npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

devsecure-mcp

v3.0.0

Published

67 DeFi security, wallet intelligence, and developer safety tools for AI agents. Powered by DeFi Shield via x402 micropayments.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jkearnjkearn

Keywords

mcpsecuritydefiai-agentsx402agent-economywallet-intelligenceblockchainsmart-contractdeveloper-tools

Readme

devsecure-mcp

67 DeFi security, wallet intelligence, and developer safety tools for AI agents

Overview

devsecure-mcp is an MCP (Model Context Protocol) server that gives AI agents access to 67 security and intelligence tools spanning DeFi analysis, wallet profiling, smart contract auditing, MEV protection, NFT intelligence, and developer safety. It wraps DeFi Shield's x402-gated API, enabling agents to pay per-request in USDC on Base with no API keys, subscriptions, or accounts required. Every tool is available to Claude Desktop, Cursor, Windsurf, and any MCP-compatible client.

Quick Start

Add to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "devsecure": {
      "command": "npx",
      "args": ["-y", "devsecure-mcp"],
      "env": {
        "DEFI_SHIELD_URL": "https://defi-shield-hazel.vercel.app"
      }
    }
  }
}

Tool Reference

DeFi Intelligence (10 tools)

| Tool | Description | Price | |------|-------------|-------| | contract_risk | Smart contract risk analysis -- risk scoring 0-100, admin function detection, deployer analysis | $0.50 | | token_intel | Token intelligence -- holder concentration, Gini coefficient, whale wallets, liquidity locks | $1.00 | | simulate | Honeypot detection, hidden fees, blacklist/pause capability detection | $0.25 | | yield_analysis | APY decomposition -- base fees vs incentives, sustainability score, wash trading probability | $0.75 | | exit_strategy | Exit strategy -- price impact, liquidity depth, optimal exit route | $0.50 | | il_simulate | Impermanent loss Monte Carlo -- 200 simulations, percentile outcomes, breakeven APY | $1.00 | | whale_alerts | Large transfers >1% supply in 24h, net flow direction, whale activity score | $0.50 | | deployer_forensics | Deployer history -- all contracts deployed, verification status, scam flags, reputation | $0.75 | | pool_compare | Compare pools side-by-side -- APY, TVL, sustainability, ranked recommendation | $0.50 | | approval_scanner | Scan token approvals for dangerous unlimited approvals to unverified contracts | $0.25 |

Safety & Compliance (5 tools)

| Tool | Description | Price | |------|-------------|-------| | prompt_injection | Detect prompt injection -- instruction overrides, role hijacking, encoded payloads | $0.02 | | pii_scan | Detect PII -- SSNs, credit cards, emails, phones, API keys, private keys | $0.02 | | sanctions_check | OFAC SDN sanctions screening -- fuzzy name matching, risk classification | $0.10 | | domain_reputation | Domain reputation -- SPF/DKIM/DMARC, SSL validation, reputation score | $0.05 | | freshness_check | URL freshness -- staleness detection via cache headers and last-modified | $0.01 |

Developer Security (5 tools)

| Tool | Description | Price | |------|-------------|-------| | package_risk | npm package risk -- CVE lookup via OSV.dev, maintainer count, download trends | $0.10 | | secrets_scan | Secrets detection -- AWS keys, private keys, API tokens, JWTs, connection strings | $0.02 | | query_safety | SQL injection detection -- UNION, stacked queries, blind injection patterns | $0.02 | | license_check | License compatibility -- SPDX verification, copyleft conflict detection | $0.05 | | diff_impact | Diff impact -- semantic diff, breaking changes, backwards compatibility check | $0.05 |

Wallet Intelligence (6 tools)

| Tool | Description | Price | |------|-------------|-------| | wallet_profile | Wallet profile and classification -- activity type, age, token diversity | $0.50 | | wallet_risk | Wallet risk and trust scoring -- interaction history, sanctions proximity | $0.75 | | wallet_pnl | Profit and loss breakdown by token -- realized/unrealized, win rate | $1.00 | | wallet_exposure | Token exposure analysis -- concentration risk, stablecoin ratio | $0.50 | | wallet_copytrading | Copy trading signal extraction -- top performers, strategy fingerprinting | $0.75 | | wallet_cluster | Related wallet cluster analysis -- funding links, shared contracts | $0.50 |

Protocol Intelligence (7 tools)

| Tool | Description | Price | |------|-------------|-------| | protocol_risk | Protocol risk assessment -- audit status, TVL trend, admin key exposure | $0.50 | | tvl_decompose | TVL breakdown by chain -- real vs incentivized, concentration metrics | $0.50 | | governance_risk | Governance centralization risk -- voting power distribution, proposal patterns | $0.75 | | protocol_compare | Multi-protocol comparison -- risk, yield, TVL, governance side-by-side | $0.50 | | emission_model | Token emission and inflation analysis -- unlock schedule, sell pressure | $0.75 | | oracle_risk | Oracle dependency risk -- staleness, deviation thresholds, fallback analysis | $0.50 | | bridge_risk | Bridge trust assessment -- validator set, TVL locked, exploit history | $0.50 |

MEV & Trading (7 tools)

| Tool | Description | Price | |------|-------------|-------| | mev_risk | MEV and sandwich attack risk for a given swap | $0.25 | | optimal_route | Optimal DEX routing -- split routes, gas-adjusted output | $0.50 | | liquidity_depth | Liquidity depth analysis -- bid/ask spread, slippage curve | $0.25 | | gas_oracle | Gas price oracle -- base fee, priority fee, time estimates | $0.05 | | mempool_scan | Mempool activity scan -- pending txs, frontrun risk | $0.50 | | price_impact | Price impact estimation for a given trade size | $0.10 | | arb_detector | Arbitrage opportunity detection across DEXs | $0.75 |

