npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@mpurdon/mcp-mongodb

v0.1.0

Published

Local stdio MCP server for MongoDB with multi-environment support and production write protection.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mdjpurdonmdjpurdon

Keywords

mcpmodel-context-protocolmongodbclaude

Readme

@mpurdon/mcp-mongodb

A local stdio MCP server that lets Claude query and manage MongoDB across dev / stg / prd environments, with a safety gate on write operations in production.

  • Three named environments selectable at runtime (switch_environment)
  • Read tools (find, aggregate, count, list_*) work in every environment
  • Write tools (insert_*, update_*, delete_*) require confirmed: true when the active environment is prd
  • drop_collection requires confirmed: true in every environment
  • Connection strings are never returned over the wire — only hostnames

Install

npx -y @mpurdon/mcp-mongodb   # downloads & runs the latest published build

No global install needed — the host (Claude Desktop / Cowork / Code) runs it via npx per session. The fastest way to register it is the monorepo configurator:

npx @mpurdon/mcp-servers configure

…or configure it manually with the steps below.

Setup

1. Create the config file

The server reads ~/.mongodb-mcp/config.json. Create it with your real connection strings:

mkdir -p ~/.mongodb-mcp
cat > ~/.mongodb-mcp/config.json <<'EOF'
{
  "defaultEnvironment": "dev",
  "environments": {
    "dev": { "connectionString": "mongodb://localhost:27017", "name": "Development" },
    "stg": { "connectionString": "mongodb://user:pass@staging-host:27017/?authSource=admin", "name": "Staging" },
    "prd": { "connectionString": "mongodb://user:pass@prod-host:27017/?authSource=admin", "name": "Production" }
  }
}
EOF
chmod 600 ~/.mongodb-mcp/config.json

The file contains credentials. chmod 600 ensures only your user can read it.

2. Register with your Claude host

Add this to your host's MCP config (or let npx @mpurdon/mcp-servers configure do it):

{
  "mcpServers": {
    "mongodb": {
      "command": "npx",
      "args": ["-y", "@mpurdon/mcp-mongodb"],
      "env": {}
    }
  }
}

Config file location per host:

  • Claude Desktop~/Library/Application Support/Claude/claude_desktop_config.json (macOS)
  • Claude Code~/.claude.json (user) or a project .mcp.json
  • Claude Cowork — the workspace's .mcp.json

Restart the host.

3. Verify

Ask: "What MongoDB environment am I connected to?" — Claude should call current_environment and return the active env, display name, host, and whether writes are restricted.

Tool reference

Environment

| Tool | Description | | ------------------------- | -------------------------------------------------------------- | | switch_environment(env) | Reconnect to dev, stg, or prd. | | current_environment() | Return active env, display name, host, write-restriction flag. |

Read (unrestricted)

| Tool | Description | | ----------------------------------------------------------------- | ------------------------------------------ | | list_databases() | List all databases. | | list_collections(database) | List collections in a db. | | find(database, collection, filter?, projection?, limit?, sort?) | Query docs. Default limit=20, max 500. | | aggregate(database, collection, pipeline) | Run a pipeline. Capped at 500 results. | | count(database, collection, filter?) | Count matching docs. |

Write (require confirmed: true in prd)

  • insert_one(database, collection, document)
  • insert_many(database, collection, documents)
  • update_one(database, collection, filter, update, upsert?)
  • update_many(database, collection, filter, update)
  • delete_one(database, collection, filter)
  • delete_many(database, collection, filter)

When called in prd without confirmed: true, the server returns a structured confirmationRequired payload describing the planned execution. Re-invoke the same tool with confirmed: true to actually run it.

Always-confirm

  • drop_collection(database, collection) — requires confirmed: true in every environment.

Security notes

  • No credentials in responses. Status responses include only the host (host:port), never the username/password or full URI.
  • Config file permissions. Use chmod 600 ~/.mongodb-mcp/config.json.
  • Stdio only. No TCP socket is opened; the server only accepts MCP traffic from its stdin (Claude Desktop spawns it per session).
  • Input validation. All tool parameters are validated with Zod before any MongoDB call.
  • Production gate. Writes in prd are rejected unless the caller explicitly opts in with confirmed: true. drop_collection is gated in every environment.

Development

From the monorepo root:

pnpm --filter @mpurdon/mcp-mongodb dev        # run from source (tsx)
pnpm --filter @mpurdon/mcp-mongodb typecheck  # type-check only
pnpm --filter @mpurdon/mcp-mongodb build      # build to dist/

Project layout

src/
  index.ts            # server entry — loads config, wires transport
  config.ts           # config schema + safe host extraction
  connection.ts       # singleton MongoClient manager
  tools/
    environment.ts    # switch_environment, current_environment
    read.ts           # list_databases, list_collections, find, aggregate, count
    write.ts          # insert/update/delete/drop with prod confirmation guard