Integrate

Add DepScope to your AI agent

One line in your config. No signup, no API key. Works with every major agent and CI.

Free · no auth

Install in 1 click

No JSON to edit. Click the button for your IDE.

22 tools · zero auth

Add to Cursor

Opens Cursor → auto-installs.

Claude Code

Run this once in any terminal.

VS Code (.vscode/mcp.json)

Drop-in workspace config.

Claude Desktop, Windsurf, Cline, Continue, ChatGPT, Aider — full snippets below.

MCP server (Claude Code / Desktop / Cursor)

Install via npm. 22 consolidated tools for package intelligence (incl. get_package_prompt, scan_project, get_migration_path), zero config.

# Claude Code (one-liner — local stdio)
claude mcp add depscope -- npx -y depscope-mcp

# Remote MCP (no install, recommended)
# Add to ~/.claude/mcp_servers.json or Cursor mcp.json:
{
  "mcpServers": {
    "depscope": { "url": "https://mcp.depscope.dev/mcp" }
  }
}

# 22 consolidated tools available. Most-used for AI agents:
#   get_package_prompt — 300-token package verdict (token-saver)
#   scan_project       — one-call audit for N packages (any ecosystem)
#   get_migration_path — code diff to migrate deprecated → modern

Claude Code

Add one line to CLAUDE.md or MEMORY.md.

CLAUDE.md

## DEPSCOPE — Before any install: curl depscope.dev/api/check/{eco}/{pkg}

Cursor

Add to your .cursorrules file.

.cursorrules

Before any install: curl depscope.dev/api/check/{eco}/{pkg} — if deprecated, curl depscope.dev/api/alternatives/{eco}/{pkg}. No auth, free.

Windsurf / Codeium

Add to .windsurfrules or project instructions.

.windsurfrules

Before any install: curl depscope.dev/api/check/{eco}/{pkg}

Any AI agent (curl / HTTP)

Just call the API. No auth, no signup.

# Check a package
curl https://depscope.dev/api/check/npm/express

# Compare packages
curl https://depscope.dev/api/compare/npm/express,fastify,hono

# Scan entire project
curl -X POST https://depscope.dev/api/scan \
  -H "Content-Type: application/json" \
  -d '{"ecosystem":"npm","packages":{"express":"*","lodash":"*"}}'

ChatGPT

Direct link: https://chatgpt.com/g/g-69e02d12226c8191a7f24f3a8481bc4e-depscope. Or OpenAPI spec:

https://depscope.dev/openapi-gpt.json

CLI — one-line audit before install

Published on npm as depscope-cli. Works on any machine with Node 18+.

# Audit before install (CI-friendly, exit 1 on critical)
npx -y depscope-cli audit express request lodash

# From a manifest
npx -y depscope-cli audit --file package.json
npx -y depscope-cli audit --file requirements.txt

# Drop-in code diff for deprecated → modern
npx -y depscope-cli migration npm request axios

# One-package AI brief (~300 tokens, paste into system prompt)
npx -y depscope-cli brief npm/express

Migration paths (deprecated → modern with code diff)

Curated migrations with literal before/after snippets ready to apply. Call via MCP get_migration_path or REST.

# MCP tool call (23 of 26 tools)
{"name":"get_migration_path","arguments":{"ecosystem":"npm","from_package":"request","to_package":"axios"}}

# REST
curl https://depscope.dev/api/migration/npm/request/axios
curl https://depscope.dev/api/migration/pypi/urllib2/requests
curl https://depscope.dev/api/migration/npm/moment/dayjs

# Returns: rationale, effort_minutes, diff_examples[], breaking_changes[]

VS Code (Copilot, Cline, Continue.dev)

VS Code itself has no MCP — works through any AI extension that supports MCP. Drop the same URL.

.vscode/mcp.json

// 1) VS Code + GitHub Copilot (MCP preview)
//    Settings: "chat.mcp.enabled": true
//    Then create .vscode/mcp.json (workspace) or user-global:
{
  "servers": {
    "depscope": { "type": "http", "url": "https://mcp.depscope.dev/mcp" }
  }
}

// 2) VS Code + Cline — Settings UI → MCP Servers → Add
//    URL: https://mcp.depscope.dev/mcp

// 3) VS Code + Continue.dev (~/.continue/config.json)
{
  "mcpServers": [
    { "name": "depscope",
      "transport": { "type": "sse", "url": "https://mcp.depscope.dev/mcp" } }
  ]
}

// 4) Fallback (no MCP extension): .vscode/tasks.json
//    Run "DepScope: audit" from the Tasks menu
{
  "version": "2.0.0",
  "tasks": [
    {
      "label": "DepScope: audit",
      "type": "shell",
      "command": "npx -y depscope-cli audit --file package.json",
      "problemMatcher": []
    }
  ]
}

GitHub Actions

Fail PRs on deprecated, malicious, or actively-exploited packages.

.github/workflows/depscope.yml

name: Dependency audit
on: [pull_request, push]

jobs:
  depscope:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: cuttalo/depscope-audit-action@v1
        with:
          manifest: package.json
          fail-on: critical   # critical | risk | none

Python / LangChain

Use as a LangChain tool.

tools/depscope.py

from langchain.tools import tool
import requests

@tool
def check_package(ecosystem: str, package: str) -> str:
    """Check if a package is safe to install."""
    r = requests.get(f"https://depscope.dev/api/check/{ecosystem}/{package}")
    return r.json()["recommendation"]["summary"]

README badge

Add a health badge to your README.

[![health](https://depscope.dev/badge/npm/YOUR-PACKAGE)](https://depscope.dev/pkg/npm/YOUR-PACKAGE)

Need the full API reference?

Every endpoint, parameter, and example.

API Docs →