inspector
by mohamedsalahnassar
Overview
The MCP Inspector serves as a client UI for interacting with and debugging Model Context Protocol (MCP) servers, allowing users to visualize resources, prompts, tools, and monitor API traffic, notifications, and manage OAuth authentication flows.
Installation
npm startEnvironment Variables
- HOST
- CLIENT_PORT
- SERVER_PORT
- DANGEROUSLY_OMIT_AUTH
- ALLOWED_ORIGINS
Security Notes
The server component (Inspector Proxy) allows arbitrary command execution via the 'stdio' transport type if query parameters `command` and `args` are controlled by an untrusted client. The `shell-quote` library is used to parse arguments, which is generally robust, but executing user-controlled strings via `spawn` without strict whitelisting of commands or rigorous sanitization represents a critical remote code execution vulnerability if the proxy is exposed to untrusted networks or users. Session token authentication for the proxy improves security, but the underlying `stdio` transport design carries inherent risk.
Similar Servers
inspector
Inspect, debug, and interact with Model Context Protocol (MCP) servers, including OAuth authentication flows, resource management, and tool execution.
octocode
Octocode is an intelligent code indexer, semantic search engine, and knowledge graph builder that provides AI-powered assistance for developers.
X96Dbg-MCP-Server-Plugin
Provides a JSON-RPC bridge for x32dbg/x64dbg, allowing external automations to inspect and control a debugged process without direct UI interaction.
mcp_tools_server
An MCP server that empowers an LLM to act as a comprehensive, multi-platform AI assistant capable of managing files, system processes, web browsing, personal organization, and media control on a local device.