`query_by_commit`

Pack: osv · Endpoint: https://gateway.pipeworx.io/osv/mcp

Find vulnerabilities affecting a specific source-repository git commit via OSV.dev. Useful when you have a pinned commit hash rather than a released version. Returns the same compact vuln summary array. Keyless.

Parameters

Name	Type	Required	Description
`commit`	string	yes	A git commit hash, e.g. “6879efc2c1596d11a6a6ad296f80063b558d5e0f”.

Example call

curl -X POST https://gateway.pipeworx.io/osv/mcp \
  -H 'Content-Type: application/json' \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"query_by_commit","arguments":{}}}'

Connect

Add this to your MCP client config, or use one-click install buttons:

{
  "mcpServers": {
    "osv": {
      "url": "https://gateway.pipeworx.io/osv/mcp"
    }
  }
}

See Getting Started for client-specific install steps.

query_by_commit

Parameters

Example call

Connect

Was this helpful?

`query_by_commit`