Web Research Assistant

Overview Schema Related Servers Score Discussions

package_info

Retrieve package details from npm, PyPI, crates.io, or Go modules to evaluate libraries before project integration, including version, dependencies, license, and security status.

Instructions

Look up package information from npm, PyPI, crates.io, or Go modules.

Returns version, downloads, license, dependencies, security status, and repository links.
Use this to quickly evaluate libraries before adding them to your project.

Examples:
- package_info("express", reasoning="Need web framework", registry="npm")
- package_info("requests", reasoning="HTTP client for API", registry="pypi")
- package_info("serde", reasoning="JSON serialization", registry="crates")

Input Schema

TableJSON Schema

Name	Required	Default
`name`	Yes
`reasoning`	Yes
`registry`	No	npm

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Implementation Reference

src/searxng_mcp/server.py:177-237 (handler)

The primary handler function for the 'package_info' tool, decorated with @mcp.tool(). It dispatches to the appropriate registry_client.search_* method based on the registry parameter, formats the PackageInfo result using _format_package_info, handles errors, and tracks usage.

@mcp.tool()
async def package_info(
    name: Annotated[str, "Package or module name to look up"],
    reasoning: Annotated[str, "Why you're looking up this package (required for analytics)"],
    registry: Annotated[
        Literal["npm", "pypi", "crates", "go"],
        "Package registry to search (npm, pypi, crates, go)",
    ] = "npm",
) -> str:
    """
    Look up package information from npm, PyPI, crates.io, or Go modules.

    Returns version, downloads, license, dependencies, security status, and repository links.
    Use this to quickly evaluate libraries before adding them to your project.

    Examples:
    - package_info("express", reasoning="Need web framework", registry="npm")
    - package_info("requests", reasoning="HTTP client for API", registry="pypi")
    - package_info("serde", reasoning="JSON serialization", registry="crates")
    """
    start_time = time.time()
    success = False
    error_msg = None
    result = ""

    try:
        if registry == "npm":
            info = await registry_client.search_npm(name)
        elif registry == "pypi":
            info = await registry_client.search_pypi(name)
        elif registry == "crates":
            info = await registry_client.search_crates(name)
        else:  # go
            info = await registry_client.search_go(name)

        result = clamp_text(_format_package_info(info), MAX_RESPONSE_CHARS)
        success = True
    except httpx.HTTPStatusError as exc:
        error_msg = f"HTTP {exc.response.status_code}"
        if exc.response.status_code == 404:
            result = f"Package '{name}' not found on {registry}.\n\nDouble-check the package name and try again."
        else:
            result = f"Failed to fetch {registry} package '{name}': HTTP {exc.response.status_code}"
    except Exception as exc:  # noqa: BLE001
        error_msg = str(exc)
        result = f"Failed to fetch {registry} package '{name}': {exc}"
    finally:
        # Track usage
        response_time = (time.time() - start_time) * 1000
        tracker.track_usage(
            tool_name="package_info",
            reasoning=reasoning,
            parameters={"name": name, "registry": registry},
            response_time_ms=response_time,
            success=success,
            error_message=error_msg,
            response_size=len(result.encode("utf-8")),
        )

    return result

src/searxng_mcp/server.py:138-175 (helper)

Helper function to format the PackageInfo object into a human-readable string response for the package_info tool.

def _format_package_info(info: PackageInfo) -> str:
    """Format PackageInfo into readable text response."""

    lines = [
        f"Package: {info.name} ({info.registry})",
        "─" * 50,
        f"Version: {info.version}",
    ]

    if info.license:
        lines.append(f"License: {info.license}")

    if info.downloads:
        lines.append(f"Downloads: {info.downloads}")

    lines.append(f"Last Updated: {info.last_updated}")

    if info.dependencies_count is not None:
        lines.append(f"Dependencies: {info.dependencies_count}")

    if info.security_issues > 0:
        lines.append(f"⚠️  Security Issues: {info.security_issues}")
    else:
        lines.append("Security: ✅ No known vulnerabilities")

    lines.append("")  # blank line

    if info.repository:
        lines.append(f"Repository: {info.repository}")

    if info.homepage and info.homepage != info.repository:
        lines.append(f"Homepage: {info.homepage}")

    if info.description:
        lines.append(f"\nDescription: {info.description}")

    return "\n".join(lines)

src/searxng_mcp/registry.py:13-27 (schema)

