖 AI/LLM Python
LocalAI ★ 43.6K
The free, Open Source alternative to OpenAI, Claude and others. Self-hosted and local-first. Drop-in replacement, ...
🤖 AI/LLM Go