Install command
Provided
A Stop hook that runs npm audit, pip-audit, safety, or bundler-audit automatically at the end of every Claude Code session, detecting CVEs and outdated packages across Node.js, Python, and Ruby projects.
Open the source and read safety notes before installing.
Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
Decision playbook
Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.
0
78
—
No baseline selected
No major trust-signal divergence detected in the current selection.
Confirm ownership and provenance before trusting install instructions.
Source link availableRequired
Open the canonical repository and verify ownership.
Source provenance statusRequired
Marked as source-backed.
Metadata reviewed
Registry metadata indicates a reviewed listing.
Validate risk disclosures before installation or API wiring.
Safety notes presentRequired
Review the listed safety guidance before running commands.
Privacy notes presentRequired
Review data handling notes before connecting accounts or secrets.
Trust level risk gateRequired
Trust level does not block evaluation.
Check package metadata and artifact integrity signals.
Install payload available
Install or copy payload is available for review.
Package verification flag
No package verification flag provided.
Checksum metadata
No checksum provided for downloaded artifact.
Use compare context to validate trade-offs before adoption.
Compare tray has multiple entries
Add at least one more entry to compare trust differences.
Baseline comparison available
No baseline peer selected yet.
Diverging trust signals identified
No major trust-signal divergence found.
Setup at a glance
Copy-ready — paste the snippet to get started.
Install command
Provided
Config snippet
Provided
Copy snippet
Provided
Prerequisites
None
Platforms
1 listed
Difficulty
0/100
Adoption plan
Current risk score 16/100. Use staged verification before broader rollout.
Validate source and review signals before any execution.
Confirm source provenanceRequired
Source URL/provenance metadata is present.
Confirm metadata review state
Listing has review metadata.
Verify install payload
Install/config payload exists and can be inspected.
Confirm safety, privacy, and package integrity signals.
Review safety notesRequired
Safety notes are present.
Review privacy notesRequired
Privacy notes are present.
Verify package integrity metadata
No package verification/checksum metadata.
Adopt in controlled steps based on the selected plan.
Run in isolated sandbox firstRequired
Use a constrained sandbox and observe behavior across multiple tasks.
Roll out graduallyRequired
Roll out to a small cohort before wider usage.
Set monitoring and fallback
Define rollback path and monitor errors after adoption.
Evidence readiness
Required evidence gates are covered (5/6 signals complete).
Source repository/provenance is listed.
Required in this preset
Review metadata is present.
Required in this preset
Safety notes are present.
Required in this preset
Privacy notes are present.
Optional in this preset
Package integrity metadata is missing.
Optional in this preset
Install payload is available.
Required in this preset
Required evidence gates are covered for this preset.
Decision timeline
5/6 steps complete with no blocking gaps for this preset.
triage
Source/provenance metadata is available.
triage
Review metadata is available.
verify
Safety notes are available.
verify
Privacy notes are available.
verify
Package integrity metadata is missing.
rollout
Install payload is available.
No required blockers for this timeline preset.
Safety & privacy surface
3 safety and 3 privacy notes across 4 risk areas. Review closely: credentials & tokens.
