npm-mcp

config

List all npm configuration or get a specific key's value. Read-only operation ensures safe configuration inspection.

Instructions

View npm configuration (read-only for safety)

Input Schema

TableJSON Schema

Name	Required	Description	Default
`action`	Yes	Action: list (show all config), get (get specific key)
`key`	No	Config key to get (required for get action)

Implementation Reference

src/index.ts:939-953 (handler)

The handler function that executes the 'config' tool logic. It builds npm config args (list/get), runs the npm command, and returns the output.

  async ({ action, key }) => {
    const args = ["config", action];
    if (action === "get" && key) args.push(key);
    if (action === "list") args.push("--json");
    try {
      const { stdout } = await run(args);
      return { content: [{ type: "text", text: stdout }] };
    } catch (e: any) {
      return {
        content: [{ type: "text", text: `Error: ${e.stderr || e.message}` }],
        isError: true,
      };
    }
  },
);

src/index.ts:935-937 (schema)

Zod schema defining the 'config' tool inputs: action (enum list/get) and optional key.

{
  action: z.enum(["list", "get"]).describe("Action: list (show all config), get (get specific key)"),
  key: z.string().optional().describe("Config key to get (required for get action)"),

src/index.ts:932-953 (registration)

Primary registration of the 'config' tool on the main MCP server using server.tool().

server.tool(
  "config",
  "View npm configuration (read-only for safety)",
  {
    action: z.enum(["list", "get"]).describe("Action: list (show all config), get (get specific key)"),
    key: z.string().optional().describe("Config key to get (required for get action)"),
  },
  async ({ action, key }) => {
    const args = ["config", action];
    if (action === "get" && key) args.push(key);
    if (action === "list") args.push("--json");
    try {
      const { stdout } = await run(args);
      return { content: [{ type: "text", text: stdout }] };
    } catch (e: any) {
      return {
        content: [{ type: "text", text: `Error: ${e.stderr || e.message}` }],
        isError: true,
      };
    }
  },
);

src/index.ts:26-38 (helper)

The 'run' helper function used by the config handler to execute npm commands via execFile.

async function run(
  args: string[],
  cwd?: string,
): Promise<{ stdout: string; stderr: string }> {
  const fullArgs = [...args, ...npmrcArgs];
  const opts: { cwd?: string; timeout: number; env: NodeJS.ProcessEnv; maxBuffer: number } = {
    timeout: 120_000,
    maxBuffer: 10 * 1024 * 1024, // 10MB buffer for large outputs
    env: { ...process.env, NO_COLOR: "1" },
  };
  if (cwd) opts.cwd = cwd;
  return exec(NPM, fullArgs, opts);
}

src/index.ts:1396-1399 (registration)

Secondary registration of the 'config' tool in a sandbox environment (noop handler, likely for testing/preview).

sandbox.tool("config", "View npm configuration", {
  action: z.enum(["list", "get"]).describe("Action"),
  key: z.string().optional().describe("Config key to get"),
}, noop);

Tool Definition Quality

A3.5/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

States read-only for safety, disclosing non-destructive behavior. Lacks details on scope (current config vs. defaults) or potential side effects (none expected).

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Single sentence, no wasted words. Purpose and key constraint front-loaded.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a simple config viewer, description is adequate but misses details on output format for list and get actions, and no explanation of how it relates to npm config CLI.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, with clear parameter descriptions. Description adds no extra meaning beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

Description clearly states it views npm configuration and specifies read-only. It distinguishes from siblings like install or publish, but does not explicitly differentiate from other config-related tools like access.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Implies read-only usage, so agent knows not to use for modifications. No explicit when-to-use or alternatives provided.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/mikusnuz/npm-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server