{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"smithery_toan203-osv-ui-mcp","slug":"toan203-osv-ui-mcp","name":"osv-ui-mcp","type":"mcp","url":"https://github.com/toan203/osv-ui/","page_url":"https://unfragile.ai/toan203-osv-ui-mcp","categories":["mcp-servers","code-review-security","app-builders"],"tags":["mcp","model-context-protocol","smithery:toan203/osv-ui-mcp"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"smithery_toan203-osv-ui-mcp__cap_0","uri":"capability://data.processing.analysis.cve.scanning.and.auditing.for.multiple.languages","name":"cve scanning and auditing for multiple languages","description":"This capability allows users to scan their codebases in npm, Python, Go, and Rust for known vulnerabilities using the OSV.dev database. It integrates with Claude/Cursor to initiate scans and opens a browser-based UI for human review, ensuring that developers can manually confirm any identified vulnerabilities before applying fixes. This approach emphasizes a human-in-the-loop model for critical security decisions, distinguishing it from fully automated solutions.","intents":["How can I scan my npm project for known vulnerabilities?","What vulnerabilities exist in my Python codebase?","Can I review CVEs before applying any fixes to my Go application?"],"best_for":["developers managing security audits in multi-language projects"],"limitations":["Requires manual confirmation for fixes, which may slow down the remediation process."],"requires":["Node.js 14+","Access to OSV.dev API"],"input_types":["code","text"],"output_types":["structured data","text"],"categories":["data-processing-analysis","security-tools"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_toan203-osv-ui-mcp__cap_1","uri":"capability://data.processing.analysis.browser.based.vulnerability.review.interface","name":"browser-based vulnerability review interface","description":"This capability provides a web-based user interface that displays the results of CVE scans in an organized manner. It allows developers to review vulnerabilities in detail, including descriptions, severity levels, and suggested fixes. The interface is designed for clarity and ease of use, enabling quick decision-making on whether to apply fixes or not, which is crucial for maintaining code security.","intents":["How can I visually review vulnerabilities found in my code?","What details are available for each CVE detected in my project?","Can I easily navigate through vulnerabilities in my Rust application?"],"best_for":["security teams conducting detailed vulnerability assessments"],"limitations":["Dependent on a stable internet connection for UI access."],"requires":["Web browser","Access to OSV.dev API"],"input_types":["structured data"],"output_types":["HTML","text"],"categories":["data-processing-analysis","user-interface"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"smithery_toan203-osv-ui-mcp__cap_2","uri":"capability://automation.workflow.explicit.confirmation.for.applying.fixes","name":"explicit confirmation for applying fixes","description":"This capability ensures that any fixes for identified vulnerabilities are not applied automatically but require explicit confirmation from the user. This is implemented through a confirmation dialog in the browser UI that presents the proposed changes, allowing developers to review and approve each fix before it is executed. This design choice minimizes the risk of unintended consequences from automated patching.","intents":["How can I ensure that I approve all changes before they are made to my code?","What process is in place to confirm fixes for vulnerabilities?","Can I review proposed changes before applying them to my project?"],"best_for":["developers who prioritize security and manual oversight"],"limitations":["May slow down the remediation process due to required confirmations."],"requires":["Web browser","Access to OSV.dev API"],"input_types":["structured data"],"output_types":["text","code"],"categories":["automation-workflow","security-tools"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":32,"verified":false,"data_access_risk":"high","permissions":["Node.js 14+","Access to OSV.dev API","Web browser"],"failure_modes":["Requires manual confirmation for fixes, which may slow down the remediation process.","Dependent on a stable internet connection for UI access.","May slow down the remediation process due to required confirmations.","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.31,"ecosystem":0.6900000000000001,"match_graph":0.25,"freshness":0.6,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:28.139Z","last_scraped_at":"2026-05-03T15:19:25.721Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=toan203-osv-ui-mcp","compare_url":"https://unfragile.ai/compare?artifact=toan203-osv-ui-mcp"}},"signature":"lz5+0rs4zna7jz94Yl7UFBbDrooiXzsLjPLDRv5kczgRT/WHCjj1e0+LBA7sZr5Rw9x2u1n4WizF+OhE7LCCCQ==","signedAt":"2026-06-23T01:55:57.386Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/toan203-osv-ui-mcp","artifact":"https://unfragile.ai/toan203-osv-ui-mcp","verify":"https://unfragile.ai/api/v1/verify?slug=toan203-osv-ui-mcp","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}