#!/usr/bin/env bash
echo "🔒 DEPENDENCY SECURITY AUDIT" >&2
echo "===========================" >&2
# Generate timestamp for report
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
REPORT_FILE="security-audit-$TIMESTAMP.log"
# Initialize report
echo "Dependency Security Audit Report - $TIMESTAMP" > "$REPORT_FILE"
echo "=============================================" >> "$REPORT_FILE"
echo "" >> "$REPORT_FILE"
# Node.js projects (NPM)
if [ -f "package-lock.json" ]; then
echo "📦 NPM Project Detected - Running audit..." >&2
echo "NPM AUDIT RESULTS" >> "$REPORT_FILE"
echo "-----------------" >> "$REPORT_FILE"
if command -v npm &> /dev/null; then
# Run npm audit with detailed output
NPM_AUDIT_OUTPUT=$(npm audit --audit-level=moderate 2>&1)
if echo "$NPM_AUDIT_OUTPUT" | grep -q "found 0 vulnerabilities"; then
echo "✅ No vulnerabilities found in NPM dependencies" >&2
echo "✅ No vulnerabilities found" >> "$REPORT_FILE"
else
VULN_COUNT=$(echo "$NPM_AUDIT_OUTPUT" | grep -o '[0-9]\+ vulnerabilities' | head -1 || echo "unknown vulnerabilities")
echo "⚠️ NPM audit found: $VULN_COUNT" >&2
echo "$NPM_AUDIT_OUTPUT" >> "$REPORT_FILE"
fi
echo "" >> "$REPORT_FILE"
echo "OUTDATED PACKAGES" >> "$REPORT_FILE"
echo "-----------------" >> "$REPORT_FILE"
# Check for outdated packages
OUTDATED_OUTPUT=$(npm outdated 2>/dev/null || echo "All packages up to date")
echo "$OUTDATED_OUTPUT" >> "$REPORT_FILE"
if [ "$OUTDATED_OUTPUT" = "All packages up to date" ]; then
echo "✅ All NPM packages are up to date" >&2
else
OUTDATED_COUNT=$(echo "$OUTDATED_OUTPUT" | wc -l)
echo "📊 Found $OUTDATED_COUNT outdated NPM packages" >&2
fi
else
echo "⚠️ npm command not available" >&2
fi
# Yarn projects
elif [ -f "yarn.lock" ]; then
echo "🧶 Yarn Project Detected - Running audit..." >&2
echo "YARN AUDIT RESULTS" >> "$REPORT_FILE"
echo "------------------" >> "$REPORT_FILE"
if command -v yarn &> /dev/null; then
YARN_AUDIT_OUTPUT=$(yarn audit --level moderate 2>&1 || echo "Yarn audit completed")
echo "$YARN_AUDIT_OUTPUT" >> "$REPORT_FILE"
if echo "$YARN_AUDIT_OUTPUT" | grep -q "0 vulnerabilities"; then
echo "✅ No vulnerabilities found in Yarn dependencies" >&2
else
echo "⚠️ Yarn audit found potential issues" >&2
fi
else
echo "⚠️ yarn command not available" >&2
fi
# Python projects
elif [ -f "requirements.txt" ] || [ -f "Pipfile" ] || [ -f "pyproject.toml" ]; then
echo "🐍 Python Project Detected - Running security check..." >&2
echo "PYTHON SECURITY CHECK" >> "$REPORT_FILE"
echo "--------------------" >> "$REPORT_FILE"
# Try safety first (recommended for Python security scanning)
if command -v safety &> /dev/null; then
echo "🔍 Running Safety security scanner..." >&2
SAFETY_OUTPUT=$(safety check --json 2>/dev/null || safety check 2>/dev/null || echo "Safety check completed")
echo "$SAFETY_OUTPUT" >> "$REPORT_FILE"
if echo "$SAFETY_OUTPUT" | grep -q "No known security vulnerabilities"; then
echo "✅ No known security vulnerabilities in Python dependencies" >&2
else
echo "⚠️ Safety scan found potential security issues" >&2
fi
else
echo "💡 Install 'safety' for Python security scanning: pip install safety" >&2
echo "safety not installed - using pip list --outdated" >> "$REPORT_FILE"
fi
echo "" >> "$REPORT_FILE"
echo "OUTDATED PYTHON PACKAGES" >> "$REPORT_FILE"
echo "------------------------" >> "$REPORT_FILE"
if command -v pip &> /dev/null; then
PIP_OUTDATED=$(pip list --outdated 2>/dev/null || echo "Unable to check outdated packages")
echo "$PIP_OUTDATED" >> "$REPORT_FILE"
