You don't need to pay anyone for this service. GitHub and Snyk use free public vulnerability lists to check your dependencies.

There are plenty of open source alternatives such as https://github.com/RetireJS/retire.js for JavaScript.

It's absurd that companies are charging $100/mo just to run your dependency list against another public list of vulnerabilities. This service should be offered for free by GitHub.