GitHub MCP Server Adds Dependency Vulnerability Scanning in Public Preview via Dependabot Toolset
GitHub Changelog·medium signal
Announced alongside the secret scanning GA, the GitHub MCP Server now supports dependency vulnerability scanning through a new Dependabot toolset. When prompted, AI coding agents invoke the toolset, send dependency information to the GitHub Advisory Database, and return structured results with affected packages, severity ratings, and recommended fixed versions. Available for repos with Dependabot alerts enabled.