Question 1

What is the lockfile-guardian MCP server?

Accepted Answer

Audits your package-lock.json for supply-chain attacks before install. Cross-checks every resolved entry against the live npm registry to detect integrity mismatches, new install scripts, and other malicious signals.

Question 2

How do I connect to lockfile-guardian?

Accepted Answer

Add lockfile-guardian to your MCP client configuration to expose its tools to your AI agent. See the repository linked on this page for setup details.

Question 3

Does lockfile-guardian require authentication?

Accepted Answer

lockfile-guardian does not require authentication ("none").

lockfile-guardian

Details

More from Baneado98

FAQ