npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@bitofacoder/mcpaudit

v0.1.1

Published

Security scanner for your installed MCP servers. Finds shell-exec tools, plaintext secrets, and unpinned supply chains across Claude Desktop, Claude Code, Cursor, and Windsurf configs.

Readme

mcpaudit 🔍

A security scanner for the MCP servers you've already installed.

MCP servers run with your privileges — they can shell out, write files, and hold your API tokens. Most people wire up a handful from random repos and never look back. mcpaudit reads your existing client configs and tells you, in one command, where the risk is.

npm version License: MIT Model Context Protocol

Quick start

No install required:

npx @bitofacoder/mcpaudit

It auto-discovers configs for Claude Desktop, Claude Code, Cursor, and Windsurf, then prints a severity-ranked report.

  mcpaudit  security scan of your MCP servers

  Scanned 2 config file(s), 5 server(s):
    • ~/Library/Application Support/Claude/claude_desktop_config.json
    • ~/.cursor/mcp.json

   HIGH  github (Claude Desktop)
        Secret "GITHUB_TOKEN" is stored in plaintext in the config file.
        Anyone with read access to this file can read the credential...
        rule: plaintext-secret

   MED   scraper (Cursor)
        Server runs @latest — it can change code on every launch without review.
        rule: unpinned-package

  Summary: 1 high, 1 medium

What it checks

Static (default — reads configs only, launches nothing):

| Rule | Severity | Catches | | --- | --- | --- | | plaintext-secret | high | API tokens / keys / passwords stored in the config file | | insecure-transport | high | Remote servers over plaintext http:// | | unpinned-package | medium | npx/uvx servers on @latest or with no pinned version | | shell-wrapped-launch | medium | Servers launched through bash -c / sh -c | | remote-server | info | Remote servers that receive your context off-machine |

Deep (--deep — actually launches each stdio server and lists its tools):

| Rule | Severity | Catches | | --- | --- | --- | | dangerous-tool | high | Tools that can run shell commands, write/delete files, or eval code |

Usage

npx @bitofacoder/mcpaudit                       # static scan of all discovered configs
npx @bitofacoder/mcpaudit --deep                # also launch each server and audit its tools
npx @bitofacoder/mcpaudit --config ./mcp.json   # audit an extra config file (repeatable)
npx @bitofacoder/mcpaudit --json                # machine-readable output
npx @bitofacoder/mcpaudit --fail-on-high        # exit 1 if any high-severity issue (for CI)

In CI

Gate a repo's MCP config on every push:

- run: npx -y @bitofacoder/mcpaudit --config .mcp.json --fail-on-high

Why deep scan matters

A config tells you what's installed; only the running server tells you what it can do. --deep connects to each stdio server over the MCP protocol, lists its real tools, and flags the ones that can act on your host (exec, write_file, eval, …).

A well-designed server keeps those behind an explicit opt-in. For example, omni-mcp-server hides its shell-exec and file-write tools unless you set OMNI_AGENT_MODE=true — so mcpaudit --deep reports it clean by default, and flags it only once you've turned the dangerous tools on. That's the pattern to look for.

Privacy

mcpaudit runs entirely locally. It reads your config files and (with --deep) launches servers on your own machine. Nothing is sent anywhere. It never prints secret values — only the names of the keys that are stored in plaintext.

Contributing

New rules are welcome — each one is a small function in src/rules.ts. Good candidates: known-malicious package denylist, over-broad filesystem roots, tool-description prompt-injection patterns. Open an issue to discuss bigger checks.

License

MIT — see LICENSE.