Skip to main content
Glama
deenesjakoruzh

NPM Sentinel MCP

by Nekzus
npmGitHub
TypeScript
MIT License
183
8
  • Apple
  • Linux
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

NPM Sentinel MCP

Github Workflow npm-version npm-month npm-total smithery badge Ask DeepWiki Donate

A powerful Model Context Protocol (MCP) server that revolutionizes NPM package analysis through AI. Built to integrate with Claude and Anthropic AI, it provides real-time intelligence on package security, dependencies, and performance. This MCP server delivers instant insights and smart analysis to safeguard and optimize your npm ecosystem, making package management decisions faster and safer for modern development workflows.

Features

  • Version analysis and tracking

  • Dependency analysis and mapping

  • Security vulnerability scanning

  • Package quality metrics

  • Download trends and statistics

  • TypeScript support verification

  • Package size analysis

  • Maintenance metrics

  • Real-time package comparisons

  • Standardized error handling and MCP response formats

  • Efficient caching for improved performance and API rate limit management

  • Rigorous schema validation and type safety using Zod

Note: The server provides AI-assisted analysis through MCP integration.

Installation

Install in VS Code

Add this to your VS Code MCP config file. See VS Code MCP docs for more info.

{ "servers": { "npm-sentinel": { "type": "stdio", "command": "npx", "args": ["-y", "@nekzus/mcp-server@latest"] } } }

Docker

Build

# Build the Docker image docker build -t nekzus/npm-sentinel-mcp .

Usage

You can run the MCP server using Docker with directory mounting to /projects:

{ "mcpServers": { "npm-sentinel-mcp": { "command": "docker", "args": [ "run", "-i", "--rm", "-w", "/projects", "--mount", "type=bind,src=${PWD},dst=/projects", "nekzus/npm-sentinel-mcp", "node", "dist/index.js" ] } } }

For multiple directories:

{ "mcpServers": { "npm-sentinel-mcp": { "command": "docker", "args": [ "run", "-i", "--rm", "-w", "/projects", "--mount", "type=bind,src=/path/to/workspace,dst=/projects/workspace", "--mount", "type=bind,src=/path/to/other/dir,dst=/projects/other/dir,ro", "nekzus/npm-sentinel-mcp", "node", "dist/index.js" ] } } }

Note: All mounted directories must be under /projects for proper access.

Usage with Claude Desktop

Add this to your claude_desktop_config.json:

{ "mcpServers": { "npmsentinel": { "command": "npx", "args": ["-y", "@nekzus/mcp-server@latest"] } } }

Configuration file locations:

  • Windows: %APPDATA%\Claude\claude_desktop_config.json

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json

  • Linux: (Claude for Desktop does not officially support Linux at this time)

NPX

{ "mcpServers": { "npm-sentinel-mcp": { "command": "npx", "args": [ "-y", "@nekzus/mcp-server@latest" ] } } }

API

The server exposes its tools via the Model Context Protocol. All tools adhere to a standardized response format:

{ "content": [ { "type": "text", "text": "string", "isError": boolean // Optional } // ... more content items if necessary ] }

Resources

  • npm://registry: NPM Registry interface

  • npm://security: Security analysis interface

  • npm://metrics: Package metrics interface

Server Resources

The server also provides the following informational resources accessible via MCP GetResource requests:

  • doc://server/readme:

    • Description: Retrieves the main README.md file content for this NPM Sentinel MCP server.

    • MIME Type: text/markdown

  • doc://mcp/specification:

    • Description: Retrieves the llms-full.txt content, providing the comprehensive Model Context Protocol specification.

