Socket MCP for Claude Desktop
Socket MCP is available in Claude Desktop's official Extensions directory:

Step-by-step instructions:
- Open Claude Desktop: Navigate to Settings > Extensions > Browse extensions to access the Extensions directory
- Find Socket MCP: Look for "Socket MCP" in the list of available Desktop Extensions
- Click "Install:" Claude will display the extension's capabilities/tools and request confirmation
- Enter Socket API key: You need a Socket API key to use Socket MCP. You can create one following the instructions here.
- Start using Socket MCP: Example: "Check the security of react"
Using Socket MCP
Understanding Security Scores
Socket provides scores from 0 to 100 for each security dimension. While there are no official thresholds, scores between 90 and 100 indicate a strong security profile. Scores from 70 to 80 suggest minor concerns but are generally acceptable. When scores fall between 50 and 60, you should review the package carefully before using it. Anything below 50 warrants looking for alternatives. Your acceptable thresholds may vary based on project requirements.
Practical Examples
Checking a new dependency:

Evaluating packages with issues:

Customizing Your Workflow
Setting Claude Rules
Add rules to Claude (Settings > Profile > personal preferences) for automatic security checks:
# Security Checks
When I mention adding a dependency or generating code that has new dependencies:
1. Check their security score with Socket MCP
2. Alert me if any score is below 0.8
3. Suggest alternatives for low-scoring packages
When reviewing code:
- Scan imports and required packages
- Flag packages with vulnerability scores below 0.9
Updated 1 day ago