NFT Intelligence (5 tools)

| Tool | Description | Price | |------|-------------|-------| | collection_risk | NFT collection risk assessment -- creator history, royalty enforcement, rug signals | $0.50 | | nft_rarity | Token rarity analysis -- trait distribution, rarity score | $0.25 | | wash_detect | Wash trading detection -- self-trades, circular patterns, inflated volume | $0.50 | | nft_valuation | Collection valuation signals -- floor trend, whale accumulation, listing ratio | $0.50 | | nft_trending | Trending collection metrics -- volume spikes, unique buyers, social signals | $0.25 |

Cross-Chain (5 tools)

| Tool | Description | Price | |------|-------------|-------| | chain_compare | Multi-chain comparison -- gas, TPS, TVL, developer activity | $0.25 | | chain_health | Chain health metrics -- block time, finality, validator count | $0.25 | | bridge_quote | Bridge trust assessment and fee comparison | $0.25 | | chain_yield | Chain yield opportunities -- native staking, DeFi yields, risk-adjusted | $0.50 | | l2_finality | L2 finality information -- challenge period, proof type, settlement time | $0.10 |

Agent Trust (5 tools)

| Tool | Description | Price | |------|-------------|-------| | agent_verify | Agent wallet verification -- signing proof, balance check | $0.25 | | endpoint_audit | Endpoint availability and trust audit -- uptime, response time, x402 compliance | $0.50 | | service_compare | Service comparison by trust score -- reliability, pricing, response quality | $0.50 | | trust_score | Quick trust score lookup for an address or domain | $0.10 | | scam_report | Submit scam report -- flag addresses, contracts, or domains | $0.25 |

Data Infrastructure (7 tools)

| Tool | Description | Price | |------|-------------|-------| | abi_decode | Calldata ABI decoding -- function selector, parameter extraction | $0.10 | | contract_abi | Contract ABI retrieval -- verified source, function signatures | $0.10 | | token_list | Token info lookup -- symbol, decimals, logo, price | $0.05 | | address_label | Address labeling -- known entities, exchange wallets, contract names | $0.05 | | event_decode | Event log decoding -- topic parsing, parameter extraction | $0.10 | | tx_trace | Transaction trace and internal transfers -- call tree, value flow | $0.25 | | block_data | Block data retrieval -- transactions, gas used, timestamp | $0.05 |

Real-Time Monitoring (5 tools)

| Tool | Description | Price | |------|-------------|-------| | position_monitor | Position health monitoring -- liquidation distance, collateral ratio | $0.25 | | whale_monitor | Whale activity alerts -- accumulation, distribution, exchange flows | $0.50 | | exploit_alert | Recent exploit feed -- active incidents, affected protocols, severity | $0.10 | | gas_alert | Gas price alerts -- current vs historical, congestion level | $0.05 | | governance_alert | Governance activity alerts -- new proposals, voting deadlines, quorum status | $0.25 |

Categories

  • DeFi Intelligence -- Core smart contract and token analysis. Risk-score contracts, detect honeypots, analyze yield sustainability, simulate impermanent loss, and compare liquidity pools.

  • Safety & Compliance -- Guard rails for AI agents. Detect prompt injection attempts, scan for PII leaks, screen addresses against OFAC sanctions, and verify domain reputation.

  • Developer Security -- Secure the software supply chain. Check npm packages for CVEs, scan code for leaked secrets, detect SQL injection, verify license compatibility, and analyze diff impact.

  • Wallet Intelligence -- Profile any on-chain address. Classify wallet behavior, assess risk, calculate PnL, measure exposure concentration, extract copy-trading signals, and discover related wallet clusters.

  • Protocol Intelligence -- Evaluate DeFi protocols holistically. Assess protocol risk, decompose TVL, analyze governance centralization, model token emissions, and audit oracle and bridge dependencies.

  • MEV & Trading -- Protect swaps and optimize execution. Estimate MEV and sandwich risk, find optimal DEX routes, measure liquidity depth, monitor mempool activity, and detect arbitrage opportunities.

  • NFT Intelligence -- Analyze NFT markets. Assess collection risk, compute rarity scores, detect wash trading, estimate valuations, and track trending collections.

  • Cross-Chain -- Compare and navigate across chains. Benchmark chain performance, check health metrics, quote bridge fees, find yield opportunities, and understand L2 finality guarantees.

  • Agent Trust -- Trust infrastructure for the agent economy. Verify agent wallets, audit endpoint reliability, compare services by trust score, and submit scam reports.

  • Data Infrastructure -- On-chain data primitives. Decode calldata and event logs, retrieve ABIs, look up token metadata, label addresses, trace transactions, and fetch block data.

  • Real-Time Monitoring -- Continuous alerting. Monitor position health, track whale movements, receive exploit notifications, watch gas prices, and follow governance activity.

Payment

devsecure-mcp uses the x402 protocol for payment. Agents pay per-request in USDC on Base -- no API keys, subscriptions, or accounts required. When an agent calls a tool, the x402 payment flow handles micropayment negotiation automatically. Prices range from $0.01 to $1.00 per call depending on the tool.

Environment Variables

| Variable | Required | Default | Description | |----------|----------|---------|-------------| | DEFI_SHIELD_URL | No | https://defi-shield-hazel.vercel.app | Base URL for the DeFi Shield API |

Links

  • Health / Discovery: https://defi-shield-hazel.vercel.app/api/health
  • Agent Card: https://defi-shield-hazel.vercel.app/.well-known/agent-card.json
  • x402 Protocol: https://x402.org