Summary
Connects Claude to the npm registry for package intelligence without leaving your editor. Exposes search, security audits, bundle size analysis, peer dependency validation, and package comparison. The standout feature is automatic security checking: Claude scans packages for vulnerabilities before suggesting installation, no prompting needed. You also get ESM/CJS compatibility detection, TypeScript support checks, and side-by-side comparisons of alternatives. Useful when evaluating dependencies, troubleshooting version conflicts, or vetting unfamiliar packages. Ships as an npx command, so no global install required. Just wire it into your Cursor or Claude Desktop config and start asking about packages.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
NPM MCP
Model Context Protocol server for npm registry
Search packages, check security, compare versions, and validate compatibility. Use it from Cursor AI or Claude Desktop.
Note: This is an unofficial, community-driven MCP server and is not affiliated with or endorsed by npm, Inc.
Features
- Auto-Security — AI automatically checks packages before suggesting install (no user action!)
- Capabilities Analysis — ESM/CJS, TypeScript, Platform support (Node/Browser/Deno), Build tools
- Quick Start Generator — Ready-to-use code examples for any package
- Package Comparison — Compare alternatives side-by-side (features, size, popularity)
- Bundle Size Analysis — Minified/gzipped sizes, tree-shaking, impact on your bundle
- Similar Packages — Find alternatives and similar packages
- Search — Find packages with ranking and scores
- Details — Versions, dependencies, download stats, deprecation status
- Security — Vulnerability check and safe version tips
- Compatibility — Peer dependency and version conflicts
- Quality — Maintenance and community metrics
- Version compare — Breaking changes and semver
- NPX check — Validate npx commands before running
Install & use
With npx (recommended)
No global install. Add to Cursor or Claude config:
Cursor — ~/.cursor/mcp.json:
{
"mcpServers": {
"npm-registry-mcp": {
"command": "npx",
"args": ["@alisaitteke/npm-mcp"]
}
}
}
Claude Desktop — ~/Library/Application Support/Claude/claude_desktop_config.json (macOS):
{
"mcpServers": {
"npm-registry-mcp": {
"command": "npx",
"args": ["@alisaitteke/npm-mcp"]
}
}
}
Global install (optional)
npm install -g @alisaitteke/npm-mcp
Then use "command": "npm-mcp" (no args) in the config above.
What you can ask
Once the server is connected, you can ask things like:
- “Search for React state management libraries”
- “Security audit for express@4.18”
- “Is lodash@4.17 compatible with my current deps?”
- “Compare React 17 and 18”
- “Quality check for date-fns”
- “Is it safe to run npx create-next-app?”
License
MIT
Contributors
Ali Sait Teke Creator & Maintainer |
Thanks to everyone who helps improve this project!
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Categories
Registryactive
Package@alisaitteke/npm-mcp
TransportSTDIO
UpdatedJan 29, 2026
