---
title: "cve-mcp-server vs agents"
type: "comparison"
canonical_url: "https://www.graphcanon.com/compare/mukul975-cve-mcp-server-vs-wshobson-agents"
tools: ["mukul975-cve-mcp-server", "wshobson-agents"]
---

# cve-mcp-server vs agents

*GraphCanon updated Jul 11, 2026*

## Verdict

Pick cve-mcp-server when license: cve-mcp-server is Apache-2.0, agents is MIT; pick agents when license: agents is MIT, cve-mcp-server is Apache-2.0.

[cve-mcp-server](https://www.mahipal.engineer/CVE-MCP-Server/) reports 1.1k GitHub stars, 176 forks, and 8 open issues, last pushed Jun 22, 2026. [agents](https://sethhobson.com) has 38k stars, 4.0k forks, and 1 open issues, last pushed Jul 8, 2026. Figures are from public GitHub metadata via [cve-mcp-server's repository](https://github.com/mukul975/cve-mcp-server) and [agents's repository](https://github.com/wshobson/agents).

| | [cve-mcp-server](/tools/mukul975-cve-mcp-server.md) | [agents](/tools/wshobson-agents.md) |
| --- | --- | --- |
| Tagline | Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more. | Multi-harness agentic plugin marketplace for various AI agents |
| Stars | 1,077 | 37,779 |
| Forks | 176 | 4,050 |
| Open issues | 8 | 1 |
| Language | Python | Python |
| Adopt for | - | The agents tool is a marketplace for plugins that enhances multiple AI agents, offering integration and management capabilities across several platforms, including Claude Code, Codex CLI, Cursor, OpenCode, GitHub Copilot |
| Persona | - | - |
| Runtime | - | - |
| License | Apache-2.0 | MIT |
| Categories | Developer Tools | AI Agents, Developer Tools |

## Trust and health

_Sourced signals - not a safety guarantee. No winner column._

| | [cve-mcp-server](/tools/mukul975-cve-mcp-server.md) | [agents](/tools/wshobson-agents.md) |
| --- | --- | --- |
| Maintenance | Active (82%) | Very active (96%) |
| Days since push | 18d | 2d |
| Open issues (now) | 8 | 1 |
| Full report | [trust report](/tools/mukul975-cve-mcp-server/trust.md) | [trust report](/tools/wshobson-agents/trust.md) |

## Decision facts: agents

- **Adopt for:** The agents tool is a marketplace for plugins that enhances multiple AI agents, offering integration and management capabilities across several platforms, including Claude Code, Codex CLI, Cursor, OpenCode, GitHub Copilot

## Choose when

### Choose cve-mcp-server if…

- License: cve-mcp-server is Apache-2.0, agents is MIT.
- Tags unique to cve-mcp-server: cve, cisa-kev, claude-ai, cybersecurity.

### Choose agents if…

- License: agents is MIT, cve-mcp-server is Apache-2.0.
- Tags unique to agents: agent-skills, workflows, agentic-ai, prompt-engineering.
- Also covers AI Agents.
- You are working specifically within the ecosystems of Claude Code, Codex CLI, Cursor, OpenCode, GitHub Copilot, or Gemini CLI, as it provides tailored plugins for these environments

## When NOT to use cve-mcp-server

- Developer Tools: A gateway is overkill when you're pinned to a single provider and model.

## When NOT to use agents

- You are working solely within a niche environment that isn't one of the supported platforms (like Claude Code, Codex CLI, etc.) because it may not offer compatible plugins or extensive support
- Your project requirements do not include interoperability between multiple AI agents and you only need to leverage functionalities from a single AI agent with a robust in-built plugin ecosystem

## Common questions

### What is the difference between cve-mcp-server and agents?

cve-mcp-server: Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more.. agents: Multi-harness agentic plugin marketplace for various AI agents. See the comparison table for live GitHub stats and shared categories.

### When should I choose cve-mcp-server over agents?

Choose cve-mcp-server over agents when License: cve-mcp-server is Apache-2.0, agents is MIT; Tags unique to cve-mcp-server: cve, cisa-kev, claude-ai, cybersecurity.

### When should I choose agents over cve-mcp-server?

Choose agents over cve-mcp-server when License: agents is MIT, cve-mcp-server is Apache-2.0; Tags unique to agents: agent-skills, workflows, agentic-ai, prompt-engineering; Also covers AI Agents; You are working specifically within the ecosystems of Claude Code, Codex CLI, Cursor, OpenCode, GitHub Copilot, or Gemini CLI, as it provides tailored plugins for these environments.

### When should I avoid cve-mcp-server?

Developer Tools: A gateway is overkill when you're pinned to a single provider and model.

### When should I avoid agents?

You are working solely within a niche environment that isn't one of the supported platforms (like Claude Code, Codex CLI, etc.) because it may not offer compatible plugins or extensive support Your project requirements do not include interoperability between multiple AI agents and you only need to leverage functionalities from a single AI agent with a robust in-built plugin ecosystem

### Is cve-mcp-server or agents more popular on GitHub?

agents has more GitHub stars (37,779 vs 1,077). Stars measure visibility, not whether either tool fits your constraints.

### Are cve-mcp-server and agents open source?

Yes - both are open-source projects on GitHub (cve-mcp-server: Apache-2.0, agents: MIT).

### Where can I find alternatives to cve-mcp-server or agents?

GraphCanon lists graph-backed alternatives at [cve-mcp-server alternatives](/tools/mukul975-cve-mcp-server/alternatives) and [agents alternatives](/tools/wshobson-agents/alternatives) ([cve-mcp-server markdown twin](/tools/mukul975-cve-mcp-server/alternatives.md), [agents markdown twin](/tools/wshobson-agents/alternatives.md)), ranked by typed relationship edges rather than popularity votes.

### Is there a machine-readable version of this comparison?

Yes. The markdown twin at [this comparison](/compare/mukul975-cve-mcp-server-vs-wshobson-agents.md) mirrors this page for agents and LLM crawlers, with the same stats table and FAQ answers.

### Which is better maintained, cve-mcp-server or agents?

cve-mcp-server: Active. agents: Very active. Compare maintenance labels, days since push, and release cadence in the trust section below - stars alone do not measure maintenance.

### Where are the full trust reports for cve-mcp-server and agents?

GraphCanon publishes per-repo trust reports with dated maintenance, provenance, and scan summaries: [cve-mcp-server trust report](/tools/mukul975-cve-mcp-server/trust); [agents trust report](/tools/wshobson-agents/trust).

---

**Machine-readable endpoints**

- JSON: [`/api/graphcanon/graph?tool=mukul975-cve-mcp-server`](/api/graphcanon/graph?tool=mukul975-cve-mcp-server)
- LLM index: [/llms.txt](/llms.txt)
- Full corpus: [/llms-full.txt](/llms-full.txt)

_GraphCanon - The knowledge graph for AI development. https://www.graphcanon.com/_
