Server data from the Official MCP Registry
MCP server for npm package management — publish, version, search, audit, and more
MCP server for npm package management — publish, version, search, audit, and more
Valid MCP server (2 strong, 4 medium validity signals). 1 code issue detected. 3 known CVEs in dependencies (0 critical, 3 high severity) Package registry verified. Imported from the Official MCP Registry. Trust signals: trusted author (17/17 approved). 1 finding(s) downgraded by scanner intelligence.
3 files analyzed · 5 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: NPM_TOKEN
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-mikusnuz-npm": {
"env": {
"NPM_TOKEN": "your-npm-token-here"
},
"args": [
"-y",
"@mikusnuz/npm-mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
MCP server that lets AI assistants manage npm packages. Publish, version, search, audit, install, and more -- all through Claude Code or any MCP client.
| Task | Tool |
|---|---|
| "Publish this package to npm" | publish |
| "Check for outdated dependencies" | outdated |
| "Run a security audit on my packages" | audit |
| "Search npm for authentication libraries" | search |
| "Bump the version and publish" | version then publish |
| "Check who owns this npm package" | owner |
| "View download stats for my package" | view |
For AI agents: See
llms.txtfor a machine-readable summary. Copytemplates/CLAUDE.mdortemplates/AGENTS.mdinto your project to teach your agent about this MCP.
You're in Claude Code building a library. You finish the code, and now you need to publish it. Instead of switching to a terminal:
You: publish this package to npm with public access
Claude: [calls publish tool] Published @yourorg/lib@1.0.0 successfully
That's it. No context switching.
git clone https://github.com/mikusnuz/npm-mcp.git
cd npm-mcp
npm install
npm run build
Go to npmjs.com > Account > Access Tokens > Generate New Token (Automation type recommended).
Edit ~/.claude/settings.json:
{
"mcpServers": {
"npm-mcp": {
"command": "node",
"args": ["/path/to/npm-mcp/dist/index.js"],
"env": {
"NPM_TOKEN": "npm_xxxxxxxxxxxx"
}
}
}
}
Or if you've already run npm login locally, skip NPM_TOKEN -- it uses your ~/.npmrc automatically.
| Tool | Description |
|---|---|
publish | Publish a package to npm registry |
version | Bump package version (patch/minor/major/pre*) |
unpublish | Remove a package version |
deprecate | Deprecate a version (or undeprecate with empty message) |
pack | Preview what would be published |
| Tool | Description |
|---|---|
view | View package info from registry |
search | Search npm registry |
bugs | Get bug tracker URL for a package |
repo | Get repository URL for a package |
docs | Get documentation URL for a package |
diff | Show diff between package versions |
| Tool | Description |
|---|---|
install | Install packages |
uninstall | Remove packages |
update | Update packages to latest semver-compatible version |
outdated | Check for outdated packages |
ls | List installed packages |
explain | Explain why a package is installed |
dedupe | Reduce duplication in dependency tree |
prune | Remove extraneous packages |
fund | Show funding info for dependencies |
query | Query packages using CSS-like selectors |
| Tool | Description |
|---|---|
audit | Run security audit (with optional auto-fix) |
sbom | Generate Software Bill of Materials (CycloneDX/SPDX) |
doctor | Check npm environment health |
ping | Check registry connectivity |
| Tool | Description |
|---|---|
whoami | Check current authenticated user |
token | Manage access tokens (list/revoke) |
access | Set or view access level on packages |
owner | Manage package owners (ls/add/rm) |
dist-tag | Manage distribution tags (ls/add/rm) |
profile | View or modify npm profile settings |
config | View npm configuration (read-only) |
| Tool | Description |
|---|---|
init | Initialize a new package.json |
pkg | Manage package.json fields programmatically |
ci | Clean install from lockfile (for CI) |
run-script | Run scripts defined in package.json |
link | Symlink a local package for development |
cache | Manage the npm cache |
Publish a scoped package:
publish({ path: "/home/user/my-lib", access: "public" })
Bump version and publish:
version({ path: "/home/user/my-lib", bump: "patch" })
publish({ path: "/home/user/my-lib" })
Check what's inside before publishing:
pack({ path: "/home/user/my-lib", dryRun: true })
Search for existing packages:
search({ query: "react state management", limit: 5 })
View package details:
view({ package: "@yourorg/lib", field: "versions" })
Install packages:
install({ path: "/home/user/my-app", packages: ["express", "cors"], saveDev: false })
Check outdated dependencies:
outdated({ path: "/home/user/my-app" })
Compare versions:
diff({ specs: ["lodash@4.17.20", "lodash@4.17.21"] })
Generate SBOM:
sbom({ path: "/home/user/my-app", format: "spdx", production: true })
Query dependencies:
query({ path: "/home/user/my-app", selector: ":root > .prod" })
| Method | How |
|---|---|
| NPM_TOKEN (recommended) | Set NPM_TOKEN env var in MCP config. Get token from npmjs.com > Access Tokens |
| npm login | Run npm login in terminal first. Token saved in ~/.npmrc is used automatically |
For 2FA-enabled accounts, pass otp parameter to publish/unpublish/deprecate/owner/access/token tools.
| Variable | Default | Description |
|---|---|---|
NPM_TOKEN | -- | npm authentication token |
NPM_PATH | npm | Path to npm binary (if not in PATH) |
MIT
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
by Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
by mcp-marketplace · Developer Tools
Scaffold, build, and publish TypeScript MCP servers to npm — conversationally
by mcp-marketplace · Finance
Free stock data and market news for any MCP-compatible AI assistant.