mcp-osv-dev

OSV.dev — Google's open-source vulnerability database

Part of Pipeworx — an MCP gateway connecting AI agents to 250+ live data sources.

Tools

Tool	Description
vulnerabilities	Query vulnerabilities by package (+ optional version) or git commit.
query_batch	Batch query (≤1000 queries). Pass an array of {package: {name, ecosystem}, version?} or {commit}.
get	Full vulnerability record by id (CVE-…, GHSA-…, OSV-…).

Quick Start

Add to your MCP client (Claude Desktop, Cursor, Windsurf, etc.):

{
  "mcpServers": {
    "osv-dev": {
      "url": "https://gateway.pipeworx.io/osv-dev/mcp"
    }
  }
}

Or connect to the full Pipeworx gateway for access to all 250+ data sources:

{
  "mcpServers": {
    "pipeworx": {
      "url": "https://gateway.pipeworx.io/mcp"
    }
  }
}

Using with ask_pipeworx

Instead of calling tools directly, you can ask questions in plain English:

ask_pipeworx({ question: "your question about Osv Dev data" })

The gateway picks the right tool and fills the arguments automatically.

More

• All tools and guides
• pipeworx.io

License

MIT