    • MIME Type: text/plain

Tools

npmVersions

  • Get all versions of a package

  • Input: packages (string[])

  • Returns: Version history with release dates

npmLatest

  • Get latest version information

  • Input: packages (string[])

  • Returns: Latest version details and changelog

npmDeps

  • Analyze package dependencies

  • Input: packages (string[])

  • Returns: Complete dependency tree analysis

npmTypes

  • Check TypeScript support

  • Input: packages (string[])

  • Returns: TypeScript compatibility status

npmSize

  • Analyze package size

  • Input: packages (string[])

  • Returns: Bundle size and import cost analysis

npmVulnerabilities

  • Scan for security vulnerabilities

  • Input: packages (string[])

  • Returns: Security advisories and severity ratings

npmTrends

  • Get download trends

  • Input:

    • packages (string[])

    • period ("last-week" | "last-month" | "last-year")

  • Returns: Download statistics over time

npmCompare

  • Compare multiple packages

  • Input: packages (string[])

  • Returns: Detailed comparison metrics

npmMaintainers

  • Get package maintainers

  • Input: packages (string[])

  • Returns: Maintainer information and activity

npmScore

  • Get package quality score

  • Input: packages (string[])

  • Returns: Comprehensive quality metrics

npmPackageReadme

  • Get package README

  • Input: packages (string[])

  • Returns: Formatted README content

npmSearch

  • Search for packages

  • Input:

    • query (string)

    • limit (number, optional)

  • Returns: Matching packages with metadata

npmLicenseCompatibility

  • Check license compatibility

  • Input: packages (string[])

  • Returns: License analysis and compatibility info

npmRepoStats

  • Get repository statistics

  • Input: packages (string[])

  • Returns: GitHub/repository metrics

npmDeprecated

  • Check for deprecation

  • Input: packages (string[])

  • Returns: Deprecation status and alternatives

npmChangelogAnalysis

  • Analyze package changelogs

  • Input: packages (string[])

  • Returns: Changelog summaries and impact analysis

npmAlternatives

  • Find package alternatives

  • Input: packages (string[])

  • Returns: Similar packages with comparisons

npmQuality

  • Assess package quality

  • Input: packages (string[])

  • Returns: Quality metrics and scores

npmMaintenance

  • Check maintenance status

  • Input: packages (string[])

  • Returns: Maintenance activity metrics

Build

# Build with npm npm install npm run build

License

This MCP server is licensed under the MIT License. This means you are free to use, modify, and distribute the software, subject to the terms and conditions of the MIT License. For more details, please see the LICENSE file in the project repository.

MIT © nekzus

Deploy Server
A
security – no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Tools

View all tools

A Model Context Protocol server that enables AI-powered analysis of NPM packages through multiple tools for security vulnerability scanning, dependency analysis, package comparison, and quality assessment.

  1. Features
    1. Installation
      1. Install in VS Code
      2. Docker
      3. Usage with Claude Desktop
      4. NPX
    2. API
      1. Resources
      2. Server Resources
      3. Tools
    3. Build
      1. License

        Related Resources

        Related MCP Servers

        • NPM Sentinel MCP

          Nekzus
          A
          security
          A
          license
          A
          quality
          A Model Context Protocol server providing utility tools for development and testing, offering functionalities like personalized greetings, random card drawing, and datetime formatting with an extensible architecture.
          Last updated -
          19
          183
          8
          MIT License
          • Apple
          • Linux

        • NPM MCP Server

          mateusribeirocampos
          A
          security
          F
          license
          A
          quality
          A Model Context Protocol server that allows AI models to fetch detailed information about npm packages and discover popular packages in the npm ecosystem.
          Last updated -
          1
          0
          1

        • CodeAnalysis MCP Server

          0xjcf
          A
          security
          F
          license
          A
          quality
          A comprehensive Model Context Protocol server for advanced code analysis that provides tools for syntax analysis, dependency visualization, and AI-assisted development workflow support.
          Last updated -
          28
          4

        • NPM Helper MCP

          pinkpixel-dev
          -
          security
          A
          license
          -
          quality
          A Model Context Protocol server that provides tools for NPM package management, including dependency searching, updates, conflict resolution, and version management to help AI assistants safely upgrade project dependencies.
          Last updated -
          22
          7
          MIT License
          • Linux
          • Apple

        View all related MCP servers

        Appeared in Searches

        New MCP Servers

        MCP directory API

        We provide all the information about MCP servers via our MCP API.

        curl -X GET 'https://glama.ai/api/mcp/v1/servers/Nekzus/npm-sentinel-mcp'

        If you have feedback or need assistance with the MCP directory API, please join our Discord server