Every AI coding agent recommends npm / PyPI packages from training data that is 6–18 months stale. It confidently suggests deprecated libraries, outdated versions, and packages with known CVEs — because a model cannot know post-cutoff package state. freshdeps does a live lookup across the npm registry, PyPI, GitHub and the OSV vulnerability database and returns one honest verdict: alive, slowing, stale, or abandoned — plus what to use instead.
Add the MCP server so Claude / Cursor calls freshdeps before recommending a dependency:
JSON API: GET /api/verdict?ecosystem=npm&package=react