TridentChain Security — local-first supply chain vulnerability scanner for project, system, and extensions.
Project description
TridentChain Security
Local-first vulnerability scanner for project dependencies, developer tools, and IDE extensions.
Uses multi-source intelligence (OSV, NVD, GHSA, Sonatype) with KEV/EPSS prioritization.
No API key required for default usage.
Public repo: https://github.com/DevInder1/supply-chain-scanner-public
Install (plug and play)
pip3 install tridentchain-security
npm install -g @tridentchain/security-cli
tridentchain-security --help
Agents & MCP (Claude, Cursor, VS Code):
pip3 install "tridentchain-security>=0.1.1" tridentchain-mcp
What you can do: docs/CAPABILITIES.md
Full guide: docs/INSTALL_AND_USE.md
Cross-platform (macOS / Linux / Windows): docs/CROSS_PLATFORM.md
(PyPI: tridentchain-security · npm: @tridentchain/security-cli)
tridentchain-security --scan all --project-path . --output-dir scanner-output
Use in your own Python app
from scanner import run_scan
summary = run_scan(
project_path=".",
scan="all",
run_profile="full", # no API key required
output_dir="scanner-output",
)
print(summary["summary"])
Scan profiles
| Profile | Description |
|---|---|
full (default) |
Project + system + extensions. OSV + NVD without keys. |
quick |
Faster project-focused scan. |
offline |
Local advisory DB only, no network. |
| Power-user | Add GITHUB_TOKEN, NVD_API_KEY, optional SONATYPE_TOKEN for best coverage. |
Desktop app (individual application)
No repo clone required if the pip package is installed:
pip3 install tridentchain-security
cd apps/desktop && npm install && npm run start
See apps/desktop/README.md and docs/DISTRIBUTION_VERIFICATION.md.
AI / automation
Use CLI JSON or run_scan() from any agent — docs/AI_INTEGRATION.md.
Integration architecture (Claude MCP, OpenAI, Cursor, VS Code): docs/INTEGRATION_ARCHITECTURE.md · Roadmap
Phase 2 — Claude MCP: pip install tridentchain-mcp · Setup guide · Plugin
Phase 3 — OpenAI + Cursor: examples/openai/ · Cursor setup · .cursor/mcp.json.example
Phase 4 — VS Code: extension · VS Code setup · Anthropic MCP-first (tridentchain-mcp)
Phase 5 — Validate: tridentchain-security --validate · MCP validate_after_patch · CAPABILITIES.md
Unified tool layer: from scanner.integrations import execute_tool, get_tool_definitions, to_openai_tools
Development
git clone https://github.com/DevInder1/supply-chain-scanner-public.git
cd supply-chain-scanner-public
python3 -m pip install -e .
tridentchain-security --help
python3 -m unittest scanner.tests.test_matcher_ranges -v
Install & use: docs/INSTALL_AND_USE.md
Cross-platform: docs/CROSS_PLATFORM.md
CLI contract: docs/cli-contract.md
Publishing: docs/PUBLISHING.md
Optional API keys (power users)
| Variable | Purpose |
|---|---|
NVD_API_KEY |
Higher NVD rate limits |
GITHUB_TOKEN |
GHSA advisories |
SONATYPE_TOKEN |
Sonatype Guide advisories |
Set in .env or environment variables.
License
MIT — see LICENSE
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tridentchain_security-0.1.2.tar.gz.
File metadata
- Download URL: tridentchain_security-0.1.2.tar.gz
- Upload date:
- Size: 86.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
83e2234c9107f9e4d91c26211b260e137c3179b6fa46054a37da0f05d5f2e6a7
|
|
| MD5 |
217855f87e707059186cfc9279168fa5
|
|
| BLAKE2b-256 |
662e086109c67d516bb6c6af1e5818fa2898f804f271f0528c75f41fd89b118d
|
File details
Details for the file tridentchain_security-0.1.2-py3-none-any.whl.
File metadata
- Download URL: tridentchain_security-0.1.2-py3-none-any.whl
- Upload date:
- Size: 99.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
356f0fc9a653def95d92c362188034864eecbe31ca7144dfe4ef28c53c77a3cf
|
|
| MD5 |
26457a1386c00c15ef9ba9b720d6570b
|
|
| BLAKE2b-256 |
9e20d5e68dfee4a72e014483858f937445b74e0a9cf050a0def49c0b5f237fac
|
