GhostFree✓
io.github.shane-js/ghostfree · v0.2.0
{}server.json
The full server descriptor as registered with IndusMCP.
{
"$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
"name": "io.github.shane-js/ghostfree",
"description": "MCP server that scans your repo's dependencies for security vulnerabilities based on published CVEs.",
"title": "GhostFree",
"repository": {
"url": "https://github.com/shane-js/ghostfree",
"source": "github"
},
"version": "0.2.0",
"websiteUrl": "https://github.com/shane-js/ghostfree#readme",
"icons": [
{
"src": "https://raw.githubusercontent.com/shane-js/ghostfree/main/icon.png",
"mimeType": "image/png",
"sizes": [
"512x512"
]
}
],
"packages": [
{
"registryType": "npm",
"identifier": "ghostfree",
"version": "0.2.0",
"runtimeHint": "npx",
"transport": {
"type": "stdio"
},
"runtimeArguments": [
{
"value": "-y",
"type": "positional"
}
],
"packageArguments": [
{
"description": "Absolute path to the repository to scan for vulnerable dependencies.",
"isRequired": true,
"format": "filepath",
"type": "named",
"name": "--repo-path"
}
],
"environmentVariables": [
{
"description": "Override the directory where GhostFree stores its data files (accepted-risks.yml, config.yml). Defaults to .ghostfree/ in the scanned repository root.",
"format": "filepath",
"name": "GHOSTFREE_DIR"
},
{
"description": "Minimum CVE severity level to surface. One of: CRITICAL, HIGH, MEDIUM (default), LOW.",
"format": "string",
"default": "MEDIUM",
"choices": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW"
],
"name": "GHOSTFREE_MIN_SEVERITY"
},
{
"description": "Optional NVD API key for higher rate limits when enriching CVE details. Free to request at https://nvd.nist.gov/developers/request-an-api-key.",
"format": "string",
"isSecret": true,
"name": "NVD_API_KEY"
}
]
}
],
"_meta": {
"dev.indusmcp/source": "official-registry-mirror",
"dev.indusmcp/synced": "2026-05-12"
}
}