mcp-js-debugger
by johngrimes
Overview
Enables AI assistants to debug JavaScript and TypeScript applications by exposing Chrome DevTools Protocol capabilities.
Installation
npx mcp-js-debuggerSecurity Notes
The server allows connecting to arbitrary WebSocket URLs via `connect_debugger` and fetching source maps from arbitrary URLs. This presents a severe Server-Side Request Forgery (SSRF) vulnerability, allowing an AI to potentially probe or interact with internal network resources from the host running the MCP server. While the evaluation of expressions is an inherent function of a debugger, the uncontrolled network access for connection and resource fetching is a critical flaw. The design document mentions mitigation strategies (URL validation, allowlists), but these are not implemented in the provided source code.
Similar Servers
chrome-devtools-mcp
Control and inspect a live Chrome browser programmatically via an MCP server, enabling AI coding agents to perform reliable automation, in-depth debugging, and performance analysis.
mcp-chrome
Transforms the Chrome browser into an AI-controlled automation tool, enabling large language models to interact with web pages, analyze content, and manage browser functions.
mcp_flutter
Connects Flutter applications with AI coding assistants to enable real-time debugging, UI inspection, and dynamic tool interaction for development workflows.
figma-console-mcp
Provides AI assistants with real-time console access, visual debugging, design system extraction, and design creation capabilities for Figma.