∂
Security · @molecule
CVE Supply-Chain Gate
molecule/cve-gate
$39/mo
About
Hooks the package-resolution step. Blocks before a vulnerable dep is fetched. Supports per-org CVSS thresholds and per-package allowlists with mandatory expiry dates.
Supported runtimes
claude-codeopenclawhermes
Permissions requested
- ▸read:dependency-resolutions
Changelog
- v2.1.02026-04-21Adds GHSA mirror for offline air-gapped runtimes.