Connects Claude to the NPM registry for deep package analysis and security scanning. Exposes tools for version tracking, dependency mapping, quality metrics, download stats, and TypeScript support checks. The security scanning is recursive, following the full dependency tree with ecosystem awareness for frameworks like React. Input validation blocks path traversal and injection attacks. Includes smart caching that auto-invalidates when your lock files change, with manual cache bypass available. Works over stdio or HTTP streamable transport. Useful when you're evaluating packages, auditing dependencies, or need AI-assisted insights on what's safe to install before you commit to adding it to your project.
claude mcp add --transport stdio nekzus-npm-sentinel-mcp uvx npm-sentinel-mcp