// SCAN REPORT

Depguard

14 tools. 1 can modify or destroy data without limits.

1 write tool that can modify data. Rate limits recommended.

Last updated:

1 can modify or destroy data
13 read-only
14 tools total

Community server · catalogue entry verified 12/06/2026

How to control Depguard ↓

TOOL MAP

What Depguard exposes to your agents

Read (13) Write / Execute (1) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
High Risk

The most dangerous Depguard tools

Execute · High depguard_audit This tool actively downloads external content (a tarball from npm), executes static analysis on it, and queries multiple external services (npm, GitHub Advisory).

1 of Depguard's 14 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Depguard

PolicyLayer is an MCP gateway — it sits between your AI agents and Depguard, and nothing reaches the server without passing your rules. These are the rules we recommend:

Cap read operations
{
  "depguard_remediate": {
    "limits": [
      {
        "counter": "depguard_remediate_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Depguard — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON DEPGUARD →

Free to start. No card required.

FULL CATALOGUE

All 14 Depguard tools

EXECUTE 1 tools
Execute depguard_audit Deep security audit of a single npm package. Downloads the tarball, scans source code for malware, checks vuln
READ 13 tools
Read depguard_remediate Build a remediation plan for a project with known vulnerabilities. Reads package.json + lock file, runs the sa Read depguard_audit_project Audit ALL dependencies in a project at once. Scans direct deps (full audit), transitive deps from lock file (v Read depguard_search Search npm for packages by keywords, sorted by depguard quality score. Use when you need to find packages but Read depguard_verify Quick check if a package name exists on npm + typosquatting detection. Faster than depguard_guard when you onl Read depguard_audit_bulk Audit multiple packages in one call. Accepts an array of names or a dependencies object from package.json. Use Read depguard_audit_deep Audit the full transitive dependency tree of a package. Crawls all nested dependencies recursively and aggrega Read depguard_audit_workspace MANDATORY: call this AFTER cloning a repository and BEFORE opening it in any IDE (VS Code, Cursor, JetBrains, Read depguard_guard MANDATORY: call this BEFORE running npm install, yarn add, or pnpm add — whether the user asked for the packag Read depguard_review Call this AFTER making significant code changes or before the user commits. Scans source files for issues you Read depguard_sbom Generate a CycloneDX 1.6 Software Bill of Materials (SBOM) for an npm project. Reads package.json + lock file Read depguard_score Quick 0-100 quality score for a package. Faster than depguard_audit when you only need the score. Critical vul Read depguard_should_use When you need functionality (e.g. Read depguard_sweep Find unused npm packages in the project. Scans source files for imports and cross-references with package.json
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
automation
Mcp Afip 1300 tools
automation
Mcp Ap2 1300 tools
automation
BNB Chain MCP 1240 tools
automation
Nodebench 824 tools
automation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
automation
Amazon Data Processing MCP Server 805 tools
automation
Amazon ECS MCP Server 805 tools
automation
FAQ

Questions about Depguard

Is the Depguard MCP server safe to use without restrictions? +

The Depguard server is primarily read-only with 13 read tools. While it cannot modify data, an agent in a retry loop can make thousands of API calls per minute, exhausting rate limits and running up costs. Rate limiting is still recommended.

How many tools does the Depguard MCP server expose? +

14 tools across 3 categories: Execute, Read, Write. 13 are read-only. 1 can modify, create, or delete data.

How do I enforce a policy on Depguard? +

Register the Depguard MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Depguard tool call.

Deterministic rules across all 14 Depguard tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON DEPGUARD →

Free to start. No card required.

14 Depguard tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.