sonatype-guide

Q: How to install sonatype-guide?

Open your MCP config: ~/.claude.json. Then add the config to "mcpServers": { "sonatype-guide": { "command": "...", "args": [] } }. Finally, /mcp in Claude Code.

Q: What is sonatype-guide best for?

sonatype-guide is categorized under General. It covers: security, mcp.

Official PluginGeneralby Anthropic

Sonatype Guide MCP server for software supply chain intelligence and dependency security. Analyze dependencies for vulnerabilities, get secure version recommendations, and check component quality metrics.

First seen 4/17/2026

Summary

The Sonatype Guide MCP server integrates software supply chain intelligence directly into your development workflow.

It helps you analyze dependencies for known vulnerabilities, get secure version recommendations, and assess component quality metrics, enabling proactive security management.

Install & Usage

Open your MCP config

~/.claude.json

Add the server config

Add the configuration to "mcpServers": { "sonatype-guide": { "command": "...", "args": [] } }

Restart Claude Code

/mcp

Use Cases

Check a specific dependency for known vulnerabilities before adding it to your project.

Get recommended secure version upgrades for outdated or vulnerable dependencies.

Evaluate component quality metrics to assess risk of using a particular library.

Scan your project's dependency tree for security issues during code review.

Identify all dependencies with critical or high severity vulnerabilities in your build.

Compare two versions of a library to see which has fewer security advisories.

Usage Examples

/sonatype-guide check com.google.guava:guava:30.1-jre

/sonatype-guide scan my project's pom.xml for vulnerabilities

Find secure version recommendations for log4j-core:2.14.0

View source on GitHub

securitymcp

Security Audits

LicenseUnknownSourcePassRepositoryPass

Frequently Asked Questions

What is sonatype-guide?

The Sonatype Guide MCP server integrates software supply chain intelligence directly into your development workflow. It helps you analyze dependencies for known vulnerabilities, get secure version recommendations, and assess component quality metrics, enabling proactive security management.

How to install sonatype-guide?

To install sonatype-guide: open your mcp config (~/.claude.json), then add the config to "mcpServers": { "sonatype-guide": { "command": "...", "args": [] } }. Finally, /mcp in Claude Code.

What is sonatype-guide best for?

sonatype-guide is a mcp categorized under General. It is designed for: security, mcp. Created by Anthropic.

What can I use sonatype-guide for?

sonatype-guide is useful for: Check a specific dependency for known vulnerabilities before adding it to your project.; Get recommended secure version upgrades for outdated or vulnerable dependencies.; Evaluate component quality metrics to assess risk of using a particular library.; Scan your project's dependency tree for security issues during code review.; Identify all dependencies with critical or high severity vulnerabilities in your build.; Compare two versions of a library to see which has fewer security advisories..