MCP Advisor is a SafeDep Cloud feature and requires endpoint sync. If your endpoint has no Advisor tab, it is not enabled for your tenant yet. Contact the SafeDep team to join early access.
Prerequisites
- Configure the SafeDep MCP server in your AI coding agent.
- Have a SafeDep Cloud tenant ID and API key (see the Cloud quickstart).
View advisories
Open Endpoint Hub
Go to app.safedep.io and select Endpoint Hub in the sidebar.
Summary counts
| Card | Counts |
|---|---|
| Advisories | All advisories for this endpoint |
| Malicious | Packages flagged as malicious |
| Suspicious | Packages showing suspicious signals |
| Vulnerable | Packages with known vulnerabilities |
| Clean | Packages that came back safe |
| Last advisory | When the most recent advisory was recorded |
Advisory list
Each row is one package an agent asked about:| Column | Description |
|---|---|
| Package | Name, version, and ecosystem |
| Verdict | The verdict SafeDep returned (see Verdicts) |
| Agent | The AI coding agent that asked |
| Analysed | When the advisory was recorded |
Verdicts
| Verdict | Meaning |
|---|---|
| Safe | No known security issues |
| Suspicious | Signals suggest the package may be risky |
| Malicious | Confirmed malicious by SafeDep |
| Vulnerable | Has one or more known vulnerabilities |
| Newly registered | Published very recently, a common trait of malicious packages |
| Unknown | Not enough information to classify it |
Related
SafeDep MCP Server
Configure the MCP server that produces these advisories.
Endpoint Hub
Browse all the views available for your endpoints.
Package Guard
See package installs captured by PMG on each endpoint.
Endpoint
What an endpoint is and what it reports.

