io.github.andysalvo/supership-scan

io.github.andysalvo/supership-scan·v1.1.0·Security

Quality Score

/100

Predeploy security scanner. 80+ patterns. Runs locally. Optional x402 attestation.

Repository →

§00 Trust verdict · v1 advisory · method

UNVERIFIEDno verdict on file

Verdict not yet evaluated for this tool. The hybrid eval runs adversarial cases first; coverage rolls out as the corpus expands. Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: hybrid eval, four-state verdict, honest limits.

§01 Install

Claude Desktop (claude_desktop_config.json)

{
  "mcpServers": {
    "supership-scan": {
      "command": "npx",
      "args": [
        "-y",
        "supership-scan"
      ],
      "env": {
        "SUPERSHIP_URL": "<supership_url>"
      }
    }
  }
}

Cursor (.cursor/mcp.json)

{
  "mcpServers": {
    "supership-scan": {
      "command": "npx",
      "args": [
        "-y",
        "supership-scan"
      ],
      "env": {
        "SUPERSHIP_URL": "<supership_url>"
      }
    }
  }
}

Cline (cline_mcp_settings.json)

npx -y supership-scan

§02 Environment variables

SUPERSHIP_URL

URL of the supership attestation server (optional, defaults to supership.crestsystems.ai)

§03 MCP Quality Score · methodology

freshness

completeness

installability

documentation

stability

§04 Alternatives in Security

Helixar Security

ai.helixar/mcp

Security tools for AI agents: scan MCP servers, validate HDP delegation chains, audit releases.

ai.smithery/Nekzus-npm-sentinel-mcp

Provide AI-powered real-time analysis and intelligence on NPM packages, including security, depend…

app.zenable/zenable

Zenable cleans up sloppy AI code and prevents vulnerabilities with deterministic guardrails