Content
# Fetter MCP
Fetter provides a remote [Model Context Protocol](https://modelcontextprotocol.io) (MCP) server at `https://mcp.fetter.io/mcp` that gives AI coding agents real-time access to Python package vulnerability data. Built on [fetter](https://github.com/fetter-io/fetter-rs), it queries PyPI and OSV to surface known CVEs, CVSS scores, and safe versions so your agent can make informed dependency decisions as it writes code.
**Tools:**
- `most_recent_not_vulnerable`: find the latest release of a package that is free of known vulnerabilities
- `is_vulnerable`: check whether a specific pinned version has known CVEs
- `lookup`: find available versions and their vulnerabilities for any package or specifier
## Installation
The Fetter MCP server uses the HTTP transport and requires no local installation. Just register the remote URL with your MCP client.
### Claude Code
```bash
claude mcp add --transport http fetter https://mcp.fetter.io/mcp
```
### Codex
```bash
codex mcp add fetter --url https://mcp.fetter.io/mcp
```
### Other MCP Clients
For any other MCP-compatible client, provide the following remote server URL using the HTTP transport:
```
https://mcp.fetter.io/mcp
```
## Agent Usage
Once installed, the Fetter MCP tools are available to your AI agent during coding sessions. The agent can call them automatically when adding or auditing dependencies; no explicit tool invocation is required in your prompts.
**Example prompts**
- "Add the latest safe version of requests to requirements.txt"
- "Are there any known vulnerabilities in my current dependencies?"
- "What is the most recent version of pillow with no CVEs?"
- "Before pinning cryptography, check whether 42.0.5 is vulnerable"
The agent selects the appropriate tool based on context:
- Adding a new package: `most_recent_not_vulnerable` to find a safe version
- Validating a specific pinned version: `is_vulnerable` for a definitive answer
- Auditing an existing specifier: `lookup` to see affected versions
## `most_recent_not_vulnerable`
Find the most recent version of a package that has no known vulnerabilities. Provide only a package name and the server will search recent releases for a safe version. Useful when pinning a dependency to the latest clean release.
**Parameters**
- `package_name` — package name only (no version specifier), e.g. `"requests"`
**Example Request**
```json
{
"jsonrpc": "2.0",
"method": "tools/call",
"id": 2,
"params": {
"name": "most_recent_not_vulnerable",
"arguments": {
"name": "cryptography"
}
}
}
```
**Example Response:**
```json
{
"jsonrpc": "2.0",
"id": 2,
"result": {
"content": [],
"structuredContent": {
"package": "cryptography",
"version": "46.0.5",
"vulnerabilities": [],
"vulnerable": false
},
"isError": false
}
}
```
## `is_vulnerable`
Check if a specific package version has known vulnerabilities. Requires an exact version specifier. Returns vulnerability IDs, summaries, CVSS scores, severity ratings, and reference URLs.
**Parameters**
- `dep_spec` — exact version specifier, e.g. `"requests==2.31.0"`
**Example Request**
```json
{
"jsonrpc": "2.0",
"method": "tools/call",
"id": 2,
"params": {
"name": "is_vulnerable",
"arguments": {
"name": "requests==2.19.1"
}
}
}
```
**Example Response:**
```json
{
"jsonrpc": "2.0",
"id": 2,
"result": {
"content": [],
"structuredContent": {
"package": "requests",
"version": "2.19.1",
"vulnerabilities": [
{
"cvss_score": 5.3,
"id": "GHSA-9hjg-9r4m-mvj7",
"severity": "(Medium):",
"summary": "Requests vulnerable to .netrc credentials leak via malicious URLs",
"url": "https://osv.dev/vulnerability/GHSA-9hjg-9r4m-mvj7"
},
{
"cvss_score": 5.6,
"id": "GHSA-9wx4-h78v-vm56",
"severity": "(Medium):",
"summary": "Requests Session object does not verify requests after making first request with verify=False",
"url": "https://osv.dev/vulnerability/GHSA-9wx4-h78v-vm56"
},
{
"cvss_score": 6.1,
"id": "GHSA-j8r2-6x86-q33q",
"severity": "(Medium):",
"summary": "Unintended leak of Proxy-Authorization header in requests",
"url": "https://osv.dev/vulnerability/GHSA-j8r2-6x86-q33q"
},
{
"cvss_score": 7.5,
"id": "GHSA-x84v-xcm2-53pg",
"severity": "(High):",
"summary": "Insufficiently Protected Credentials in Requests",
"url": "https://osv.dev/vulnerability/GHSA-x84v-xcm2-53pg"
},
{
"cvss_score": null,
"id": "PYSEC-2018-28",
"severity": null,
"summary": "",
"url": "https://osv.dev/vulnerability/PYSEC-2018-28"
},
{
"cvss_score": null,
"id": "PYSEC-2023-74",
"severity": null,
"summary": "",
"url": "https://osv.dev/vulnerability/PYSEC-2023-74"
}
],
"vulnerable": true
},
"isError": false
}
}
```
## `lookup`
Look up a package by name and optional version specifier to find which versions are available and whether they have known vulnerabilities. Supports specifiers such as `"requests"`, `"numpy>=2.0"`, or `"flask==3.0.0"`.
