NPM Sentinel MCP

MIT License
167
2
  • Apple
  • Linux

Integrations

  • Provides integration with GitHub workflows for continuous integration and deployment of the MCP server

  • Enables distribution and installation of the MCP server as an npm package, with tracking of downloads and usage

  • Offers donation capabilities through PayPal for supporting the development of the MCP server

NPM Sentinel MCP

A powerful Model Context Protocol (MCP) server that revolutionizes NPM package analysis through AI. Built to integrate with Claude and Anthropic AI, it provides real-time intelligence on package security, dependencies, and performance. This MCP server delivers instant insights and smart analysis to safeguard and optimize your npm ecosystem, making package management decisions faster and safer for modern development workflows.

Features

  • Version analysis and tracking
  • Dependency analysis and mapping
  • Security vulnerability scanning
  • Package quality metrics
  • Download trends and statistics
  • TypeScript support verification
  • Package size analysis
  • Maintenance metrics
  • Real-time package comparisons

Note: The server provides AI-assisted analysis through MCP integration.

Installation

Install in VS Code

Add this to your VS Code MCP config file. See VS Code MCP docs for more info.

{ "servers": { "npm-sentinel": { "type": "stdio", "command": "npx", "args": ["-y", "@nekzus/mcp-server@latest"] } } }

Docker

Build
# Build the Docker image docker build -t nekzus/npm-sentinel-mcp .
Usage

You can run the MCP server using Docker with directory mounting to /projects:

{ "mcpServers": { "npm-sentinel-mcp": { "command": "docker", "args": [ "run", "-i", "--rm", "-w", "/projects", "--mount", "type=bind,src=${PWD},dst=/projects", "nekzus/npm-sentinel-mcp", "node", "dist/index.js" ] } } }

For multiple directories:

{ "mcpServers": { "npm-sentinel-mcp": { "command": "docker", "args": [ "run", "-i", "--rm", "-w", "/projects", "--mount", "type=bind,src=/path/to/workspace,dst=/projects/workspace", "--mount", "type=bind,src=/path/to/other/dir,dst=/projects/other/dir,ro", "nekzus/npm-sentinel-mcp", "node", "dist/index.js" ] } } }

Note: All mounted directories must be under /projects for proper access.

Usage with Claude Desktop

Add this to your claude_desktop_config.json:

{ "mcpServers": { "npmAnalyzer": { "transport": "stdio", "command": "npx", "args": ["-y", "@nekzus/mcp-server"] } } }

Configuration file locations:

  • Windows: %APPDATA%/claude-desktop/claude_desktop_config.json
  • macOS: ~/Library/Application Support/claude-desktop/claude_desktop_config.json
  • Linux: ~/.config/claude-desktop/claude_desktop_config.json

NPX

{ "mcpServers": { "npm-sentinel-mcp": { "command": "npx", "args": [ "-y", "@nekzus/mcp-server" ] } } }

API

Resources

  • npm://registry: NPM Registry interface
  • npm://security: Security analysis interface
  • npm://metrics: Package metrics interface

Tools

npmVersions
  • Get all versions of a package
  • Input: packages (string[])
  • Returns: Version history with release dates
npmLatest
  • Get latest version information
  • Input: packages (string[])
  • Returns: Latest version details and changelog
npmDeps
  • Analyze package dependencies
  • Input: packages (string[])
  • Returns: Complete dependency tree analysis
npmTypes
  • Check TypeScript support
  • Input: packages (string[])
  • Returns: TypeScript compatibility status
npmSize
  • Analyze package size
  • Input: packages (string[])
  • Returns: Bundle size and import cost analysis
npmVulnerabilities
  • Scan for security vulnerabilities
  • Input: packages (string[])
  • Returns: Security advisories and severity ratings
  • Get download trends
  • Input:
    • packages (string[])
    • period ("last-week" | "last-month" | "last-year")
  • Returns: Download statistics over time
npmCompare
  • Compare multiple packages
  • Input: packages (string[])
  • Returns: Detailed comparison metrics
npmMaintainers
  • Get package maintainers
  • Input: packages (string[])
  • Returns: Maintainer information and activity
npmScore
  • Get package quality score
  • Input: packages (string[])
  • Returns: Comprehensive quality metrics
npmPackageReadme
  • Get package README
  • Input: packages (string[])
  • Returns: Formatted README content
  • Search for packages
  • Input:
    • query (string)
    • limit (number, optional)
  • Returns: Matching packages with metadata
npmLicenseCompatibility
  • Check license compatibility
  • Input: packages (string[])
  • Returns: License analysis and compatibility info
npmRepoStats
  • Get repository statistics
  • Input: packages (string[])
  • Returns: GitHub/repository metrics
npmDeprecated
  • Check for deprecation
  • Input: packages (string[])
  • Returns: Deprecation status and alternatives
npmChangelogAnalysis
  • Analyze package changelogs
  • Input: packages (string[])
  • Returns: Changelog summaries and impact analysis
npmAlternatives
  • Find package alternatives
  • Input: packages (string[])
  • Returns: Similar packages with comparisons
npmQuality
  • Assess package quality
  • Input: packages (string[])
  • Returns: Quality metrics and scores
npmMaintenance
  • Check maintenance status
  • Input: packages (string[])
  • Returns: Maintenance activity metrics

Build

# Build with npm npm install npm run build

License

This MCP server is licensed under the MIT License. This means you are free to use, modify, and distribute the software, subject to the terms and conditions of the MIT License. For more details, please see the LICENSE file in the project repository.


MIT © nekzus

You must be authenticated.

A
security – no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

A powerful Model Context Protocol (MCP) server that revolutionizes NPM package analysis through AI. Built to integrate with Claude and Anthropic AI, it provides real-time intelligence on package security, dependencies, and performance. This MCP server delivers instant insights and smart analysis to safeguard and optimize your npm ecosystem, making package management decisions faster and safer for modern development workflows.

  1. Features
    1. Installation
      1. Install in VS Code
      2. Docker
      3. Usage with Claude Desktop
      4. NPX
    2. API
      1. Resources
      2. Tools
    3. Build
      1. License

        Related MCP Servers

        • A
          security
          A
          license
          A
          quality
          A Model Context Protocol server that provides tools for code modification and generation via Large Language Models, allowing users to create, modify, rewrite, and delete files using structured XML instructions.
          Last updated -
          12
          Python
          MIT License
          • Linux
          • Apple
        • A
          security
          A
          license
          A
          quality
          A Model Context Protocol server that provides tools for interacting with Gmail and Calendar APIs, enabling programmatic management of emails and calendar events.
          Last updated -
          8
          7
          JavaScript
          MIT License
          • Apple
        • -
          security
          A
          license
          -
          quality
          A demonstration server that implements the Model Context Protocol (MCP) SDK, providing tools and endpoints for server-sent events and message handling.
          Last updated -
          27
          TypeScript
          MIT License
        • -
          security
          -
          license
          -
          quality
          A simple implementation of a Model Context Protocol server that demonstrates core functionality including mathematical tools (add, subtract) and personalized greeting resources.
          Last updated -
          3
          Python
          GPL 3.0

        View all related MCP servers

        ID: gqn3yekgqe