Is ai.mcpcap/mcpcap safe to use?

ai.mcpcap/mcpcap has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install ai.mcpcap/mcpcap?

ai.mcpcap/mcpcap supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can ai.mcpcap/mcpcap do?

ai.mcpcap/mcpcap provides 27 tools: security_analysis, network_troubleshooting, forensic_investigation, dhcp_network_analysis, dhcp_security_analysis and 22 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with ai.mcpcap/mcpcap?

ai.mcpcap/mcpcap is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is ai.mcpcap/mcpcap actively maintained?

ai.mcpcap/mcpcap is actively maintained — last commit was 6 days ago. It has 40 GitHub stars.

ai.mcpcap/mcpcap

@modelcontextprotocol/inspector

An MCP server for analyzing PCAP files.

40 207.8k/wk 27 tools GitHub npm PyPI

No known CVEs

No license

Actively maintained

Last commit 6d ago

Works with most clients

Transport: stdio, sse, http

27 tools · ~944 tok

Grade B · 0.5% of 200K ctx

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcpcap": {
      "args": [],
      "command": "mcpcap"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/ai-mcpcap-mcpcap)](https://mcppedia.org/s/ai-mcpcap-mcpcap)

Read me

What ai.mcpcap/mcpcap does

A modular Python MCP (Model Context Protocol) server for analyzing PCAP files. mcpcap exposes protocol-specific analysis tools that accept a local file path or remote HTTP URL at call time, so the server stays stateless and works cleanly with MCP clients.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/inspector' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

86/100across 5 weighted dimensions

How we score →

0255075100

−14

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

2 fixed

CVE-2025-58444medium · fixedCVSS 4

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server

An XSS flaw exists in the MCP Inspector local development tool when it renders a redirect URL returned by a remote MCP server. If the Inspector connects to an untrusted server, a crafted redirect can inject script into the Inspector context and, via the built-in proxy, be leveraged to trigger arbitrary command execution on the developer machine. Version 0.16.6 hardens URL handling/validation and prevents script execution. > Thank you to the following researchers for their reports and contributi

Affected: >= 0Fixed in 0.16.6source →

CVE-2025-49596medium · fixedCVSS 4

MCP Inspector proxy server lacks authentication between the Inspector client and proxy

Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. Users should immediately upgrade to version 0.14.1 or later to address these vulnerabilities. Credit: Rémy Marot <bughunters@tenable.com>

Affected: >= 0Fixed in 0.14.1source →

Inventory

Tools (27)

Click any tool to inspect its schema.

~944 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is ai.mcpcap/mcpcap safe to use?: ai.mcpcap/mcpcap has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install ai.mcpcap/mcpcap?: ai.mcpcap/mcpcap supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can ai.mcpcap/mcpcap do?: ai.mcpcap/mcpcap provides 27 tools: security_analysis, network_troubleshooting, forensic_investigation, dhcp_network_analysis, dhcp_security_analysis and 22 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with ai.mcpcap/mcpcap?: ai.mcpcap/mcpcap is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is ai.mcpcap/mcpcap actively maintained?: ai.mcpcap/mcpcap is actively maintained — last commit was 6 days ago. It has 40 GitHub stars.

Similar servers

Others in security / developer-tools

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.7k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.7k 1

Supabase MCP Server97

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

Mcp Gitlab96

MCP server for using the GitLab API

1.5k 12

MCP Security Weekly

Get CVE alerts and security updates for ai.mcpcap/mcpcap and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcpcap": {
      "args": [],
      "command": "mcpcap"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/ai-mcpcap-mcpcap)](https://mcppedia.org/s/ai-mcpcap-mcpcap)

Read me

What ai.mcpcap/mcpcap does

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/inspector' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

mcpcap

Overview

mcpcap uses a modular architecture to analyze different network protocols found in PCAP files. Each module provides specialized analysis tools that can be called independently with any PCAP file, making it perfect for integration with Claude Desktop and other MCP clients.

