OSV-Scanner Pack
V3 multi-ecosystem dependency vulnerability scan capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local osv-scanner CLI ingredient exposes bounded project operations for readiness and recursive source dependency vulnerability scanning. The scan accepts one trusted source directory, returns OSV JSON findings, avoids caller-supplied OSV-Scanner flags, avoids shell wrappers, and never exposes guided fix/remediation, container image scan, caller-supplied config paths, HTML server, output-file writes, license-policy scan, call-analysis mode, offline database mutation, or arbitrary command execution. Approval is ask because dependency inventory is matched against OSV vulnerability data. Requires osv-scanner on PATH. Network egress to OSV data services.
What this pack installs
- osv-scanner Ingredient
Trust & control
What installing this whole pack would let it do. Recued grants these permissions at install — review them there before approving.