McpMux
Back to Registry

Socket (npx) MCP Server

Community

Contributed by Socket

Query Socket.dev for dependency security scores, supply-chain risk, malware/typosquat threat feeds, and package metadata across npm, PyPI, Cargo, Maven, NuGet, RubyGems, Go, and more. Runs locally via npx.

Install with McpMuxSource CodeDocs

About the Socket (npx) MCP Server

The Socket (npx) MCP server is a local (stdio) Model Context Protocol server available in the McpMux registry. Query Socket.dev for dependency security scores, supply-chain risk, malware/typosquat threat feeds, and package metadata across npm, PyPI, Cargo, Maven, NuGet, RubyGems, Go, and more. Runs locally via npx. This is a community-contributed MCP server by Socket.

Install the Socket (npx) MCP server with one click using McpMux. It works with Cursor, Claude Desktop, Claude Code, VS Code, ChatGPT, Windsurf, JetBrains, and any MCP-compatible AI client. This server requires an API key — McpMux securely stores your credentials with AES-256-GCM encryption.

Transport Configuration

Transport Configuration
{
  "type": "stdio",
  "command": "npx",
  "args": [
    "-y",
    "@socketsecurity/mcp"
  ],
  "env": {
    "SOCKET_API_TOKEN": "${input:SOCKET_API_TOKEN}"
  },
  "metadata": {
    "inputs": [
      {
        "id": "SOCKET_API_TOKEN",
        "label": "Socket API Token",
        "description": "Socket.dev API token used to query dependency scores and security data. Only the 'packages:list' permission scope is required.",
        "type": "text",
        "required": true,
        "secret": true,
        "placeholder": "sktsec_****************************",
        "obtain": {
          "url": "https://socket.dev/dashboard/org/gh/settings/api-tokens",
          "instructions": "1. Sign in at https://socket.dev\n2. Go to your organization Settings > API Tokens\n3. Click 'New API Token'\n4. Grant the 'packages:list' scope\n5. Create and copy the token",
          "button_label": "Create API Token"
        }
      }
    ]
  }
}
Details
TransportLocal (stdio)
Hostinglocal
AuthAPI Key
Capabilities
Tools

Categories

SecurityDeveloper Tools

Tags

socketsecuritydependenciessupply-chainvulnerabilitiessca

Links

RepositoryHomepageDocumentation

Supported AI Clients

The Socket (npx) MCP server works with all MCP-compatible AI clients through McpMux:

CursorClaude DesktopClaude CodeVS CodeChatGPTWindsurfJetBrainsZedClineGemini CLIAmazon Q

Related MCP Servers

1Password (npx)

Access secrets from 1Password vaults. List vaults, retrieve items, and search for credentials using a service account token.

Aikido Security (npx)

Scan code and secrets with Aikido Security directly from your AI coding agent. Exposes Aikido's Code and Secrets Scan as an MCP tool returning machine-readable findings you can triage, fix, or ignore.

Auth0 (npx)

Manage your Auth0 tenant through natural language: applications, APIs (resource servers), actions, forms, and logs via the Auth0 Management API. Authentication uses an OAuth 2.0 device-authorization browser flow handled by the server; tokens are stored in your OS keychain.

Bitwarden (npx)

Securely access your Bitwarden vault and administer your organization through the Bitwarden CLI and Public API. Manage vault items, folders, collections, Sends, and password generation, plus organization members, groups, policies, and audit logs.

Codacy (npx)

Connect to Codacy to analyze code quality and security, run static analysis (SAST, secrets, dependency, and IaC scans), browse repositories, list issues, and surface coverage data from your Codacy account via npx.

DB Query Guard MCP

Governed database query review, SQL simulation, approvals, and audits as a paid remote MCP.

Install Socket (npx) with McpMux

One-click install from the McpMux desktop app. Auto-configures for Cursor, Claude, VS Code, ChatGPT, Windsurf, JetBrains, and any MCP-compatible client.

Install