OUTDATED_COUNT=$(echo "$PIP_OUTDATED" | wc -l)
echo "📊 Found $OUTDATED_COUNT potentially outdated Python packages" >&2
fi
# Ruby projects
elif [ -f "Gemfile.lock" ]; then
echo "💎 Ruby Project Detected - Running bundle audit..." >&2
echo "RUBY BUNDLE AUDIT" >> "$REPORT_FILE"
echo "-----------------" >> "$REPORT_FILE"
if command -v bundle &> /dev/null; then
# Check if bundler-audit is available
if bundle exec bundler-audit --version &> /dev/null; then
BUNDLE_AUDIT_OUTPUT=$(bundle exec bundler-audit check 2>&1 || echo "Bundle audit completed")
echo "$BUNDLE_AUDIT_OUTPUT" >> "$REPORT_FILE"
if echo "$BUNDLE_AUDIT_OUTPUT" | grep -q "No vulnerabilities found"; then
echo "✅ No vulnerabilities found in Ruby gems" >&2
else
echo "⚠️ Bundle audit found potential issues" >&2
fi
else
echo "💡 Install bundler-audit: gem install bundler-audit" >&2
echo "bundler-audit not installed" >> "$REPORT_FILE"
fi
else
echo "⚠️ bundle command not available" >&2
fi
else
echo "📁 No recognized dependency files found" >&2
echo "No package manager files detected (package.json, requirements.txt, Gemfile, etc.)" >> "$REPORT_FILE"
fi
echo "" >> "$REPORT_FILE"
echo "Report generated at: $(date)" >> "$REPORT_FILE"
echo "===========================" >&2
echo "📄 Full security audit report saved to: $REPORT_FILE" >&2
echo "💡 Review the report for detailed vulnerability information" >&2
exit 0{
"hooks": {
"stop": {
"script": "./.claude/hooks/dependency-security-audit-on-stop.sh"
}
}
}.claude/settings.local.json~/.claude/settings.json.claude/settings.json{
"hooks": {
"stop": {
"script": "./.claude/hooks/dependency-security-audit-on-stop.sh"
}
}
}
#!/usr/bin/env bash
echo "🔒 DEPENDENCY SECURITY AUDIT" >&2
echo "===========================" >&2
# Generate timestamp for report
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
REPORT_FILE="security-audit-$TIMESTAMP.log"
# Initialize report
echo "Dependency Security Audit Report - $TIMESTAMP" > "$REPORT_FILE"
echo "=============================================" >> "$REPORT_FILE"
echo "" >> "$REPORT_FILE"
# Node.js projects (NPM)
if [ -f "package-lock.json" ]; then
echo "📦 NPM Project Detected - Running audit..." >&2
echo "NPM AUDIT RESULTS" >> "$REPORT_FILE"
echo "-----------------" >> "$REPORT_FILE"
if command -v npm &> /dev/null; then
# Run npm audit with detailed output
NPM_AUDIT_OUTPUT=$(npm audit --audit-level=moderate 2>&1)
if echo "$NPM_AUDIT_OUTPUT" | grep -q "found 0 vulnerabilities"; then
echo "✅ No vulnerabilities found in NPM dependencies" >&2
echo "✅ No vulnerabilities found" >> "$REPORT_FILE"
else
VULN_COUNT=$(echo "$NPM_AUDIT_OUTPUT" | grep -o '[0-9]\+ vulnerabilities' | head -1 || echo "unknown vulnerabilities")
echo "⚠️ NPM audit found: $VULN_COUNT" >&2
echo "$NPM_AUDIT_OUTPUT" >> "$REPORT_FILE"
fi
echo "" >> "$REPORT_FILE"
echo "OUTDATED PACKAGES" >> "$REPORT_FILE"
echo "-----------------" >> "$REPORT_FILE"
# Check for outdated packages
OUTDATED_OUTPUT=$(npm outdated 2>/dev/null || echo "All packages up to date")
echo "$OUTDATED_OUTPUT" >> "$REPORT_FILE"
if [ "$OUTDATED_OUTPUT" = "All packages up to date" ]; then
echo "✅ All NPM packages are up to date" >&2
else
OUTDATED_COUNT=$(echo "$OUTDATED_OUTPUT" | wc -l)
echo "📊 Found $OUTDATED_COUNT outdated NPM packages" >&2
fi
else
echo "⚠️ npm command not available" >&2
fi
# Yarn projects
elif [ -f "yarn.lock" ]; then
echo "🧶 Yarn Project Detected - Running audit..." >&2
echo "YARN AUDIT RESULTS" >> "$REPORT_FILE"
echo "------------------" >> "$REPORT_FILE"
