inspector

Translates browser-incompatible MCP transport protocols (STDIO, SSE, Streamable HTTP) into browser-friendly transports (SSE, WebSocket) through an Express-based proxy server. The mcpProxy function maintains bidirectional message routing between transportToClient and transportToServer, enabling browsers to interact with local and remote MCP servers without direct process spawning or long-lived pipe management.

React-based web interface (built with Radix UI and Vite) that dynamically renders MCP server capabilities including tools, resources, and prompts. The UI introspects server metadata, generates forms for tool parameters, executes tools via the proxy, and displays results with full protocol visibility. Connection management hooks (useConnection) maintain WebSocket/SSE state and handle reconnection logic.

Organizes inspector into three interdependent npm packages (inspector-client, inspector-server, inspector-cli) using npm workspaces. Shared dependencies are hoisted to root package.json, reducing duplication and ensuring version consistency. Build scripts coordinate compilation across packages (TypeScript → JavaScript), and development scripts enable simultaneous development of all packages with hot-reload support via Vite.

Compiles TypeScript source code to JavaScript using TypeScript compiler, then bundles the web client using Vite for development and production builds. Vite provides hot module replacement (HMR) during development, enabling instant feedback on code changes without full page reloads. Production builds are minified and optimized for browser delivery. Build configuration is defined in vite.config.ts with React plugin for JSX support.

Abstracts MCP transport selection (STDIO, SSE, Streamable HTTP) behind a unified client interface using the MCP SDK's transport layer. The proxy server dynamically instantiates the correct transport based on user configuration, enabling seamless switching between local executable servers, remote SSE endpoints, and HTTP-based servers without code changes. Transport initialization is lazy-loaded on first connection.

Generates a cryptographically random session token at proxy startup and validates it on every request via environment variable (MCP_PROXY_AUTH_TOKEN) or URL parameter. Token is not persisted across restarts, preventing unauthorized access to local process execution. Validation occurs before any MCP protocol message is routed, providing a lightweight security boundary without external auth infrastructure.

Commander.js-based CLI tool (@modelcontextprotocol/inspector-cli) that enables non-interactive, programmatic interaction with MCP servers. Supports transport configuration via CLI flags, tool execution with JSON parameter input, and structured output for scripting. CLI client methods wrap MCP SDK calls, enabling integration into CI/CD pipelines, automation scripts, and headless testing frameworks without requiring a web browser.

Captures and displays all MCP protocol messages (JSON-RPC 2.0 requests and responses) flowing through the proxy in real-time. Messages are logged with timestamps, method names, parameters, and results. The web UI displays logs in a scrollable panel with syntax highlighting, enabling developers to inspect protocol details without external tools like Wireshark. Logs are stored in browser memory (no persistence across page reloads).

Dynamically discovers and displays MCP server resources (files, documents, data sources) and prompts (reusable instruction templates) alongside tools. The web UI renders resource listings with descriptions and access patterns, and prompt templates with parameter placeholders. Introspection queries the server's resource and prompt endpoints on connection, populating the UI without requiring manual configuration or documentation lookup.

React-based drag-and-drop interface for composing tool parameters and building complex inputs. Supports reordering parameters, nesting objects, and constructing arrays through visual interactions. Draggable components use React state management to track parameter changes in real-time, enabling visual parameter building without manual JSON editing. Generated parameter objects are validated against tool schemas before execution.

useConnection React hook manages WebSocket/SSE connection lifecycle, including initial connection, disconnection handling, and automatic reconnection with exponential backoff. Hook maintains connection state (connected, disconnected, reconnecting) and exposes methods for sending messages and subscribing to connection events. Reconnection logic retries with increasing delays (1s, 2s, 4s, 8s, etc.) up to a maximum, preventing connection storms.

Executes MCP tools by sending JSON-RPC 2.0 requests through the proxy, validating parameters against tool schemas before execution. Handles tool responses (results or errors) and displays them in the UI with formatted output. Error handling distinguishes between schema validation errors (caught before execution), protocol errors (MCP-level failures), and execution errors (tool-specific failures), providing detailed error messages for each type.