Supply chain risk analysis for Dependabot and Renovate PRs, built on Temporal
Project description
Dependency Scout
You have 47 unreviewed Dependabot PRs. It’s midnight, CI is green, and you’ve merged dozens of these before. And yet...
Maintainers aren’t careless — they’re exhausted. And modern supply-chain attacks are specifically designed to slip past smart, well-intentioned humans doing their best under impossible workloads.
This tool gives every dependency PR a data-backed second opinion before it merges.
What it checks:
- Known vulnerabilities — OSV database (includes OpenSSF malicious-packages)
- Supply chain score — Socket.dev for obfuscated code, install-time scripts, typosquatting
- What code actually changed — diffs the package archives; flags new binaries, new install hooks, network calls, obfuscated code, git-URL dependencies
- Release freshness — flags releases under 24h ("very fresh") or 7 days ("recent"); won't auto-merge anything under 7 days by default
- Maintainer changes — a new account publishing a popular package is a classic attack vector
- Build provenance — SLSA attestations; flags dropped tag signing and re-release patterns
- Repo health — OpenSSF Scorecard for dangerous CI workflows, overprivileged tokens, maintenance status
- Zombie packages — deprecated packages and patches to abandoned major version lines
- Suspicious PR files — CI scripts or Dockerfiles in a "routine dep bump" are a red flag
Classifies 🟢 GREEN / 🟡 YELLOW / 🔴 RED, posts a comment explaining its reasoning, and takes action based on your config (or nothing if you haven't configured anything).
Status: Experimental — self-hosted, bring your own keys. No shared infrastructure, no accounts, no sign-up.
See it in action
Single dependency run:
Running across PR queue:
Temporal UI running checks:
Posting comment to GitHub:
Quick start
You need Python 3.10+, uv, and the Temporal CLI.
git clone https://github.com/temporal-community/dependency-scout
cd dependency-scout
uv run python setup.py
The setup script checks prerequisites, explains the tradeoffs between a PAT and a GitHub App, lets you choose your LLM (Claude, OpenAI, Ollama, or skip), and writes .env.
The Temporal dev server runs entirely on your machine — no account, no payment, no sign-up:
# Terminal 1 — Temporal dev server
temporal server start-dev
# Terminal 2 — Scout worker
uv run python -m worker
# Terminal 3 — triage a single PR
uv run dependency-scout triage https://github.com/your-org/your-repo/pull/123
Open http://localhost:8233 to watch the workflow run. With GITHUB_TOKEN set, the Scout posts a comment directly on the PR — here's a real example.
No API keys needed to start — the rule-based classifier runs entirely locally. Without GITHUB_TOKEN it prints what it would have posted instead of actually posting it.
Batch-triage your open PRs
Once the worker is running, point it at a whole repo to clear the backlog:
# Triage every open Dependabot/Renovate PR in a repo
uv run dependency-scout triage --repo your-org/your-repo
# Or limit to a subset while you're getting a feel for it
uv run dependency-scout triage --repo your-org/your-repo --limit 5
Check a package before installing it
The Scout can also vet a dependency before you install or upgrade it — useful when you're adding something new or when an agent is about to run pip install / npm install:
# Fresh install check (no old version)
uv run dependency-scout check requests 2.32.0
# Upgrade check
uv run dependency-scout check requests 2.32.0 --from 2.31.0 --ecosystem pip
# Different ecosystems
uv run dependency-scout check @angular/core 18.0.0 --ecosystem npm
uv run dependency-scout check serde 1.0.219 --ecosystem cargo
Exit codes are scriptable: 0 = green, 1 = yellow, 2 = red.
Results are automatically shared across callers — if another project already checked the same version bump today, you get the cached verdict instantly.
Use as a Claude Code tool (MCP)
Add the Scout as an MCP server so Claude Code can call it automatically when it's about to install a new dependency. From the dependency-scout directory:
claude mcp add dependency-scout -- uv run python -m mcp_server
Once configured, Claude Code will have a check_dependency tool available and can call it before pip install, npm install, etc.
Test by asking Claude a question like:
Check if requests 2.32.0 is safe to install
You should get back a response somewhat like:
⏺ Let me use the dependency-scout MCP tool to check that package.
Called dependency-scout (ctrl+o to expand)
⏺ RED — Do not install requests 2.32.0.
Here's the summary of why:
- Version is yanked on PyPI — officially pulled due to a conflict with the CVE-2024-35195
mitigation. It broke applications using custom schemes (e.g. docker-py).
- Open CVEs not fixed — CVE-2024-47081 and CVE-2026-25645 remain unresolved at this version.
- Install script regression — setup.py was substantially rewritten, reverting from modern
pyproject.toml packaging to a legacy build script with older Python/dependency constraints.