if command -v yarn &> /dev/null; then
YARN_AUDIT_OUTPUT=$(yarn audit --level moderate 2>&1 || echo "Yarn audit completed")
echo "$YARN_AUDIT_OUTPUT" >> "$REPORT_FILE"
if echo "$YARN_AUDIT_OUTPUT" | grep -q "0 vulnerabilities"; then
echo "✅ No vulnerabilities found in Yarn dependencies" >&2
else
echo "⚠️ Yarn audit found potential issues" >&2
fi
else
echo "⚠️ yarn command not available" >&2
fi
# Python projects
elif [ -f "requirements.txt" ] || [ -f "Pipfile" ] || [ -f "pyproject.toml" ]; then
echo "🐍 Python Project Detected - Running security check..." >&2
echo "PYTHON SECURITY CHECK" >> "$REPORT_FILE"
echo "--------------------" >> "$REPORT_FILE"
# Try safety first (recommended for Python security scanning)
if command -v safety &> /dev/null; then
echo "🔍 Running Safety security scanner..." >&2
SAFETY_OUTPUT=$(safety check --json 2>/dev/null || safety check 2>/dev/null || echo "Safety check completed")
echo "$SAFETY_OUTPUT" >> "$REPORT_FILE"
if echo "$SAFETY_OUTPUT" | grep -q "No known security vulnerabilities"; then
echo "✅ No known security vulnerabilities in Python dependencies" >&2
else
echo "⚠️ Safety scan found potential security issues" >&2
fi
else
echo "💡 Install 'safety' for Python security scanning: pip install safety" >&2
echo "safety not installed - using pip list --outdated" >> "$REPORT_FILE"
fi
echo "" >> "$REPORT_FILE"
echo "OUTDATED PYTHON PACKAGES" >> "$REPORT_FILE"
echo "------------------------" >> "$REPORT_FILE"
if command -v pip &> /dev/null; then
PIP_OUTDATED=$(pip list --outdated 2>/dev/null || echo "Unable to check outdated packages")
echo "$PIP_OUTDATED" >> "$REPORT_FILE"
OUTDATED_COUNT=$(echo "$PIP_OUTDATED" | wc -l)
echo "📊 Found $OUTDATED_COUNT potentially outdated Python packages" >&2
fi
# Ruby projects
elif [ -f "Gemfile.lock" ]; then
echo "💎 Ruby Project Detected - Running bundle audit..." >&2
echo "RUBY BUNDLE AUDIT" >> "$REPORT_FILE"
echo "-----------------" >> "$REPORT_FILE"
if command -v bundle &> /dev/null; then
# Check if bundler-audit is available
if bundle exec bundler-audit --version &> /dev/null; then
BUNDLE_AUDIT_OUTPUT=$(bundle exec bundler-audit check 2>&1 || echo "Bundle audit completed")
echo "$BUNDLE_AUDIT_OUTPUT" >> "$REPORT_FILE"
if echo "$BUNDLE_AUDIT_OUTPUT" | grep -q "No vulnerabilities found"; then
echo "✅ No vulnerabilities found in Ruby gems" >&2
else
echo "⚠️ Bundle audit found potential issues" >&2
fi
else
echo "💡 Install bundler-audit: gem install bundler-audit" >&2
echo "bundler-audit not installed" >> "$REPORT_FILE"
fi
else
echo "⚠️ bundle command not available" >&2
fi
else
echo "📁 No recognized dependency files found" >&2
echo "No package manager files detected (package.json, requirements.txt, Gemfile, etc.)" >> "$REPORT_FILE"
fi
echo "" >> "$REPORT_FILE"
echo "Report generated at: $(date)" >> "$REPORT_FILE"
echo "===========================" >&2
echo "📄 Full security audit report saved to: $REPORT_FILE" >&2
echo "💡 Review the report for detailed vulnerability information" >&2
exit 0
Complete hook script that performs security audit when session ends
#!/usr/bin/env bash
echo "Dependency Security Audit" >&2
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
REPORT_FILE="security-audit-$TIMESTAMP.log"
echo "Dependency Security Audit Report - $TIMESTAMP" > "$REPORT_FILE"
if [ -f "package-lock.json" ]; then
if command -v npm &> /dev/null; then
echo "NPM Project Detected - Running audit..." >&2
NPM_AUDIT_OUTPUT=$(npm audit --audit-level=moderate 2>&1)