Dataclass defining the schema/structure for package metadata returned by the registry client methods used by package_info.

class PackageInfo:
    """Structured package metadata from various registries."""

    name: str
    registry: str
    version: str
    description: str
    license: str | None
    downloads: str | None
    last_updated: str
    repository: str | None
    homepage: str | None
    dependencies_count: int | None
    security_issues: int

src/searxng_mcp/registry.py:210-255 (helper)

Example backend implementation for npm registry lookup (search_npm method), called by package_info handler when registry='npm'. Similar methods exist for other registries.

async def search_npm(self, name: str) -> PackageInfo:
    """Fetch package information from npm registry."""

    url = f"https://registry.npmjs.org/{name}"

    async with httpx.AsyncClient(timeout=self.timeout, headers=self._headers) as client:
        response = await client.get(url)
        response.raise_for_status()
        data = response.json()

    latest_version = data.get("dist-tags", {}).get("latest", "unknown")
    version_data = data.get("versions", {}).get(latest_version, {})

    # Get weekly downloads from npm API
    downloads = await self._get_npm_downloads(name)

    # Parse last update time
    time_data = data.get("time", {})
    last_updated = time_data.get(latest_version) or time_data.get("modified", "unknown")
    if last_updated != "unknown":
        last_updated = self._format_time_ago(last_updated)

    repository = (
        version_data.get("repository", {}).get("url")
        if isinstance(version_data.get("repository"), dict)
        else version_data.get("repository")
    )
    if repository and repository.startswith("git+"):
        repository = repository[4:]

    dependencies = version_data.get("dependencies", {})

    return PackageInfo(
        name=name,
        registry="npm",
        version=latest_version,
        description=version_data.get("description", "No description available"),
        license=version_data.get("license", "Unknown"),
        downloads=downloads,
        last_updated=last_updated,
        repository=repository,
        homepage=version_data.get("homepage"),
        dependencies_count=len(dependencies) if dependencies else 0,
        security_issues=0,  # Would need separate npm audit API call
    )

src/searxng_mcp/server.py:177-177 (registration)
The @mcp.tool() decorator registers the package_info function as an MCP tool.
```
@mcp.tool()
```

Tool Definition Quality

A4.2/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden. It discloses the tool's behavior by listing what information is returned (version, downloads, license, etc.) and its purpose (evaluation before adding to projects), but doesn't cover potential limitations like rate limits, authentication needs, or error handling. It adds useful context beyond a minimal description.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded: the first sentence states the core purpose, the second details the return values and usage context, and the examples provide practical guidance without redundancy. Every sentence adds value, and the structure is efficient for quick comprehension.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's moderate complexity (3 parameters, no annotations, but with an output schema), the description is mostly complete. It covers purpose, usage, and parameters, and the output schema likely handles return values, so the description doesn't need to explain those. However, it could better address behavioral aspects like error cases or limitations.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate. It explains the 'registry' parameter by listing supported registries (npm, PyPI, crates, go) and provides examples that clarify usage of 'name' and 'reasoning'. However, it doesn't detail parameter constraints (e.g., format of 'name') or the default value for 'registry', leaving some gaps.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with specific verbs ('look up package information') and resources ('npm, PyPI, crates.io, or Go modules'), distinguishing it from siblings like 'package_search' (which likely searches rather than looks up specific packages) and 'compare_tech' (which likely compares rather than provides detailed info).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context for when to use this tool ('to quickly evaluate libraries before adding them to your project'), but doesn't explicitly state when not to use it or name alternatives (e.g., 'package_search' for broader searches or 'github_repo' for repository-specific details). The examples imply usage patterns without formal exclusions.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/elad12390/web-research-assistant'

If you have feedback or need assistance with the MCP directory API, please join our Discord server