Key Features

Stateless MCP Tools: Each analysis call supplies its own PCAP path or URL
Modular Architecture: DNS, DHCP, ICMP, TCP, SIP, and CapInfos modules with easy extensibility for new protocols
Advanced TCP Analysis: Connection lifecycle, traffic patterns, retransmissions, and flow inspection
Local & Remote PCAP Support: Analyze files from local storage or HTTP URLs
Scapy Integration: Leverages scapy's comprehensive packet parsing capabilities
Specialized Analysis Prompts: Security, networking, and forensic analysis guidance
JSON Responses: Structured data format optimized for LLM consumption

Installation

mcpcap requires Python 3.10 or greater.

Using pip

pip install mcpcap

Using uv

uv add mcpcap

Using uvx (for one-time usage)

uvx mcpcap

Using Docker

Build the image from the repository root:

docker build -t mcpcap .

Run it over HTTP for MCP clients that connect to a network endpoint:

docker run --rm \
  -p 8080:8080 \
  -v "$(pwd)/examples:/pcaps:ro" \
  mcpcap --transport http --host 0.0.0.0 --port 8080

Run it over stdio for clients that can spawn docker run directly:

docker run --rm -i \
  -v "$(pwd)/examples:/pcaps:ro" \
  mcpcap

When you mount local captures into the container, use the container path in tool calls:

analyze_dns_packets("/pcaps/dns.pcap")

Remote http:// and https:// PCAP URLs work without a volume mount because mcpcap downloads them inside the container at call time.

Using Docker Compose

For the default HTTP workflow, start the bundled Compose service:

docker compose up

This pulls ghcr.io/mcpcap/mcpcap:latest, publishes http://127.0.0.1:8080/mcp, and mounts ./examples into the container as /pcaps.

analyze_dns_packets("/pcaps/dns.pcap")

To analyze your own captures, change the volume in docker-compose.yml from ./examples:/pcaps:ro to your local capture directory.

For local development against the checked-out source instead of GHCR:

docker compose -f docker-compose.yml -f docker-compose.dev.yml up --build

Quick Start

1. Start the MCP Server

Start mcpcap as a stateless MCP server:

# Default stdio transport for Claude Desktop and similar clients
mcpcap

# Start with specific modules only
mcpcap --modules dns,tcp

# With packet analysis limits
mcpcap --max-packets 1000

# Start an HTTP transport server for remote MCP clients
mcpcap --transport http --host 127.0.0.1 --port 8080

2. Connect Your MCP Client

Use stdio transport for local MCP clients like Claude Desktop:

{
  "mcpServers": {
    "mcpcap": {
      "command": "mcpcap",
      "args": []
    }
  }
}

Use HTTP transport when your MCP client expects a network endpoint:

mcpcap --transport http --host 127.0.0.1 --port 8080

Point your HTTP-capable MCP client at:

http://127.0.0.1:8080/mcp

Docker users can publish the same endpoint with:

docker run --rm \
  -p 8080:8080 \
  -v "/path/to/captures:/pcaps:ro" \
  mcpcap --transport http --host 0.0.0.0 --port 8080


... [View full README on GitHub](https://github.com/mcpcap/mcpcap#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

86/100across 5 weighted dimensions

How we score →

0255075100

−14

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

2 fixed

CVE-2025-58444medium · fixedCVSS 4

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server

Affected: >= 0Fixed in 0.16.6source →

CVE-2025-49596medium · fixedCVSS 4

MCP Inspector proxy server lacks authentication between the Inspector client and proxy

Affected: >= 0Fixed in 0.14.1source →

Inventory

Tools (27)

Click any tool to inspect its schema.

~944 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is ai.mcpcap/mcpcap safe to use?: ai.mcpcap/mcpcap has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install ai.mcpcap/mcpcap?: ai.mcpcap/mcpcap supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can ai.mcpcap/mcpcap do?: ai.mcpcap/mcpcap provides 27 tools: security_analysis, network_troubleshooting, forensic_investigation, dhcp_network_analysis, dhcp_security_analysis and 22 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with ai.mcpcap/mcpcap?: ai.mcpcap/mcpcap is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is ai.mcpcap/mcpcap actively maintained?: ai.mcpcap/mcpcap is actively maintained — last commit was 6 days ago. It has 40 GitHub stars.