**Parameters**
- `dep_specs` — package name or version specifier
- `cvss_threshold` — filter to vulnerabilities at or above this CVSS score (0–10)
- `max_observed_score` — return only the highest CVSS score per version rather than all individual vulnerabilities
- `count` — limit the number of recent versions checked
- `retain_passing` — include versions with no known vulnerabilities in the results
**Example Request**
```json
{
"jsonrpc": "2.0",
"method": "tools/call",
"id": 2,
"params": {
"name": "lookup",
"arguments": {
"name": "requests>=2.32.0",
"retain_passing": true
}
}
}
```
**Example Response:**
```json
{
"jsonrpc": "2.0",
"id": 2,
"result": {
"content": [],
"structuredContent": {
"package": "requests",
"versions": [
{
"version": "2.32.0",
"vulnerabilities": [
{
"cvss_score": 5.3,
"id": "GHSA-9hjg-9r4m-mvj7",
"severity": "(Medium):",
"summary": "Requests vulnerable to .netrc credentials leak via malicious URLs",
"url": "https://osv.dev/vulnerability/GHSA-9hjg-9r4m-mvj7"
}
],
"vulnerable": true
},
{
"version": "2.32.1",
"vulnerabilities": [
{
"cvss_score": 5.3,
"id": "GHSA-9hjg-9r4m-mvj7",
"severity": "(Medium):",
"summary": "Requests vulnerable to .netrc credentials leak via malicious URLs",
"url": "https://osv.dev/vulnerability/GHSA-9hjg-9r4m-mvj7"
}
],
"vulnerable": true
},
{
"version": "2.32.2",
"vulnerabilities": [
{
"cvss_score": 5.3,
"id": "GHSA-9hjg-9r4m-mvj7",
"severity": "(Medium):",
"summary": "Requests vulnerable to .netrc credentials leak via malicious URLs",
"url": "https://osv.dev/vulnerability/GHSA-9hjg-9r4m-mvj7"
}
],
"vulnerable": true
},
{
"version": "2.32.3",
"vulnerabilities": [
{
"cvss_score": 5.3,
"id": "GHSA-9hjg-9r4m-mvj7",
"severity": "(Medium):",
"summary": "Requests vulnerable to .netrc credentials leak via malicious URLs",
"url": "https://osv.dev/vulnerability/GHSA-9hjg-9r4m-mvj7"
}
],
"vulnerable": true
},
{
"version": "2.32.4",
"vulnerabilities": [],
"vulnerable": false
},
{
"version": "2.32.5",
"vulnerabilities": [],
"vulnerable": false
}
]
},
"isError": false
}
}
```
Connection Info
You Might Also Like
markitdown
MarkItDown-MCP is a lightweight server for converting URIs to Markdown.
firecrawl
Firecrawl MCP Server enables web scraping, crawling, and content extraction.
markitdown
Python tool for converting files and office documents to Markdown.
Filesystem
Node.js MCP Server for filesystem operations with dynamic access control.
Sequential Thinking
A structured MCP server for dynamic problem-solving and reflective thinking.
Fetch
Retrieve and process content from web pages by converting HTML into markdown format.