Documentation

IZZO speaks the Model Context Protocol (MCP) over HTTP. Connect any MCP client — no API key required — or call the REST endpoints directly from your own tooling.

Quickstart

Two things to know:

  • · Endpoint: https://izzo-api-807549185749.us-central1.run.app/mcp/
  • · Auth: none. The feed is public, read-only, and rate-limited per IP.

Once connected, ask your agent to check dependencies before it installs or upgrades anything — the tools are designed for exactly that moment.

Claude Code

Add IZZO as an HTTP MCP server in one command:

shell
claude mcp add --transport http izzo https://izzo-api-807549185749.us-central1.run.app/mcp/

Then try: "check our package.json dependencies against izzo before you upgrade anything"

Codex

Add to ~/.codex/config.toml:

toml
[mcp_servers.izzo]
command = "npx"
args = ["-y", "mcp-remote", "https://izzo-api-807549185749.us-central1.run.app/mcp/"]

Cursor

Add to ~/.cursor/mcp.json (or per-project .cursor/mcp.json):

json
{
  "mcpServers": {
    "izzo": { "url": "https://izzo-api-807549185749.us-central1.run.app/mcp/" }
  }
}

Other MCP clients

Any client that speaks streamable HTTP can use the endpoint directly. For stdio-only clients, bridge with mcp-remote:

shell
npx -y mcp-remote https://izzo-api-807549185749.us-central1.run.app/mcp/

Tools reference

check_packages

check_packages(packages: ["npm:@asyncapi/generator", "pypi:requests"])

The workhorse. Pass any dependencies in ecosystem:name form; returns flagged status plus full incident detail for anything compromised. Call it before adding or upgrading dependencies.

list_recent_incidents

list_recent_incidents(days: 14, ecosystem: "npm", only_confirmed: true)

Load current threat context: every incident detected in the window, with affected versions, IOCs, and remediation guidance.

get_incident

get_incident(incident_id: 3)

The full teardown for one incident: analysis verdict, key findings from the artifact diff, files of interest, and recommended action.

Call the API directly

The same data over plain HTTP. Base URL: https://izzo-api-807549185749.us-central1.run.app

GET /api/v1/vulnerabilities

Incident list. Filters: ecosystem, status, package, limit, offset.

GET /api/v1/vulnerabilities/{id}

Full incident detail including analysis and IOCs.

GET /api/v1/packages/check?ecosystem=npm&name=axios

Flagged status for one package.

GET /api/v1/stats

Feed-level counters.

shell
curl "https://izzo-api-807549185749.us-central1.run.app/api/v1/packages/check?ecosystem=npm&name=jscrambler"

Where the data comes from

Every hour, IZZO sweeps X for reports of software supply-chain compromises — malicious package versions, maintainer account takeovers, typosquats, build-pipeline breaches. Each candidate is validated against advisories and independent sources; validated incidents get a full static teardown where we download the actual artifacts from the registry, diff them against known-good versions, and locate the payload. Nothing is ever executed.

Incidents carry a status — confirmed, suspicious, validated, unconfirmed — and a confidence score. Treat anything below confirmed as early signal, not ground truth.