remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Integrations

Provides repository statistics and metrics for NPM packages hosted on GitHub
Offers comprehensive NPM package analysis including version tracking, dependency mapping, security scanning, and quality metrics
Verifies TypeScript support and compatibility for NPM packages

NPM Sentinel MCP

A powerful Model Context Protocol (MCP) server that revolutionizes NPM package analysis through AI. Built to integrate with Claude and Anthropic AI, it provides real-time intelligence on package security, dependencies, and performance. This MCP server delivers instant insights and smart analysis to safeguard and optimize your npm ecosystem, making package management decisions faster and safer for modern development workflows.

Features

Version analysis and tracking
Dependency analysis and mapping
Security vulnerability scanning
Package quality metrics
Download trends and statistics
TypeScript support verification
Package size analysis
Maintenance metrics
Real-time package comparisons

Note: The server provides AI-assisted analysis through MCP integration.

API

Resources

npm://registry: NPM Registry interface
npm://security: Security analysis interface
npm://metrics: Package metrics interface

Tools

npmVersions

Get all versions of a package
Input: packages (string[])
Returns: Version history with release dates

npmLatest

Get latest version information
Input: packages (string[])
Returns: Latest version details and changelog

npmDeps

Analyze package dependencies
Input: packages (string[])
Returns: Complete dependency tree analysis

npmTypes

Check TypeScript support
Input: packages (string[])
Returns: TypeScript compatibility status

npmSize

Analyze package size
Input: packages (string[])
Returns: Bundle size and import cost analysis

npmVulnerabilities

Scan for security vulnerabilities
Input: packages (string[])
Returns: Security advisories and severity ratings

npmTrends

Get download trends
Input:
- packages (string[])
- period ("last-week" | "last-month" | "last-year")
Returns: Download statistics over time

npmCompare

Compare multiple packages
Input: packages (string[])
Returns: Detailed comparison metrics

npmMaintainers

Get package maintainers
Input: packages (string[])
Returns: Maintainer information and activity

npmScore

Get package quality score
Input: packages (string[])
Returns: Comprehensive quality metrics

npmPackageReadme

Get package README
Input: packages (string[])
Returns: Formatted README content

npmSearch

Search for packages
Input:
- query (string)
- limit (number, optional)
Returns: Matching packages with metadata

npmLicenseCompatibility

Check license compatibility
Input: packages (string[])
Returns: License analysis and compatibility info

npmRepoStats

Get repository statistics
Input: packages (string[])
Returns: GitHub/repository metrics

npmDeprecated

Check for deprecation
Input: packages (string[])
Returns: Deprecation status and alternatives

npmChangelogAnalysis

Analyze package changelogs
Input: packages (string[])
Returns: Changelog summaries and impact analysis

npmAlternatives

Find package alternatives
Input: packages (string[])
Returns: Similar packages with comparisons

npmQuality

Assess package quality
Input: packages (string[])
Returns: Quality metrics and scores

npmMaintenance

Check maintenance status
Input: packages (string[])
Returns: Maintenance activity metrics

Docker

Build

# Build the Docker image
docker build -t nekzus/npm-sentinel-mcp .

Usage

You can run the MCP server using Docker with directory mounting to /projects:

{
  "mcpServers": {
    "npm-sentinel-mcp": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-w", "/projects",
        "--mount", "type=bind,src=${PWD},dst=/projects",
        "nekzus/npm-sentinel-mcp",
        "node",
        "dist/index.js"
      ]
    }
  }
}

For multiple directories:

{
  "mcpServers": {
    "npm-sentinel-mcp": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-w", "/projects",
        "--mount", "type=bind,src=/path/to/workspace,dst=/projects/workspace",
        "--mount", "type=bind,src=/path/to/other/dir,dst=/projects/other/dir,ro",
        "nekzus/npm-sentinel-mcp",
        "node",
        "dist/index.js"
      ]
    }
  }
}

Note: All mounted directories must be under /projects for proper access.

Usage with Claude Desktop

Add this to your claude_desktop_config.json:

{
  "mcpServers": {
    "npmAnalyzer": {
      "transport": "stdio",
      "command": "npx",
      "args": ["-y", "@nekzus/mcp-server"]
    }
  }
}

Configuration file locations:

Windows: %APPDATA%/claude-desktop/claude_desktop_config.json
macOS: ~/Library/Application Support/claude-desktop/claude_desktop_config.json
Linux: ~/.config/claude-desktop/claude_desktop_config.json

NPX

{
  "mcpServers": {
    "npm-sentinel-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "@nekzus/mcp-server"
      ]
    }
  }
}

Build

# Build with npm
npm install
npm run build

License

This MCP server is licensed under the MIT License. This means you are free to use, modify, and distribute the software, subject to the terms and conditions of the MIT License. For more details, please see the LICENSE file in the project repository.

MIT © nekzus

You must be authenticated.

A

security – no known vulnerabilities

A

license - permissive license

A

quality - confirmed to work

Tools

View all tools

A Model Context Protocol server that enables AI-powered analysis of NPM packages through multiple tools for security vulnerability scanning, dependency analysis, package comparison, and quality assessment.

Appeared in Searches

A server for searching NuGet packages using the MCP server