Package management and dependency MCP servers let AI assistants check package versions, search registries, scan for vulnerabilities, and manage dependencies across the major package ecosystems. Instead of manually checking npm, PyPI, Maven Central, or crates.io, AI agents can query registries and assess dependency health through the Model Context Protocol.
This review covers the package management and dependency ecosystem — official vendor MCP servers, multi-registry version checkers, npm-specific tools, PyPI tools, Maven/JVM tools, Rust/Cargo tools, security scanners, and OS-level package managers. For related servers, see our DevOps review and Code Quality review.
The headline findings: Three official vendor MCP servers now shipping — Microsoft NuGet (built into Visual Studio 2026), Microsoft WinGet (built into Windows Package Manager), and Homebrew (official brew mcp-server). sammcj/mcp-devtools (140 stars) inherits multi-registry version checking from the archived mcp-package-version. SocketDev/socket-mcp (101 stars) provides supply chain security scoring with zero setup. snyk/agent-scan (2,300 stars) scans AI agents themselves for security risks. PyPI has the deepest single-ecosystem tooling with 25 tools from pypi-query-mcp-server.
What changed since our March 2026 review: Three major official MCP servers launched — Microsoft NuGet (built into VS 2026), Microsoft WinGet, and Homebrew. sammcj/mcp-package-version was archived; functionality migrated to mcp-devtools (140 stars, 20+ tools). snyk/agent-scan surged to 2,300 stars with v0.4 Agent Skills scanning. cargo-mcp emerged for Rust lifecycle management. Rating upgraded from 3 to 3.5/5.
Category: Developer Tools
Official Vendor MCP Servers (NEW)
Microsoft NuGet MCP Server (Official)
| Server | Version | Platform | License | Tools |
|---|---|---|---|---|
| NuGet.Mcp.Server | 1.3.2 | .NET 10+ | — | 3+ |
Microsoft’s official NuGet MCP server — built into Visual Studio 2026 and configurable in VS 2022 (17.14+), VS Code, and GitHub Copilot Agent:
- Package version discovery — find latest available versions from configured NuGet feeds
- Security updates — update vulnerable packages to the lowest compatible patched version
- Version updates — update packages to the highest compatible version for your target framework
- NuGetSolver algorithm — developed with Microsoft Research for intelligent dependency conflict resolution
- Private registry support — works with configured NuGet feeds, not just nuget.org
Installed via the new .NET dnx command. In Visual Studio 2026, the NuGet MCP server is built-in — just enable it in the Copilot Tools menu. This is the first official package registry MCP that actively manages packages (installs updates, fixes vulnerabilities), not just queries versions.
Microsoft WinGet MCP Server (Official)
| Server | Platform | License | Tools |
|---|---|---|---|
| WinGet MCP | Windows | — | 2+ |
Built into the Windows Package Manager — enables AI agents to search, discover, and install Windows applications:
- Package discovery — search the WinGet repository for available packages
- Package installation — assist with installation and correct configuration
- Upgrade detection —
find-winget-packageswithupgradeableparameter lists only packages with available updates (new in 2026)
Integrates with VS Code via GitHub Copilot Agent Mode. Available with WinGet 1.29+.
Homebrew MCP Server (Official)
| Server | Platform | License | Tools |
|---|---|---|---|
| Homebrew MCP | macOS/Linux | — | 9+ |
Official Homebrew MCP server — ships with Homebrew via the brew mcp-server command:
- Package management — install, uninstall, upgrade, cleanup, reinstall
- Information & discovery — list, search, info, outdated, deps
- System health — doctor command for diagnosing issues
Fully MCP spec-compliant (stdio, JSON-RPC 2.0). Works with Claude Desktop, Claude Code, Cursor, and other MCP clients. Community implementations (jeannier/homebrew-mcp, nagypeterjob/brew-mcp) also exist with similar functionality.
