silvermete0r/local_mcp_pypi_packages_audit
If you are the rightful owner of local_mcp_pypi_packages_audit and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
The Local PyPI MCP Audit is a Gradio-based server designed to audit local Python packages for security vulnerabilities using Bandit and AST-based static analysis, providing interactive HTML security reports.
🛡️ Local PyPI MCP Audit
Gradio-based MCP server for auditing local Python packages using Bandit and AST-based static analysis. Generates interactive HTML security reports with severity charts.
Gradio MCP Hackathon 2025 - 8-10 June, 2025 - mcp-server-track
✨ Features
- 🔍 Bandit security scans
- 🧠 AST-based code risk analysis
- 📊 HTML reports with charts
- 🧩 MCP endpoint for LLM integration
🚀 How to Use
Recommended: Run in your local environment to test Python packages installed on your system for possible vulnerabilities.
-
Run the Server:
python app.py -
Access the Web Interface: Open your browser and go to
http://localhost:7860. -
User Instructions:
- Enter package names (comma-separated), or leave blank to scan all installed packages.
- Click Run Audit.
- Download the HTML report.
🔗 MCP Endpoint
Use this in your MCP Client:
{
"mcpServers": {
"gradio": {
"command": "npx",
"args": [
"mcp-remote",
"http://localhost:7860/gradio_api/mcp/sse"
]
}
}
}