if echo "$NPM_AUDIT_OUTPUT" | grep -q "found 0 vulnerabilities"; then
echo "No vulnerabilities found in NPM dependencies" >&2
echo "No vulnerabilities found" >> "$REPORT_FILE"
else
VULN_COUNT=$(echo "$NPM_AUDIT_OUTPUT" | grep -o '[0-9]\\+ vulnerabilities' | head -1 || echo "unknown vulnerabilities")
echo "NPM audit found: $VULN_COUNT" >&2
echo "$NPM_AUDIT_OUTPUT" >> "$REPORT_FILE"
fi
fi
fi
echo "Report generated at: $(date)" >> "$REPORT_FILE"
echo "Full security audit report saved to: $REPORT_FILE" >&2
exit 0
Enhanced hook script for Python security auditing using pip-audit or safety
#!/usr/bin/env bash
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
REPORT_FILE="security-audit-$TIMESTAMP.log"
if [ -f "requirements.txt" ] || [ -f "pyproject.toml" ]; then
if command -v pip-audit &> /dev/null; then
echo "Running pip-audit for Python security scanning..." >&2
pip-audit --format=json 2>/dev/null | jq '.' >> "$REPORT_FILE" || pip-audit >> "$REPORT_FILE"
elif command -v safety &> /dev/null; then
echo "Running Safety security scanner..." >&2
safety check --json 2>/dev/null | jq '.' >> "$REPORT_FILE" || safety check >> "$REPORT_FILE"
else
echo "Install pip-audit or safety for Python security scanning" >&2
fi
fi
exit 0
Enhanced hook script for Ruby security auditing using bundler-audit
#!/usr/bin/env bash
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
REPORT_FILE="security-audit-$TIMESTAMP.log"
if [ -f "Gemfile.lock" ]; then
if command -v bundle &> /dev/null; then
if bundle exec bundler-audit --version &> /dev/null; then
echo "Running bundle audit for Ruby gems..." >&2
bundle exec bundler-audit check 2>&1 >> "$REPORT_FILE" || echo "Bundle audit completed" >> "$REPORT_FILE"
if grep -q "No vulnerabilities found" "$REPORT_FILE"; then
echo "No vulnerabilities found in Ruby gems" >&2
else
echo "Bundle audit found potential issues" >&2
fi
else
echo "Install bundler-audit: gem install bundler-audit" >&2
fi
fi
fi
exit 0
Enhanced hook script for detecting outdated packages across package managers
#!/usr/bin/env bash
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
REPORT_FILE="security-audit-$TIMESTAMP.log"
if [ -f "package.json" ]; then
if command -v npm &> /dev/null; then
echo "Checking for outdated NPM packages..." >&2
OUTDATED_OUTPUT=$(npm outdated 2>/dev/null || echo "All packages up to date")
echo "$OUTDATED_OUTPUT" >> "$REPORT_FILE"
if [ "$OUTDATED_OUTPUT" != "All packages up to date" ]; then
OUTDATED_COUNT=$(echo "$OUTDATED_OUTPUT" | wc -l)
echo "Found $OUTDATED_COUNT outdated NPM packages" >&2
fi
fi
fi
exit 0
Configure REPORT_FILE path to use dedicated logs directory: .claude/logs/security-audit-$TIMESTAMP.log. Add security-audit-*.log pattern to .gitignore to prevent repository clutter. Implement log rotation to manage report file growth.
Ensure package manager operations complete before session ends. Hook runs after Claude stops, so install commands in active session will not conflict with audit timing. Wait for package manager processes to complete before session termination.
Set npm config registry timeout: npm config set timeout 30000. Add timeout wrapper around audit commands: timeout 60 npm audit. Check network connectivity before running audit. Use npm audit --offline for cached vulnerability data.
Update safety vulnerability database: safety check --update-db. Install latest version: pip install --upgrade safety. Verify safety database is accessible. Consider using pip-audit 2.7.x+ as alternative with better database management.