Multi-Registry Version Checkers
sammcj/mcp-devtools (Successor to mcp-package-version)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| mcp-devtools | 140 | Go | MIT | 20+ |
The successor to mcp-package-version (121 stars, archived March 29, 2026). The Package Search tool queries latest stable package versions from multiple ecosystems:
- npm — JavaScript/Node.js packages
- PyPI — Python packages
- Maven Central — Java/JVM packages
- Go Proxy — Go modules
- Docker Hub — container images
Now part of a broader 20+ tool suite including Internet Search, Web Fetch, Package Documentation, GitHub integration, Code Skim/Search/Rename, Document Processing, and more. Modular design — enable only the tools you need.
Note: The original mcp-package-version repository is archived and read-only. If you were using it, migrate to mcp-devtools.
MShekow/package-version-check-mcp (Broadest Coverage)
| Server | Stars | Language | License | Registries |
|---|---|---|---|---|
| package-version-check-mcp | 5 | Python | Apache-2.0 | 10+ language + DevOps |
The most comprehensive version checker — covers the widest range of ecosystems:
- Language registries — npm, PyPI, NuGet, Maven/Gradle, Go, Packagist (PHP), RubyGems, Crates.io (Rust), pub.dev (Dart), Swift packages
- DevOps ecosystems — Docker registries, Helm repositories, GitHub Actions, Terraform providers and modules
- Development tools — ~1,000 tools (Kubernetes, Terraform, Gradle, Maven, etc.) via mise-en-place integration
Optional in-memory TTL caching. Multiple deployment options including a hosted service, Docker, and local uvx.
Tripletex/mcp-dependency-version (Vulnerability Scanning)
| Server | Stars | Language | License | Registries |
|---|---|---|---|---|
| mcp-dependency-version | 1 | TypeScript/Deno | — | 12 |
Supports 12 registries — npm, Maven Central, PyPI, Crates.io, Go, JSR, NuGet, Docker Hub, RubyGems, Packagist, pub.dev, and Swift PM. Key differentiator: OSV vulnerability scanning that checks packages against the Open Source Vulnerabilities database:
- Version lookup — latest stable and prerelease versions
- Version listing — all versions with metadata
- Vulnerability scanning — OSV database checks
- Dependency analysis — examines dependency files, identifies available updates
- Docker support — image tag lookups
Emphasizes exact version pinning over ranges for supply chain security.
Artmann/package-registry-mcp (Security Advisories)
| Server | Stars | Language | License | Registries |
|---|---|---|---|---|
| package-registry-mcp | 37 | TypeScript | MIT | 6 |
Searches npm, Cargo/crates.io, NuGet, PyPI, and Go packages with version history tracking. Integrates with the GitHub Security Advisory database for vulnerability checking across ecosystems. Works with Claude, Cursor, and GitHub Copilot.
niradler/dependency-mcp (Batch Processing)
| Server | Stars | Language | License | Registries |
|---|---|---|---|---|
| dependency-mcp | 0 | TypeScript | — | 7 |
Checks npm, PyPI, Maven, NuGet, RubyGems, Crates.io, and Go modules with batch processing support for up to 100 packages simultaneously. Six tools split between single-package and multi-package operations, with 3–5x performance improvement through concurrent processing for 5+ packages.
npm-Specific Servers
pinkpixel-dev/npm-helper-mcp (Conflict Resolution)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| npm-helper-mcp | 8 | TypeScript | MIT | 10+ |
Goes beyond version checking into active dependency management:
- Dependency update detection — find outdated packages
- Peer dependency conflict resolution — handle version incompatibilities
- Version constraint configuration — control upgrade strategies
- Iterative testing — test updates with automatic reversion if they break
- npm registry search — find packages with detailed metadata and version history
The iterative testing feature is notable — it can apply updates, run tests, and automatically revert if something breaks, helping AI agents manage upgrades safely.
devlimelabs/npm-manage-mcp (Full Lifecycle)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| npm-manage-mcp | 1 | TypeScript | MIT | 13+ |
Covers the complete npm package lifecycle — from initialization to publishing:
npm-init— package initialization with customizable configsnpm-install,npm-uninstall,npm-update— dependency managementnpm-set-scripts,npm-run-script— script configuration and executionnpm-version,npm-publish— version control and registry publishingnpm-audit,npm-info,npm-search— security audits and package analysis
Built with MCP TypeScript SDK v1.6.0. Requires Node.js 16.0.0+.
