mcpinspect
Verified Safeby MatMercer
Overview
A CLI tool to inspect MCP (Model Context Protocol) servers configured for Claude Code.
Installation
mcpinspectSecurity Notes
The `stdio` server type executes arbitrary commands and arguments directly from the `.claude.json` configuration file via `exec.CommandContext`. If the config file is compromised or contains malicious entries (e.g., a `stdio` server with `command: "rm", args: ["-rf", "/"]`), running `mcpinspect <server-name>` for such a server could lead to arbitrary code execution. The tool correctly uses the macOS keychain for OAuth tokens instead of hardcoding, which is a good security practice. However, the direct execution of user-defined commands for `stdio` servers presents a significant risk if the user's configuration file is not implicitly trusted.
Similar Servers
aderyn
A powerful Solidity static analyzer that provides structured access to smart contract code, ASTs, and analysis results via a Model Context Protocol (MCP) server or Language Server Protocol (LSP), primarily intended for AI agents or advanced tooling.
enrichmcp
A Python framework for building semantic APIs for AI agents, allowing them to discover, understand, and navigate structured data models via the Model Context Protocol.
graphlit-mcp-server
The Model Context Protocol (MCP) Server integrates with the Graphlit Platform to provide an LLM-enabled knowledge API, enabling ingestion, search, retrieval, RAG, and publishing of content from various data connectors for MCP clients.
thought-chain-mcp
Transforms any AI model into an advanced reasoning engine by providing structured, persistent step-by-step thinking capabilities and allowing recall of past thought processes.