What are the requirements for npm-mcp?

npm-mcp requires the following environment variables: NPM_TOKEN (optional). You'll also need a compatible MCP client like Claude Desktop or Claude Code.

Is npm-mcp free to use?

Yes, npm-mcp is open source and free to use. You can find the source code on GitHub.

What MCP clients support npm-mcp?

npm-mcp works with any MCP-compatible client including Claude Desktop (Anthropic's official desktop app), Claude Code (CLI tool), Cursor, and other editors with MCP support.

How do I configure npm-mcp?

Configure npm-mcp by adding it to your MCP client's config file. The setup block at the top of this page generates a ready-to-paste config for Claude Code, Cursor, Codex, Windsurf, and Claude Desktop.

npm-mcp MCP Server

Q: What tools does npm-mcp provide?

publish: Publish a package to npm registry. version: Bump package version. audit: Run security audit on packages. search: Search npm registry. install: Install packages. view: View package info from registry.

Q: How do I install npm-mcp?

Install npm-mcp by running: git clone https://github.com/mikusnuz/npm-mcp.git && cd npm-mcp && npm install && npm run build

MCP server that lets AI assistants manage npm packages.

other npm package-management javascript node

README.md

English | 한국어 | 中文 | 日本語

npm-mcp

MCP server that lets AI assistants manage npm packages. Publish, version, search, audit, install, and more -- all through Claude Code or any MCP client.

When to Use

Task	Tool
"Publish this package to npm"	`publish`
"Check for outdated dependencies"	`outdated`
"Run a security audit on my packages"	`audit`
"Search npm for authentication libraries"	`search`
"Bump the version and publish"	`version` then `publish`
"Check who owns this npm package"	`owner`
"View download stats for my package"	`view`

For AI agents: See `llms.txt` for a machine-readable summary. Copy `templates/CLAUDE.md` or `templates/AGENTS.md` into your project to teach your agent about this MCP.

Why

You're in Claude Code building a library. You finish the code, and now you need to publish it. Instead of switching to a terminal:

You: publish this package to npm with public access
Claude: [calls publish tool] Published @yourorg/lib@1.0.0 successfully

That's it. No context switching.

Setup

1. Install

git clone https://github.com/mikusnuz/npm-mcp.git
cd npm-mcp
npm install
npm run build

2. Get npm token

Go to npmjs.com > Account > Access Tokens > Generate New Token (Automation type recommended).

3. Add to Claude Code

Edit ~/.claude/settings.json:

{
  "mcpServers": {
    "npm-mcp": {
      "command": "node",
      "args": ["/path/to/npm-mcp/dist/index.js"],
      "env": {
        "NPM_TOKEN": "npm_xxxxxxxxxxxx"
      }
    }
  }
}

Or if you've already run npm login locally, skip NPM_TOKEN -- it uses your ~/.npmrc automatically.

Tools

Publishing & Versioning

Tool	Description
`publish`	Publish a package to npm registry
`version`	Bump package version (patch/minor/major/pre*)
`unpublish`	Remove a package version
`deprecate`	Deprecate a version (or undeprecate with empty message)
`pack`	Preview what would be published

Package Info

Tool	Description
`view`	View package info from registry
`search`	Search npm registry
`bugs`	Get bug tracker URL for a package
`repo`	Get repository URL for a package
`docs`	Get documentation URL for a package
`diff`	Show diff between package versions

Dependency Management

Tool	Description
`install`	Install packages
`uninstall`	Remove packages
`update`	Update packages to latest semver-compatible version
`outdated`	Check for outdated packages
`ls`	List installed packages
`explain`	Explain why a package is installed
`dedupe`	Reduce duplication in dependency tree
`prune`	Remove extraneous packages
`fund`	Show funding info for dependencies
`query`	Query packages using CSS-like selectors

Security & Diagnostics

Tool	Description
`audit`	Run security audit (with optional auto-fix)
`sbom`	Generate Software Bill of Materials (CycloneDX/SPDX)
`doctor`	Check npm environment health
`ping`	Check registry connectivity

Configuration & Auth

Tool	Description
`whoami`	Check current authenticated user
`token`	Manage access tokens (list/revoke)
`access`	Set or view access level on packages
`owner`	Manage package owners (ls/add/rm)
`dist-tag`	Manage distribution tags (ls/add/rm)
`profile`	View or modify npm profile settings
`config`	View npm configuration (read-only)

Project Setup

Tool	Description
`init`	Initialize a new package.json
`pkg`	Manage package.json fields programmatically
`ci`	Clean install from lockfile (for CI)
`run-script`	Run scripts defined in package.json
`link`	Symlink a local package for development
`cache`	Manage the npm cache

Examples

Publish a scoped package:

publish({ path: "/home/user/my-lib", access: "public" })

Bump version and publish:

version({ path: "/home/user/my-lib", bump: "patch" })
publish({ path: "/home/user/my-lib" })

Check what's inside before publishing:

pack({ path: "/home/user/my-lib", dryRun: true })

Search for existing packages:

search({ query: "react state management", limit: 5 })

View package details:

view({ package: "@yourorg/lib", field: "versions" })

Install packages:

install({ path: "/home/user/my-app", packages: ["express", "cors"], saveDev: false })

Tools 6

publishPublish a package to npm registry

versionBump package version

auditRun security audit on packages

searchSearch npm registry

installInstall packages

viewView package info from registry

Environment Variables

NPM_TOKENnpm access token for authentication

Try it

→Publish this package to npm with public access

→Check for outdated dependencies in my current project

→Run a security audit on my packages and apply fixes

→Search npm for authentication libraries

→Bump the version to patch and publish the package

Manual setup required. The maintainer's config contains paths only you know - edit the placeholders below before adding it to Claude Code.

Prepare the server locally

Run this once before adding it to Claude Code.

git clone https://github.com/mikusnuz/npm-mcp.git
cd npm-mcp
npm install
npm run build

Register it in Claude Code

claude mcp add npm-mcp -- node /path/to/npm-mcp/dist/index.js

Replace any placeholder paths in the command with the real path on your machine.

At a glance

Repository: mikusnuz/npm-mcp ↗
Author: mikusnuz ↗
Updated: Apr 10, 2026
Published: Mar 22, 2026

Frequently Asked Questions

What are the key features of npm-mcp?

Publish and version npm packages directly from the chat interface. Perform security audits and dependency health checks. Search the npm registry for packages. Manage package installation and uninstallation. Generate Software Bill of Materials (SBOM) for projects.

What can I use npm-mcp for?

Automating the release workflow for library maintainers. Quickly auditing project dependencies for security vulnerabilities. Searching for and evaluating new packages without leaving the IDE. Managing package.json fields and scripts programmatically.

How do I install npm-mcp?

Install npm-mcp by running: git clone https://github.com/mikusnuz/npm-mcp.git && cd npm-mcp && npm install && npm run build

What MCP clients work with npm-mcp?

npm-mcp works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep npm-mcp docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Open Conare