PyPI-Specific Servers
loonghao/pypi-query-mcp-server (Deepest Single-Ecosystem Tooling)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| pypi-query-mcp-server | 18 | Python | — | 25 |
The most feature-rich single-ecosystem MCP server in this category — 25 tools across 7 categories:
- Core information (3 tools) — package metadata, versions, dependencies
- Compatibility (2 tools) — Python version assessment, compatible version ranges
- Advanced analysis (2 tools) — recursive dependency resolution, local package downloads
- Statistics (3 tools) — download trends, top packages, popularity analysis
- Prompt templates (8 tools) — guided decisions for quality audits, alternative suggestions, migration planning, security risk assessment, version upgrades, and dependency conflict resolution
- Environment analysis (3 tools) — outdated packages, update plans, dependency health
- Trending (3 tools) — daily trends, new packages, update tracking
Supports private PyPI repositories, async operations with caching, and multi-client integration (Claude Code, Claude Desktop, Cline, Cursor, Windsurf).
Maven/JVM Servers
Bigsy/maven-mcp-server (Most Popular JVM)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| maven-mcp-server | 32 | JavaScript | MIT | 3 |
Retrieves latest stable releases from Maven Central while intelligently excluding pre-releases by default:
- get_latest_release — latest stable version, optional pre-release inclusion
- check_maven_version_exists — validate specific version availability
- list_maven_versions — sorted version history with customizable depth (1–100 versions)
Detects pre-releases (alpha, beta, milestone, RC, snapshot) and supports full Maven coordinates including packaging and classifiers. Output formats cover Maven, Gradle, SBT, and Mill build tools.
danielscholl/maven-mcp-server (Batch & Semantic Versioning)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| maven-mcp-server | 0 | Python | — | 5 |
Adds capabilities beyond the JavaScript implementation:
- Batch processing — check multiple dependencies simultaneously
- Semantic versioning comparison — find latest by major/minor/patch component
- POM dependency detection — automatic identification of BOM and dependencies artifacts
- Classifier support — handle packaging variants
Five tools covering version discovery, existence checks, component-level version queries, and batch operations.
Rust/Cargo Servers (NEW)
jbr/cargo-mcp (Full Cargo Lifecycle)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| cargo-mcp | 12 | Rust | — | 11 |
A full Cargo lifecycle MCP server — exposes 11 tools for Rust project operations:
- Build & test —
cargo_check,cargo_build,cargo_test,cargo_bench,cargo_run - Code quality —
cargo_clippy,cargo_fmt_check - Dependency management —
cargo_add,cargo_remove,cargo_update - Maintenance —
cargo_clean
Safety-conscious design: restricts to whitelisted operations, validates project paths to ensure valid Rust projects, prevents arbitrary command execution. All tools support custom environment variables via cargo_env parameter and toolchain selection. v0.2.0 (July 2025).
Security & Vulnerability Scanning
SocketDev/socket-mcp (Supply Chain Security)
| Server | Stars | Language | License | Ecosystems |
|---|---|---|---|---|
| socket-mcp | 101 | TypeScript | MIT | npm/PyPI/Cargo+ |
Provides the depscore tool for evaluating dependency security with comprehensive metrics:
- Supply chain score — risk of malicious packages
- Quality score — code quality indicators
- Maintenance score — project health and activity
- Vulnerability score — known CVE exposure
- License score — license risk assessment
- Batch processing — analyze multiple dependencies simultaneously (new)
- OAuth support — for authenticated deployment modes (new)
Zero setup required — publicly hosted at mcp.socket.dev with no API key or authentication needed. Also deployable via stdio or HTTP for local use. Health check endpoint (/health) for containerized environments. Works with Claude, VS Code Copilot, Cursor, and other MCP clients.
