OSS License Auditor

MCPOfficialOpen SourceNOASSERTION29.0

by vinkius-labs • Uncategorized

An MCP server that audits open-source package licenses against corporate policy to detect viral and unknown licenses before they enter the codebase.

Example Use Cases

1
Audit all dependencies of a project against corporate license policies before shipping.
2
Check the license of a single package before installation.
3
Trace and visualize the full license tree including transitive dependencies.

Description

This MCP server provides a deterministic license firewall by auditing dependencies using live SPDX-based license data fetched from the npm registry. It classifies licenses into categories such as permissive, copyleft, and unknown, applying corporate policies to block or warn about risky licenses. The server supports multiple tools for auditing full dependency trees, checking single packages, and viewing license policies, enabling developers and LLM clients to prevent legal contamination of proprietary codebases.

Quick Actions

View on GitHub

Security

Scanned 27 days ago

Risk Level

MINIMAL

Read-only data retrieval, no side effects

Trust Score

C51/100

8/17 checks passed

Scores are informational only and provided “as is” without warranty. AgentHotspot assumes no liability for actions taken based on these ratings.

Quick Stats

Service TypeMCP

Pricing ModelFree

Capabilities0 Tools / 0 Prompts / 0 Resources

Ownervinkius-labs

CategoryUncategorized

DependenciesStandalone