Show HN: Mcpsnoop – MCP 的 Wireshark(透明代理和实时 TUI)
Show HN: Mcpsnoop – Wireshark for MCP (transparent proxy and live TUI)

原始链接: https://github.com/kerlenton/mcpsnoop

**mcpsnoop** 是一款透明代理和终端 UI 工具,专为实时调试模型上下文协议 (MCP) 流量而设计。与作为辅助客户端的官方 MCP Inspector 不同,mcpsnoop 直接位于您的实际 AI 客户端(如 Claude Desktop、Cursor)与服务器之间的数据路径中。 **核心功能:** * **零配置:** 只需使用 `mcpsnoop -- ` 封装您的服务器命令即可。无论启动顺序如何,它都会自动与 TUI 进行配对。 * **实时检查:** 可视化每一个 JSON-RPC 数据帧,包括服务器的标准错误输出(stderr),并提供易读的彩色标记。它能识别挂起的调用和错误,并支持全帧搜索。 * **重放功能:** 可轻松针对服务器的新实例重新运行捕获的工具调用,从而实现快速迭代。 * **深度可见性:** 通过能力检查器查看握手协议,并按状态、工具或方向过滤流。 * **灵活部署:** 可作为标准服务器的本地垫片(shim),或作为基于 HTTP 的 MCP 服务器的反向代理。 mcpsnoop 非常适合排查静默故障或意外的参数传递问题,为您提供了一种无缝的、直观的 MCP 生态系统“管道内”视图。可通过 Go 或 Homebrew 安装:`brew install kerlenton/mcpsnoop/mcpsnoop`。

Hacker News 社区最近讨论了名为“Mcpsnoop”的新工具。该工具由用户 *kerlenton* 开发,被描述为 MCP(模型上下文协议)的“Wireshark”。该项目提供了一个带有实时终端用户界面(TUI)的透明代理,旨在实现对 AI 客户端与 MCP 服务器之间通信的完全可见。 社区对该工具的反应非常积极,用户称赞其填补了 AI 客户端交互可视化方面的空白。讨论帖涵盖了多个技术领域,包括: * **功能需求:** 关于构建基于 Web 的数据浏览界面,以及实现远程或事后调试功能的建议。 * **现有替代方案:** 用户指出构建自定义代理相对简单,另一些人则提到了 Aegis 和 LiteLLM 等现有的审计工具。 * **生态系统:** 讨论帖还强调了不断增长的 MCP 生态系统,包括已经存在集成 MCP 的 Wireshark 版本。 尽管一些评论者对帖子是否存在机器人驱动的互动表示质疑,但普遍共识认为,Mcpsnoop 是开发者在处理 AI 智能体和协议调试时的实用诊断工具。
相关文章

原文

mcpsnoop

Wireshark for MCP. A transparent proxy that shows every real tool call between your AI client and your MCP servers, live in your terminal.

CI Go Reference MIT

demo

The official MCP Inspector connects as its own client. It never sees the traffic between your client (Claude Desktop, Cursor, Claude Code) and your server. A breakpoint in your own server only fires once a request arrives. It can't show you the call the real client never made, or made with arguments you didn't expect. So when a tool silently isn't called, capabilities don't line up, or a call just hangs, you're back to tail-ing a log in /tmp and guessing.

mcpsnoop sits in the real data path instead, so you can debug the actual MCP traffic between your client and server. Wrap your server command with it and watch every JSON-RPC frame in a live terminal UI as your real client and server talk.

Want to see it first, with nothing to set up? Run mcpsnoop demo for a scripted session that plays into the live UI.

To use it for real, wrap your server in your client's MCP config:

Everything after -- is the command that normally launches your server (here, a TypeScript build run with node). Swap in whatever you already use, like python server.py, npx -y @scope/server, or a compiled binary.

Use your client as usual, then open the UI:

No flags, no socket paths, no startup order to remember. The shim and the UI find each other on their own, and the UI backfills past sessions from disk, so it doesn't matter whether you open it before or after your client.

For a streamable-HTTP server, run mcpsnoop as a reverse proxy and point your client at it:

mcpsnoop http --target http://localhost:3000/mcp --listen :7000

No server of your own to test against? docs/DEMO.md walks through pointing Claude at a published test server through mcpsnoop.

  • Live JSON-RPC stream. Requests, responses, notifications and server stderr, colour-coded, with errors and slow calls flagged, including tool-level result.isError, not just JSON-RPC errors.
  • Replay. Re-run any captured tool call against a fresh, isolated copy of the server. The fastest loop for iterating on a tool.
  • Capability inspector (c). See exactly what the client and server agreed on at the handshake.
  • Frame inspector (enter). Full, pretty-printed JSON with in-frame search.
  • Hung-call detection. In-flight requests show PENDING with a live timer, so a stuck tool is obvious at a glance.
  • A real filter query. Narrow the stream with tool:, status:, dir:, kind:, id: or plain text.
MCP Inspector mcp-trace mcpsnoop
Sees your real client↔server traffic no yes yes
Interactive terminal UI no yes yes
Zero-config, no flags or ordering no no yes
Capability inspector partial no yes
Replay a captured call no no yes
Single binary, no runtime deps no varies yes
go install github.com/kerlenton/mcpsnoop/cmd/mcpsnoop@latest

Or with Homebrew:

brew tap kerlenton/mcpsnoop
brew install mcpsnoop

Recent Homebrew gates third-party taps; if it refuses, trust the tap once with brew trust kerlenton/mcpsnoop and re-run the install.

A tap-free brew install mcpsnoop (no tap, no trust) needs Homebrew core, which only accepts projects past a notability bar (stars, forks, watchers). If you'd find that handy, a star on the repo helps it qualify.

Or grab a prebuilt binary for your platform from the Releases page.

mcpsnoop sits in the pipe between your AI client and your MCP servers, copying every JSON-RPC frame to a live terminal UI

The official Inspector connects as a second client, off to the side. mcpsnoop sits in the actual pipe, so it sees exactly what your real client and server say to each other, whatever the server is written in.

It's two roles in one binary: mcpsnoop -- <server> is the transparent shim your client spawns (forwarding bytes verbatim while shipping a copy of each frame), and mcpsnoop with no arguments is the hub and TUI. They pair through a well-known socket and on-disk logs, so neither has to start first.

enter drill in · esc back · r replay · c capabilities · y copy · / filter · : command · p pause · f follow · ctrl-d delete. Move with j/k, page with ctrl-f/ctrl-b, g/G for top and bottom, shift+column to sort. Press ? in the app for the full list.

In a session, press / and combine space-separated tokens (ANDed): plain text matches the method, tool, id and payload, while tool: method: id: kind: dir: status: filter by field. So tool:search status:slow shows slow calls to a search tool, and dir:s2c kind:req surfaces server-initiated requests (sampling, roots). The ? help lists each token and the values it accepts.

mcpsnoop runs the server command you wrap, so only wrap servers you trust and run untrusted ones in a container. It never executes anything you didn't put in your client config.

Issues and pull requests are welcome. See CONTRIBUTING.md for the dev setup and the make check gate. mcpsnoop is pre-1.0 and follows SemVer: while on 0.x, minor releases may change user-facing behaviour, and patch releases are bug fixes.

MIT

联系我们 contact @ memedata.com