Update npm to version 10.x+ for --audit-level flag support. For older versions, remove --audit-level parameter and parse full audit output using grep for severity filtering. Check package manager version: npm --version or yarn --version.
Configure pip-audit to exclude dev dependencies: pip-audit --exclude-dev. Review pip-audit configuration for project-specific exclusions. Use --skip-editable flag for editable installs. Verify pip-audit 2.7.x+ version for improved accuracy.
Run bundle install before audit: bundle install && bundle exec bundler-audit check. Ensure Gemfile.lock is up to date. Verify bundler-audit is installed: gem install bundler-audit. Check Ruby version compatibility.
Verify OWASP dep-scan installation: dep-scan --version. Check PATH includes dep-scan binary location. Use full path to dep-scan if not in PATH. Verify Python environment has dep-scan installed: pip show dep-scan.
Show that Dependency Security Audit is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/hooks/dependency-security-audit-on-stop)Dependency Security Audit side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
2 trust signals differ across this comparison (Source provenance, Submitter).
| Field | A Stop hook that runs npm audit, pip-audit, safety, or bundler-audit automatically at the end of every Claude Code session, detecting CVEs and outdated packages across Node.js, Python, and Ruby projects. Open dossier | Scans for security vulnerabilities when package.json or requirements.txt files are modified. Open dossier | Automatically checks for outdated dependencies and suggests updates with security analysis. This PostToolUse hook triggers when dependency manifest files (package.json, requirements.txt, Gemfile, go.mod, Cargo.toml, pyproject.toml) are modified, providing real-time dependency health monitoring. Open dossier | PostToolUse hook that flags risky package-lock.json, yarn.lock, and pnpm-lock.yaml edits: missing lockfile updates, unexpected registry hosts, and dependency count spikes before merge. Open dossier |
|---|---|---|---|---|
| Next steps | ||||
| Trust | ||||
| Review status | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed |
| Package trust | Package not verified | Package not verified | Package not verified | Package not verified |
| Source provenanceDiffers | Source-backed | Source-backed | Source-backed | Submission linkedSource submission |
| SubmitterDiffers | — | — | — | kiannidev |
| Install risk | Review first | Review first | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | — | — | — | — |
| Category | hooks | hooks | hooks | hooks |
| Source | source-backed | source-backed | source-backed | source-backed |
| Author | JSONbored | JSONbored | JSONbored | kiannidev |
| Added | 2025-09-19 | 2025-09-19 | 2025-09-16 | 2026-06-17 |
| Platforms | Claude Code | Claude Code | Claude Code | Claude Code |
| Source repo | — | — | — | — |
| Safety notes | ✓Runs automatically at session end and invokes local package-manager audit tools when dependency lockfiles are present. May contact package registries or vulnerability advisory services through npm, yarn, safety, pip, or bundler-audit. Writes a timestamped security-audit log in the current working directory. | ✓Runs automatically on its configured Claude Code hook event and executes shell logic that can read, modify, or delete files in your project (and may run builds, installs, or network calls); review the script and scope it to expected paths before enabling. | ✓Runs automatically on its configured Claude Code hook event and executes shell logic that can read, modify, or delete files in your project (and may run builds, installs, or network calls); review the script and scope it to expected paths before enabling. | ✓Read-only advisory hook; it does not block writes unless you wrap it with strict exit handling. Does not substitute for npm audit, OSV scans, or CI dependency review. |
| Privacy notes | ✓Reads dependency manifests and lockfiles to identify package managers and audit targets. The generated audit log may include package names, versions, vulnerability identifiers, and remediation output. External audit tools may send package metadata to their configured registries or advisory services. | ✓Receives Claude Code hook input (session metadata, file paths, and tool output) and reads local project files; review what the script logs or forwards to external services and keep credentials out of its output. | ✓Receives Claude Code hook input (session metadata, file paths, and tool output) and reads local project files; review what the script logs or forwards to external services and keep credentials out of its output. | ✓Lockfile paths and registry hostnames are printed locally to stderr for the active session. |
| Prerequisites | — none listed | — none listed | — none listed |
|
| Install | | | | |
| Config | | | | |
| Citations | ||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
Source-backed guides for putting this to work.
Audit MCP client configuration before sharing it with a team.
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.