npm Registry MCP

Search packages, check versions, audit vulnerabilities and compare libraries directly from the npm registry (no API key required)

GitHub

npm Registry MCP

An MCP (Model Context Protocol) server that gives Claude direct access to the npm registry — search packages, check versions, audit vulnerabilities, compare libraries and more, all without leaving your conversation.

License MCP Node

Why

When you're coding with Claude and need to pick a package, check if something is still maintained, or audit a dependency for vulnerabilities — you normally have to stop, switch tabs, google it, and come back. This server removes that friction entirely. Claude can query the npm registry directly, in context, mid-conversation.

Tools

ToolWhat it does
search_packagesSearch npm by keyword with quality and maintenance scores
get_package_infoFull details — license, maintainers, dependencies, size, downloads
get_package_versionsFull version history with publish dates
get_download_statsDownload counts over any period (day / week / month / year)
check_vulnerabilitiesKnown CVEs for a specific package version
compare_packagesSide-by-side comparison of two packages
get_changelogRelease notes between two versions, falls back to CHANGELOG.md
get_package_readmeFull README for any package or specific version

Example prompts

Once installed, just ask Claude naturally:

"What's the best package for parsing CSV files in Node?"
"Is moment.js still actively maintained?"
"Compare lodash and ramda"
"Are there any known vulnerabilities in axios 0.21.1?"
"What changed in express between v4 and v5?"
"How many downloads does react get per month?"
"Show me the README for the sharp package"

Installation

Prerequisites

1. Add to Claude Desktop config

Open your Claude Desktop config file:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "npm-registry": {
      "command": "npx",
      "args": ["mcp-npm-registry"]
    }
  }
}

That's it — no cloning, no building. npx handles everything automatically.

Manual install (optional)

If you prefer a global install:

npm install -g mcp-npm-registry

Then use mcp-npm-registry as the command instead of npx mcp-npm-registry.

2. Restart Claude Desktop

Fully quit and reopen Claude Desktop. You should see a tools icon confirming the server is connected.

No API key required — the npm registry is fully public.

Development

# Run in dev mode (no build step needed)
npm run dev

# Build
npm run build

The server communicates over stdio using the MCP protocol. You can test it directly:

echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' | node dist/index.js

Data sources

All data is fetched live from public APIs — no database, no cache, no rate limits on your end:

Showcase

Showcase

Roadmap

  • get_changelog — diff between two versions
  • Package README as an MCP resource
  • Publish to npm for one-line npx install

License

MIT

Related Servers