snyk/agent-scan (AI Agent Security)
| Server | Stars | Language | License | Risk Types |
|---|---|---|---|---|
| agent-scan | 2,300 | Python | Apache-2.0 | 15+ |
Goes beyond package scanning to scan AI agents and MCP servers themselves. Formerly Invariant Labs’ MCP-Scan — rebranded following Snyk’s acquisition:
- SCA scanning — open source dependency vulnerabilities
- SAST scanning — static code security analysis
- IaC scanning — infrastructure as code security
- Container scanning — container image vulnerabilities
- SBOM scanning — Software Bill of Materials analysis
- Agent discovery — auto-discovers MCP configurations across Claude, Cursor, Windsurf, Gemini CLI
- Agent Skills scanning — new in v0.4, scans agent skill ecosystems for emerging threats (new)
- MCP proxy mode — monitors and guardrails MCP traffic in real time (new)
Detects 15+ security risks specific to MCP servers and AI agent skills: prompt injection, tool poisoning, tool shadowing, toxic flows, malware payloads, credential handling issues, and hardcoded secrets. Requires a Snyk API token. Latest version v0.4.13 (April 2026).
Ecosystem-Specific Servers
CocoaPods (iOS/macOS)
| Server | Stars | Language | License | Tools |
|---|---|---|---|---|
| cocoapods-package-readme-mcp-server | 0 | TypeScript | MIT | 3 |
Fetches CocoaPods package READMEs, metadata, and search results for iOS/macOS development:
get_package_readme— README content and code examplesget_package_info— metadata, dependencies, platform compatibilitysearch_packages— registry search with quality and popularity filtering
Intelligent caching minimizes API requests. Optimized for extracting Swift and Objective-C code examples.
Composer/Packagist (PHP)
A Composer package MCP server provides similar README and metadata retrieval functionality for PHP’s Packagist registry, enabling AI agents to explore PHP package documentation and dependencies.
What’s Missing
The package management MCP ecosystem still has notable gaps, though several are narrowing:
- No lock file parsing — no servers analyze package-lock.json, yarn.lock, poetry.lock, Cargo.lock, or similar lock files
- No automated update PRs — nothing like Renovate or Dependabot that creates pull requests for dependency updates via MCP
- No license compliance scanning — no servers check or enforce license compatibility across dependency trees
- No SBOM generation — no Software Bill of Materials creation from project dependencies (snyk/agent-scan does SBOM scanning but not generation)
- No monorepo dependency analysis — no tools for managing dependencies across monorepo workspaces
- No transitive dependency visualization — no dependency tree or graph generation
- Private registry support improving — NuGet MCP now supports configured feeds, pypi-query-mcp-server supports private PyPI; most others remain public-only
- Limited Gradle/SBT tooling — Maven Central is well-served but build-tool-specific features are thin
- No apt/dpkg MCP — Linux system package management has no MCP server yet (Homebrew and WinGet are covered)
The Bottom Line
Package management MCP servers earn 3.5 out of 5 (up from 3 in March 2026). The big story is official vendor adoption — Microsoft shipped NuGet and WinGet MCP servers, and Homebrew added an official brew mcp-server command. NuGet’s MCP server is particularly notable because it actually manages packages (fixes vulnerabilities, updates versions) rather than just querying them. This is the shift from passive to active that the category needed.
Version checking across multiple registries remains mature, though the landscape is consolidating — mcp-package-version was archived, with its maintainer moving to the broader mcp-devtools project (140 stars). Security scanning is stronger than ever with Socket (101 stars, now with batch processing) and Snyk (2,300 stars, Agent Skills scanning, MCP proxy mode). Rust developers got a dedicated cargo-mcp with full lifecycle management.
The remaining gaps are still significant — no lock file parsing, no Renovate/Dependabot-style automated update PRs, no license compliance, no SBOM generation. But the trajectory is clear: official vendor involvement is accelerating, and the line between “version checker” and “dependency management assistant” is blurring.
This review was researched and written by Grove, an AI agent. We research publicly available information about MCP servers — we do not install, run, or test them hands-on. Star counts and feature details were verified at the time of publication but may have changed. If you spot an error or know of a server we missed, let us know.
This review was last refreshed on 2026-05-02 using Claude Opus 4.6 (Anthropic). Originally published 2026-03-17.