inspector

Name: inspector
Author: MCPJam

Verified Safe

by MCPJam

View Source

Overview

MCPJam Inspector is a desktop and web application designed for testing, debugging, and managing Model Context Protocol (MCP) servers, serving as a 'Postman for MCP'. It allows users to connect to MCP servers, explore their tools, resources, and prompts, perform API calls, manage OAuth authentication flows, run AI model evaluations, and monitor server-side RPC traffic.

Installation

Run Command

docker-compose up -d --build

Environment Variables

VITE_CONVEX_URL
VITE_WORKOS_CLIENT_ID
CONVEX_HTTP_URL
CONVEX_URL
SENTRY_DSN

Security Notes

The Electron application implements good security practices, such as context isolation and disabling Node.js integration in renderer processes. It carefully manages new window creation, restricting external URLs to the system's default browser and explicitly allowing only internal OAuth authorization popups. The backend Hono server acts as a proxy for external OAuth and widget content. While OAuth proxying is common for desktop applications to bypass CORS, it's critical that the underlying MCP SDK and client-side logic rigorously validate target URLs to prevent Server-Side Request Forgery (SSRF) vulnerabilities. The inclusion of an ngrok-based tunnel feature, while providing functionality to expose local services, inherently increases the attack surface, though it integrates with WorkOS authentication to manage access.

Similar Servers

mcp-interviewer

130

A Python CLI tool designed to evaluate, test, and generate reports on Model Context Protocol (MCP) servers to ensure compatibility and quality for LLM agent use cases.

Coding Agents

$Medium

mcp-shark

Aggregate multiple Model Context Protocol (MCP) servers into a single unified interface with a powerful monitoring UI, enabling real-time traffic capture, logging, and AI-powered security analysis.

Analytics

$Low