NPM Sentinel MCP

MCPOpen SourceMIT36.7

by Nekzus • Security & Privacy

An MCP server that provides AI-assisted, real-time analysis of NPM packages for security, dependencies, size, and maintenance metrics.

Example Use Cases

1
Scan npm packages for known security vulnerabilities and receive severity-rated advisories.
2
Analyze dependency trees, compare package quality metrics, and recommend safer or smaller alternatives.
3
Up-to-date package metadata (versions, changelogs, maintainers, download trends) to inform automated upgrade or auditing workflows.

Description

NPM Sentinel MCP is an AI-powered Model Context Protocol server that analyzes npm packages for vulnerabilities, dependency graphs, download trends, TypeScript support, bundle size, and maintenance quality. It integrates with Claude/Anthropic and supports both STDIO and HTTP streamable transports (Smithery.ai) for scalable, real-time streaming responses. The server offers standardized MCP tool responses, caching, schema validation with Zod, and multiple deployment options (NPX, Docker, Smithery). It's designed to speed up safe package management and provide actionable insights for developers and automated agents.