NPM Sentinel MCP
AI-powered real-time analysis of NPM packages: security, dependencies, and quality metrics.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for NPM Sentinel MCP, derived from its capabilities.
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.
Overview
NPM Sentinel gives agents real-time intelligence on NPM packages including vulnerability scanning, dependency analysis, download trends, and maintenance status to inform safer package decisions. It reads public npm registry and advisory data. As a supply-chain analysis tool it is itself a security utility; returned package metadata is external data.
Key features
- Vulnerability scanning
- Dependency analysis
- Download-trend metrics
- Maintenance status checks
Use cases
- Vet npm packages before install
- Audit dependency health