npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

Iโ€™ve always been into building performant and accessible sites, but lately Iโ€™ve been taking it extremely seriously. So much so that Iโ€™ve been building a tool to help me optimize and monitor the sites that I build to make sure that Iโ€™m making an attempt to offer the best experience to those who visit them. If youโ€™re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, ๐Ÿ‘‹, Iโ€™m Ryan Hefnerย  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If youโ€™re interested in other things Iโ€™m working on, follow me on Twitter or check out the open source projects Iโ€™ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soonโ€“ish.

Open Software & Tools

This site wouldnโ€™t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you ๐Ÿ™

ยฉ 2026 โ€“ย Pkg Stats / Ryan Hefner

@mcpc-tech/code-runner-mcp

v0.1.13

Published

Run Javascript/Python code in a secure sandbox, with support for importing **any package**! ๐Ÿš€

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

yaonyanyaonyan

Keywords

Readme

Code Runner MCP

JSR npm

Let AI execute JavaScript/Python code with any package imports!

Core Value

  • Secure Sandbox: Isolated execution environment protecting your host system
  • Install-on-Demand: Dynamically import any npm/PyPI packages
  • Reduce Hallucinations: Let AI verify logic by executing code
  • Quick Validation: Test if packages meet your needs without local installation

Installation

Agent Skill โ€” skills.sh (Recommended for AI agents)

Install the bundled agent skill so your AI assistant knows how to use code-runner-mcp out of the box:

npx skills add mcpc-tech/code-runner-mcp

This installs the skill into your project's .agent/skills/ directory. Compatible with Claude Code, Cursor, Windsurf, GitHub Copilot, VS Code, and more.

JSR

deno add jsr:@mcpc/code-runner-mcp

Package: @mcpc/code-runner-mcp

npm

npm install @mcpc-tech/code-runner-mcp

Package: @mcpc-tech/code-runner-mcp

Quick Start

Option 1: Using Deno (Recommended)

{
  "mcpServers": {
    "code-runner": {
      "command": "deno",
      "args": ["run", "--allow-all", "jsr:@mcpc/code-runner-mcp/bin"],
      "env": {
        "DENO_PERMISSION_ARGS": "--allow-net",
        "NODEFS_ROOT": "/tmp",
        "NODEFS_MOUNT_POINT": "/tmp"
      },
      "transportType": "stdio"
    }
  }
}

Option 2: Using Node.js

{
  "mcpServers": {
    "code-runner": {
      "command": "npx",
      "args": [
        "-y",
        "deno",
        "run",
        "--allow-all",
        "npm:@mcpc-tech/code-runner-mcp@latest"
      ],
      "env": {
        "DENO_PERMISSION_ARGS": "--allow-net",
        "NODEFS_ROOT": "/tmp",
        "NODEFS_MOUNT_POINT": "/tmp"
      },
      "transportType": "stdio"
    }
  }
}

Note: Uses npx to install and run Deno on demand โ€” no separate Deno installation required. --experimental-wasm-stack-switching cannot be passed via NODE_OPTIONS (Node.js rejects it), but works as a direct CLI flag.

Use Cases

JavaScript/TypeScript

// Import npm packages directly to test functionality
import { z } from "npm:zod";
import { serve } from "jsr:@std/http";

const schema = z.object({ name: z.string() });
console.log(schema.parse({ name: "test" }));

Python

# Dynamically install and use Python packages
import requests
response = requests.get("https://api.github.com")
print(f"Status code: {response.status_code}")

Package Mapping

When import names differ from PyPI package names, use the packages parameter:

# sklearn -> scikit-learn, PIL -> Pillow
from sklearn.datasets import load_iris
data = load_iris()
print(data.feature_names)

Use packages: {"sklearn": "scikit-learn"}

File System Access

# Access host file system (via NODEFS_ROOT and NODEFS_MOUNT_POINT)
import os
files = os.listdir('/tmp')  # List files at the mount point
print(f"Found {len(files)} files")

Environment Variables

| Variable | Description | Default | | ------------------------------- | ------------------------------------------------------------------------------------------------------------- | ------- | | ALLOWED_TOOLS | Selectively enable tools: all, python, javascript, js, or comma-separated (e.g., python,javascript) | all | | DENO_PERMISSION_ARGS | Additional Deno permissions for JS/TS execution (e.g., --allow-net, --allow-all) | - | | NODEFS_ROOT | Host file system root directory path for Python access | - | | NODEFS_MOUNT_POINT | Mount point path in Python environment (defaults to NODEFS_ROOT) | - | | PYODIDE_PACKAGE_BASE_URL | Custom package download source for Pyodide (e.g., private mirror CDN) | - | | PYODIDE_PACKAGE_CACHE_DIR | Custom package cache directory for Pyodide packages (Pyodide v0.28.1+) | - |

Tool Selection Examples

// Enable only Python
{ "ALLOWED_TOOLS": "python" }

// Enable only JavaScript
{ "ALLOWED_TOOLS": "javascript" }

// Enable both (default)
{ "ALLOWED_TOOLS": "python,javascript" }

Security Features

  • Deno Sandbox: Strict permission control with explicit authorization
  • Pyodide WASM: WebAssembly isolated environment
  • File System Isolation: Controlled host file access

Technical Architecture

  • JavaScript/TypeScript: Powered by Deno runtime
  • Python: Powered by Pyodide WebAssembly technology
  • Package Management: Dynamic installation from npm, JSR, and PyPI

Issues & Feedback: GitHub Issues
Repository: GitHub Repository