npm-registry-mcp

An MCP server for searching, inspecting, and evaluating NPM packages through health scoring and license risk assessments. It provides comprehensive package analysis including maintenance status, popularity trends, and security vulnerability reports to help users make informed dependency decisions.

→ howmanysmall/npm-registry-mcp · listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 1 concrete improvement we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/howmanysmall-npm-registry-mcp-1k3kdo)](https://m8ven.ai/mcp/howmanysmall-npm-registry-mcp-1k3kdo)

commit: 6621ef8e6bd9cd793e953bec6f569d19f5336eda

code hash: 42f245252b1934896b824d7b27114cfcb3d82c94c66f83d7b9df3fae6a11d156

verified: 4/11/2026, 2:43:34 PM

view raw JSON →