- Maintainer change with unknown account age adds further supply chain concern.
Recommendation: upgrade to requests 2.32.2 or newer — that's the version that properly resolved
the CVE regression without the breakage that caused 2.32.0 to be yanked.
Configure your stack
The Scout works with zero configuration — rule-based classifier, no PR comments, no auto-actions. Each addition makes it smarter or more capable:
.env setting |
What it enables |
|---|---|
| (none) | Rule-based classifier, log-only output |
ANTHROPIC_API_KEY |
Claude classifies (set ANTHROPIC_MODEL to pin a version) |
OPENAI_API_KEY + OPENAI_MODEL |
OpenAI classifies instead |
OLLAMA_HOST + OLLAMA_MODEL |
Local Ollama classifies — free, no data leaves your machine |
CLASSIFIER=rule_based |
Force rule-based even when an LLM key is present |
GITHUB_TOKEN or GitHub App |
Posts real PR comments on GitHub |
GITLAB_TOKEN |
Posts real MR comments on GitLab |
ENABLE_PR_ACTIONS=true |
Can automatically merge GREEN PRs and/or close RED ones |
SOCKET_API_KEY |
Adds Socket.dev supply-chain score check (create token — scope: packages:list) |
Copy .env.example to .env and fill in what you have, or run uv run python setup.py to be walked through it interactively.
What's next: continuous triage on every new PR
Once you're happy with the results, you can set up the Scout as a persistent webhook listener — it triages every new Dependabot or Renovate PR automatically and can auto-merge GREEN ones or close RED ones. This requires a server that stays up when your laptop closes. See docs/deployment.md.
Configuring your repo
Add .github/dependency-scout.yml to any repo where you want the Scout to do more than comment. All fields are optional — omitting the file entirely is safe (comment-only mode). A ready-to-copy template is at .github/dependency-scout.yml.example.
See docs/configuration.md for the full field reference.
What data leaves your machine
| Data | Where it goes | Notes |
|---|---|---|
| Package name, version numbers | OSV, Socket.dev, deps.dev, pypistats | Public registry APIs — this data is already public |
| Package archive (the actual .whl/.tgz/.gem) | Downloaded to local temp dir, deleted after diff | Never forwarded to any external service |
| Diff summary (changed file names + added/removed lines) | Your configured LLM (Claude/OpenAI/Ollama) | Up to 100 KB of actual code changes |
| Package description, release notes, Socket alert strings | Your configured LLM | Labeled as untrusted in the prompt |
| Source repo URL (from registry metadata) | GitHub API | Used to look up release tags and CI workflow changes |
The diff summary does include real code lines from the package archive. For private packages on a self-hosted registry, use Ollama to keep analysis fully local. The rule-based classifier (the default when no LLM key is configured) runs entirely locally.
Ecosystem coverage
pip/uv, npm, RubyGems, Cargo, Composer, Maven/Gradle, NuGet, Go modules, GitHub Actions, Mix (Hex), Pub (Dart/Flutter), Elm, Docker, Terraform, Swift. Signal availability varies by registry — see docs/architecture.md for the full coverage table.
Learn more
- Configuration reference — every
.github/dependency-scout.ymlfield - How it works — two-workflow design, checks, classifier, security hardening
- Deployment — production setup, secrets, Temporal options, scaling
- Security hardening — token scoping, auto-merge thresholds, prompt injection
- Contributing — adding checks, ecosystems, detection patterns, design principles
- Extending with plugins — ecosystem, classifier, platform, and check plugins
A Temporal Community project. Credit to Daniel Hensby for inspiration.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dependency_scout-0.1.0.tar.gz.
File metadata
- Download URL: dependency_scout-0.1.0.tar.gz
- Upload date:
- Size: 410.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2f22d73153c0d6b6d9e3b974cc9546b57ba11f86f5078d7d43e4d1521d77cb0f
|
|
| MD5 |
2ee5ea831e3ce1093c2ac2b1b3296b94
|
|
| BLAKE2b-256 |
6d25a44a5024f5d3a2b14f9fd10e7369442b3d09bdef07c1eeb7525e3f32c473
|
File details
Details for the file dependency_scout-0.1.0-py3-none-any.whl.
File metadata
- Download URL: dependency_scout-0.1.0-py3-none-any.whl
- Upload date:
- Size: 167.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1bbdcb0a99f5e2837936cdfd42ffaaa5a6ee2167a7c9e71a6af7c779e4a37278
|
|
| MD5 |
a8d1219aea5ecd129bda2d0c6278365a
|
|
| BLAKE2b-256 |
71bebd7ae21f58656cba62589fdb3f9b9444945e2d031a483508240a33cbfcc2
|