npm Registry MCP
Search packages, check versions, audit vulnerabilities and compare libraries directly from the npm registry (no API key required)
npm Registry MCP
An MCP (Model Context Protocol) server that gives Claude direct access to the npm registry — search packages, check versions, audit vulnerabilities, compare libraries and more, all without leaving your conversation.
Why
When you're coding with Claude and need to pick a package, check if something is still maintained, or audit a dependency for vulnerabilities — you normally have to stop, switch tabs, google it, and come back. This server removes that friction entirely. Claude can query the npm registry directly, in context, mid-conversation.
Tools
| Tool | What it does |
|---|---|
search_packages | Search npm by keyword with quality and maintenance scores |
get_package_info | Full details — license, maintainers, dependencies, size, downloads |
get_package_versions | Full version history with publish dates |
get_download_stats | Download counts over any period (day / week / month / year) |
check_vulnerabilities | Known CVEs for a specific package version |
compare_packages | Side-by-side comparison of two packages |
get_changelog | Release notes between two versions, falls back to CHANGELOG.md |
get_package_readme | Full README for any package or specific version |
Example prompts
Once installed, just ask Claude naturally:
"What's the best package for parsing CSV files in Node?"
"Is moment.js still actively maintained?"
"Compare lodash and ramda"
"Are there any known vulnerabilities in axios 0.21.1?"
"What changed in express between v4 and v5?"
"How many downloads does react get per month?"
"Show me the README for the sharp package"
Installation
Prerequisites
- Node.js v18 or higher
- Claude Desktop
1. Add to Claude Desktop config
Open your Claude Desktop config file:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"npm-registry": {
"command": "npx",
"args": ["mcp-npm-registry"]
}
}
}
That's it — no cloning, no building. npx handles everything automatically.
Manual install (optional)
If you prefer a global install:
npm install -g mcp-npm-registry
Then use mcp-npm-registry as the command instead of npx mcp-npm-registry.
2. Restart Claude Desktop
Fully quit and reopen Claude Desktop. You should see a tools icon confirming the server is connected.
No API key required — the npm registry is fully public.
Development
# Run in dev mode (no build step needed)
npm run dev
# Build
npm run build
The server communicates over stdio using the MCP protocol. You can test it directly:
echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' | node dist/index.js
Data sources
All data is fetched live from public APIs — no database, no cache, no rate limits on your end:
- registry.npmjs.org — package metadata and versions
- api.npmjs.org — download statistics
- api.npms.io — quality, maintenance and popularity scores
- registry.npmjs.org/-/npm/v1/security/advisories — vulnerability data
Showcase
Roadmap
-
get_changelog— diff between two versions - Package README as an MCP resource
- Publish to npm for one-line
npxinstall
License
MIT
Related Servers
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
WireMCP
Empowers LLMs with real-time network traffic analysis using tshark. Requires Wireshark's tshark to be installed.
Remote MCP Server (Authless)
An example of a remote MCP server deployable on Cloudflare Workers without authentication.
MCP Java Bridge
A bridge for the MCP Java SDK that enables TCP transport support while maintaining stdio compatibility for clients.
Codebase MCP Server
An intelligent codebase search engine that transforms local codebases into a natural language queryable knowledge base.
JSONPlaceholder
A free public REST API for testing and prototyping, powered by JSONPlaceholder.
Teleprompter
A server for managing and reusing prompts with Large Language Models (LLMs).
DevBrain
Finds relevant code snippets, developer articles, and blog posts based on your queries.
SonarCloud
Fetch SonarCloud issues related to pull requests.
MCPilot
A FastAPI-based gateway for the Model Context Protocol (MCP) designed to unify and scale AI toolchains.
AgentMode
An all-in-one MCP server for developers, connecting coding AI to databases, data warehouses, data pipelines, and cloud services.