I Asked My AI Agent About axios. It Knew Everything in 0.03ms.

I pointed an AI agent at a single npm package — axios, the HTTP client installed 55 million times per week — and asked: how risky is this? In under a millisecond, it came back with 13 known vulnerabilities correlated across CVE databases, EPSS exploitation scores, CISA KEV, public exploits, weakness classifications, and ATT&CK mappings. No API keys. No network calls. No rate limits. One local graph. Sub-millisecond. Here's what happened. The Setup VulnGraph is a vulnerability intelligence graph that pre-joins 9 authoritative sources into a single memory-mapped file. It exposes 16 tools via the Model Context Protocol (MCP) — the standard for giving AI agents access to tools. I connected it to an agent and started asking questions about axios. 13 CVEs. 7 High Severity. 0.14ms. The first call — lookup_package — returned the full vulnerability profile: CVE Severity CVSS EPSS PoCs CVE-2025-27152 HIGH 7.7 0.07% 3 CVE-2025-58754 HIGH 7.5 0.11% — CVE-2026-25639 HIGH 7.5 0.05% — CVE-2021-37