mcpsnoop Proxies MCP Traffic to Reveal Live Tool Calls
Developer kerlenton has publicly released mcpsnoop, a transparent proxy and terminal interface engineered to debug Model Context Protocol traffic. Functioning as a specialized network analyzer for MCP, the tool addresses a critical visibility gap in modern AI application development. Existing debugging utilities, including the official MCP Inspector, operate as secondary clients and cannot observe live communication between primary AI workspaces like Claude Desktop or Cursor and their backend MCP servers. mcpsnoop resolves this architectural blind spot by intercepting the actual data path, capturing every JSON-RPC frame exchanged between clients and servers in real time. The architecture operates as a dual-role binary. When invoked as a wrapper around a server command, it acts as a transparent shim that forwards traffic verbatim while logging each frame to a local socket and disk. Running the binary without arguments launches a synchronized terminal user interface that automatically pairs with the shim. This zero-configuration approach eliminates manual socket routing and startup sequencing, with the interface capable of reconstructing historical sessions from local storage regardless of launch order. Key capabilities center on live traffic analysis and iterative debugging. The terminal interface renders requests, responses, notifications, and server standard error with syntax highlighting, while automatically flagging tool-level errors and performance bottlenecks. Users can isolate stuck operations using a built-in hung-call detector that displays live timers for pending requests. Advanced workflows benefit from a filter query engine that supports boolean combinations and field-specific targeting. Additional utilities include a capability inspector that visualizes client-server handshake agreements and a replay function that executes captured tool calls against fresh, isolated server instances. Installation is distributed via Homebrew and precompiled platform binaries. The project operates as a single static binary with no external runtime dependencies. Security considerations emphasize that the proxy executes the wrapped server command directly, requiring developers to restrict its use to trusted local processes and containerize unverified tools. The repository follows semantic versioning, currently operating under a pre-release 0.x framework where minor updates may introduce behavioral changes. Licensed under MIT, mcpsnoop provides an open-source solution that significantly enhances transparency and accelerates iterative development for MCP server creators.
