Choose a path.

Use MCP mode for always-on gating before installs, or run CLI audits for one-off dependency checks. Both paths use the same release binary.

MCP integration CLI audit mode Windows + macOS/Linux

MCP Integration (Recommended)CLI Audit Only

Use this when an editor or agent should call safe-pkgs before installs.

1. Build release binary

cargo build --release

2. Run MCP server

macOS / LinuxWindows PowerShell

./target/release/safe-pkgs serve --mcp

.\target\release\safe-pkgs.exe serve --mcp

3. Add MCP client config

{
  "servers": {
    "safe-pkgs": {
      "type": "stdio",
      "command": "/path/to/safe-pkgs",
      "args": ["serve", "--mcp"]
    }
  },
  "inputs": []
}

Use this when you only want local dependency checks without running MCP transport.

1. Build release binary

macOS / LinuxWindows PowerShell

cargo build --release

cargo build --release

2. Run audit

macOS / LinuxWindows PowerShell

./target/release/safe-pkgs audit /path/to/project-or-lockfile

.\target\release\safe-pkgs.exe audit C:\path\to\project-or-lockfile