npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

cc-mcp-audit

v1.0.1

Published

Governance posture analysis for MCP servers. Extracts tool inventories, classifies sensitivity, detects auth/logging/gate patterns, and surfaces named accountability gaps. Does not detect code-level vulnerabilities -- pair with SAST and dependency scannin

Downloads

48

Readme

cc-mcp-audit

Governance posture analysis for MCP servers. Extracts tool inventories, classifies read/write behavior and sensitivity, detects auth/logging/gate patterns, and surfaces named accountability gaps. Measures enforcement and audit concerns from the XACML/ABAC architecture against MCP server source code.

Does not detect code-level vulnerabilities -- pair with SAST and dependency scanning for deployment decisions.

Install

npx cc-mcp-audit <github-url-or-local-path> --format json

Or install globally:

npm install -g cc-mcp-audit

Usage

# Analyze a single server by GitHub URL
cc-mcp-audit https://github.com/org/mcp-server --format json

# Analyze a local directory
cc-mcp-audit ./path/to/server --format json

# Analyze from a candidates file
cc-mcp-audit -c candidates.json --format json

# Evidence envelope format (XACML-shaped output)
cc-mcp-audit -c candidates.json --format evidence -o evidence.json

# Markdown report
cc-mcp-audit -c candidates.json --format markdown

# With LLM screening for Domain 5 triage hints
cc-mcp-audit https://github.com/org/mcp-server --llm-screen

# Discover MCP server candidates (curated lists + GitHub search)
cc-mcp-audit discover --min-stars 50 -o candidates.json

What It Checks

Two-axis tool classification

Each extracted tool is classified on two orthogonal axes:

  • Read/write (persistent-effect): does calling this tool change persistent state? Validated at kappa=0.940 (LLM vs human).
  • Sensitivity (governance-relevance): does this tool affect confidentiality, integrity, availability, autonomy, or accountability? Validated at kappa=0.833 (deterministic vs human). Boundary-aware keyword matching prevents false positives.

Seven accountability gap patterns

| Pattern | Confidence | What It Means | |---|---|---| | ungated-write | High | Write tools with no confirmation gate co-located | | global-auth-over-sensitive-tools | High/Low | Uniform auth across tools with different sensitivity | | auth-without-actor-logging | High | Auth present but log statements lack principal identifiers | | logging-without-attribution | Medium | Logging present but no principal identifiers and no auth | | destructive-without-audit-trail | High | Irreversible operations (drop, delete, truncate) with no logging | | sensitive-read-without-auth | High | Sensitive data exposed with no authentication | | sensitive-read-without-logging | High | Sensitive data access with no audit trail |

Governance indicators (14 three-valued)

Each indicator is coded Present / Absent / Indeterminate:

  • Enforcement (PEP): authentication, perToolAuth, confirmationGates, stagedExecution, rateLimiting, leastPrivilege, sensitiveReadProtection
  • Audit (NIST 800-162 S5.7): auditLogging, actorAttribution
  • Design: readWriteSeparation, sensitiveCapabilityIsolation
  • Domain 5 (human-only): selfModificationPrevention, subAgentAuthorityConstraints, permissionBoundaryEnforcement

Canonical Discovery

The discover-registry module enumerates MCP servers from three canonical registries:

  • MCP Registry (registry.modelcontextprotocol.io) -- paginated API, 25K+ entries
  • npm -- keyword search for mcp-server packages
  • PyPI -- simple index search for mcp packages

Produces a canonical snapshot with provenance tags, deduplication by repository URL, and transport/ecosystem metadata. The sampler module draws stratified random samples with seeded PRNG for reproducibility.

LLM Verification

The verify module runs per-server LLM verification using Claude Opus:

  1. MCP server confirmation (is this actually an MCP server?)
  2. Supplementary tool extraction (tools the heuristic missed)
  3. Classification validation (read/write rationale with source citations)

Context extraction prioritizes dependency manifests, MCP-importing files, and entry points within a ~30K token budget.

LLM Screening

Optional --llm-screen adds Domain 5 triage hints:

  • Self-modification prevention
  • Sub-agent authority constraints
  • Permission boundary enforcement

Hints are likely-present, likely-absent, or unclear with cited file:line locations. They prioritize human review order -- they are not findings.

Environment

  • GITHUB_TOKEN -- GitHub personal access token for discovery and higher API rate limits
  • ANTHROPIC_API_KEY -- Required for --llm-screen or --llm-verify if Claude Code CLI is not on PATH

Sibling packages and plugins

License

MIT