Checking npm Package Health Before Adding Dependencies with Codex
Every npm install adds a dependency you’ll maintain for the life of your project. Download trends, release frequency, and maintainer count are useful signals — but Codex doesn’t have access to npm’s registry data in real time. AgentPatch’s npm-package-stats tool gives it that access.
Why This Matters
A package with millions of weekly downloads and regular releases is a different story than one with a single maintainer who last published two years ago. Both might solve your immediate problem, but only one is likely to keep working when Node.js ships a new major version.
Developers usually check npmjs.com manually, but if you’re already in a Codex session making dependency decisions, it’s more efficient to let the agent pull the data directly. npm-package-stats returns weekly and monthly download counts, the latest version, publish date, license, and maintainer list for any package on the registry.
Setup
The AgentPatch CLI is designed for AI agents to use via shell access. Install it, and your agent can discover and invoke any tool on the marketplace.
Install (zero dependencies, Python 3.10+):
pip install agentpatchSet your API key:
export AGENTPATCH_API_KEY=your_api_keyExample commands your agent will use:
ap search "web search"
ap run google-search --input '{"query": "test"}'Get your API key from the AgentPatch dashboard.
Add AgentPatch to ~/.codex/config.toml:
[mcp_servers.agentpatch]
url = "https://agentpatch.ai/mcp"
bearer_token_env_var = "AGENTPATCH_API_KEY"Then set your API key:
export AGENTPATCH_API_KEY=your_api_keyReplace your_api_key with your actual key from the AgentPatch dashboard. Codex discovers all AgentPatch tools automatically on next start.
Example
You need a date manipulation library and you’ve narrowed it down to date-fns and dayjs:
“Check the npm stats for date-fns and dayjs. Which one has more adoption and who maintains them?”
Codex fetches stats for both:
Fetching npm stats for date-fns...
Fetching npm stats for dayjs...
date-fns:
- Weekly downloads: 28.4M
- Latest version: 4.1.0 (published 3 weeks ago)
- License: MIT
- Maintainers: 3 (kossnocorp, leshakoss, fturber)
dayjs:
- Weekly downloads: 22.1M
- Latest version: 1.11.13 (published 2 months ago)
- License: MIT
- Maintainers: 1 (iamkun)
Both have strong adoption. date-fns has higher downloads, multiple maintainers, and
a more recent release. dayjs is lighter-weight (2KB) but relies on a single maintainer.
If bus-factor risk concerns you, date-fns is safer. If bundle size is your primary
constraint, dayjs is hard to beat.You get a clear picture without tabbing to a browser. Codex used real registry data to surface the tradeoff that actually matters for your decision.
Wrapping Up
Connecting AgentPatch to Codex lets it check npm package health in real time during any session. The same connection opens up every other tool on the marketplace — GitHub stats, search, email, and more. See what’s available at agentpatch.ai.